Multi-Factor Authentication

What is Multi-Factor Authentication?

Multi-factor authentication enhances web transaction security by requiring additional components beyond simple username/password. The concept of multi-factor authentication is usually explained in terms of requiring "something you know, something you have, or something you are" to be authenticated.

A simple illustration of multi-factor authentication is the use of an ATM card to access your bank account. The ATM process requires both something you have (ATM card) and something you know (your PIN). Multi-factor authentication works well because if a thief steals your card, he still needs to know your PIN to gain access.

Authentify employs multi-factor authentication to verify web transactions through its unique method of binding a web session to an automated outbound phone call. In an Authentify transaction, multi-factor authentication looks like this:

• Something you know: The transaction confirmation number displayed in your browser.
  
• Something you have: The mobile or landline phone you use to complete the web transaction.

A third authentication factor can also be introduced for situations calling for stronger authentication:

• Something you are: A voice biometric comparison.

When and where to employ multi-factor authentication depends on the nature of the web session. For example, requiring a voice biometric to gain access to account balances might be too extreme, yet a quick, automated call back to the account owner to verify a large online payment is a practical way to protect against fraud.