One of the many ways by which entry
is restricted into private internet transactions is multi factor
authentication. One popular type of multi factor authentication is two step
authentication.
In non-technical terms it is an
internet security system that requires more information than a password to log
into an account. The information may be a code and essentially it is something
that the user does not already know, as in the case of password. The highlights
of using multi factor authentication as an effective preventer of online scams
are as follows:
- Prevention of malicious entry into accounts
Scammers can figure out passwords if
they make a logical surmise with relevant background information. That’s why
fraud prevention authorities campaign for uniqueness and strength of passwords.
The 2FA goes one step further in asking for additional input which is made
known only to the user.
- Multi-Layer Internet Security
Online scams are avoided by bringing in layers of demands from the user before entry is granted. Essentially, the
different layers amount to the following:
●
Knowledge – the password that the user knows
●
Possession – information that the user possesses
● Inherence – something that proves that the
person is the authorized user, like fingerprint, voice, retina or other
biometric factor
A combination of all or any of these
factors is used to prevent online scams. Even if the hacker manages to steal
login credentials which include user name and password, use of multi factor
authentication comes to rescue by restricting access. This is the logic behind
usage of captcha because even if other details are guessed by robotic means,
manual entry of captcha will prove that the user is human.
- Different methods of authentication methods
For the 2FA, the additional piece of
information may be sent in the form of SMS. By using a 2FA app, unique
passcodes can be generated. Alternatively push notifications are also used.
Disconnected token method uses a specific hardware device that may have a
button for generating passcodes. Other popular methods include call back on
phones.
- Two factor authentication technology
The technology that underlies the
2FA is a set of algorithms to generate passwords. Earlier the hash based
onetime password was held as a standard. Nowadays, time based onetime passwords
make the unique passcodes time bound which adds additional security from online
scams. The main objective of multi factor authentication is only the registered
user is granted access, in order to avoid online scams.
- Disadvantages of 2FA
It cannot be
said the using two factor authentication is foolproof. The efficiency has been
questioned on various grounds. The first hassle in the form of technical delays
in getting SMS of OTPs and users find it difficult to wait for them before time
lapses.
Another disadvantage is that smart
phones enable people to configure their email IDs on the phones. If the mobile
phone is stolen, then it is very easy to commit online scams. The efforts of
2FA in shielding anonymity of user have not been a full success so far. Still
the advantages outweigh the loopholes in 2FA and it continues to be very
effective in preventing online scams.
