Use of multi-factor authentication (MFA) is on the rise due to an increasing number of cybersecurity attacks, evolving work-from-home policies during the pandemic and new authentication standards. A security enhancement that verifies a user's identity by requiring two or more pieces of evidence when logging into or accessing an account, MFA was the top security technology to be adopted due to COVID-19.
How Multi-Factor Authentication Works
MFA creates a layered defense and make it more difficult for an unauthorized person to access a target, whether it be a physical location, device, network or database. By requiring two or more forms of identity verification—for example, a personal identification number (PIN) and a one-time password—before logging in, it adds another barrier an attacker must breach before gaining access to sensitive systems.
Why Multi-Factor Authentication Is Important
MFA authentication helps ensure that the people logging into a system or device are who they say they are. This has become increasingly important in recent years with the rise of a phenomenon known as social engineering—in short, organized groups of criminals take advantage of live agents’ empathy and desire to be helpful in order to gain access to accounts under false pretenses. They then change passwords or mailing addresses; re-route package; order goods and lay a foundation for larger fraud.
MFA is an effective tool in the fight against social engineering because even if one of the verification stages (e.g., a password) is compromised, the hacker is still unable to gain access without the other pieces of authentication. Relying on passwords alone, for example, can be “exceptionally risky” and should be “avoided by all organizations,” the Cybersecurity and Infrastructure Security Agency (CISA) warned recently. Adding another authentication factor can prevent a “staggering” number of attacks, according to Forbes.
Benefits of MFA include:
- A reduction in security breaches by up to 99.9% over passwords alone.
- Ease of setup by users.
- Low investment of time and money to implement.
- Impact from Day One.
- Ability to restrict access by time of day or the physical location of the user.
Different Multi-Factor Authentication Methods
MFA increases security, but only if users are willing to adopt it. Consumers today are more demanding and less tolerant of onerous login processes, so organizations must ensure that the authentication process is fast and seamless, with little to no effort required by the user. Things to consider when choosing an MFA method include customer effort required, operational efficiency, real-time fraud prevention and level of security offered.
Among the methods of MFA verification commonly in use:
- Knowledge factors: Knowledge-based authentication typically requires the user to answer a personal security question, for example by providing a password or PIN. Common use cases include withdrawing cash from an ATM or logging on to a VPN using a digital certificate.
- Possession factors: Possession-based authentication requires the user to log in using something they have on their person; for example, a key fob, badge or smartphone with a one-time password app. Common use cases include sending a code via text to a smartphone or using a USB token for desktop access.
- Inherence factors: Inherence-based authentication uses biometric verification, such as a retina scan or facial or voice recognition. Common use cases include using a fingerprint to unlock a smartphone or providing a digital signature when making a purchase. The different types of biometrics include:
- Fingerprints
- Facial recognition
- Voice recognition
- Iris recognition
- Retina scans
- Keystroke dynamics, or a user’s patterns in typing
- Signature recognition
- Location- or time-based factors: User location methods include GPS-enabled smartphones that verify a user’s location, while time-based factors detect presence at a certain time of day (preventing, for example, accessing an ATM in California at 9 a.m. and one in Italy 15 minutes later).
How to Enable Seamless Authentication Across Channels
Authentication is evolving rapidly, with technological advances delivering the ease of use and security today’s consumers and businesses demand. NICE Real-Time Authentication (RTA) provides end-to-end authentication and fraud prevention for contact centers using voice biometrics. RTA automatically verifies the caller’s identity within the first few seconds of a call through natural conversation with an agent. Leveraging its unique Single Voiceprint capability, RTA uses the same voiceprint across channels, allowing effortless authentication in the Interactive Voice Response (IVR) or mobile application as well. Organizations using RTA don’t need to worry about selecting the right authentication factor—they get all of them in one solution which automatically applies the right factor(s) at the right time.
Learn more about multi-factor authentication and the future of biometrics or find out how the NICE RTA solution can help your organization enable seamless authentication across channels.