Multi-Factor Authentication – The New Frontier Of Virtual Security: Here’s Why
Hardly a day goes by where there’s not a report of a data breach, or someone’s personal information getting stolen. Despite many of our best efforts, data breaches are still a very real, very BIG problem. In 2017, 2 billion files were leaked as a result of data breaches and those are just the ones that were reported.
As you’re reading this you can be sure that hackers worldwide are continuing to look for ways to compromise valid credentials in order to access company networks and steal data. Ask most IT experts and you’ll hear the term Two-factor authentication (2FA). Unfortunately, 2FA is no longer a viable solution. There’s no way to accurately verify a person’s identity or gate access control to a device or computer. 2FA has become so obsolete and outdated, that according to a new article by Tech Crunch, the National Institute of Standards and Technology (NIST) has called for the end of SMS two-factor authentication because of all the security holes in cellular/LTE data communications.
So, what now? We know that pins and passwords are obsolete and with 2FA off the table, what do security experts recommend for virtual security?
Luckily there’s an answer. Current regulations like those set forth by the PCI Data Security Standard (PCI DSS) requires multi-factor authentication (MFA) to be implemented to access computers and systems that process payment transactions. What is MFA you might ask? MFA is currently the highest level of authentication in the market today. It provides a higher degree of identity assurance of individuals attempting to access resources such as personal devices, internet accessed accounts, or corporate workstations. MFA is when you select two from the following categories: something you are with something you know, or something you have, to defeat unauthorized users from gaining access into a system or device.
Most industries and regulatory bodies worldwide are moving towards the use of MFA for virtual security because it’s effective at authenticating and validating credentials. Switching to MFA is fairly simple. Since something you are is always a biometric, start here, but you need to look at the use case. If you are trying to get into a building use a physical biometric like fingerprints. If you are trying to gate access to a computer or Internet accounts choose a behavioral based biometric. With these biometrics, you really only have three options, gait (how you walk), keystroke (looks at the typing rhythm) and signature/gesture biometrics.
Gait is not suited for remote access and typing is limited by too many false positives, its limits on speed to complete, and use confined to certain devices only. Signature /gesture biometrics is the market leader and BioSig-ID is the only one with several issued patents and worldwide use. It requires no additional hardware or software downloads. It also comes with a robust forensic reporting tool that catches un-approved access and fraud. With nearly 12M uses in 95 countries, it has been rated top 10 MFA solution provider in 2018. You can try out the software and make your own biometric password at https://biosig-id.com.