Cost-effective – reduced deployment and support costs with no additional client-side hardware or software to deployWhat is two-factor authentication (2FA)?
2FA is a process which provides strong authentication that a user accessing an IT network or making a purchase on a website is who they say they are.
A 2FA solution is characterised by the fact that the user knows something – such as a password or a passphrase – and possesses something which is hard to steal or counterfeit. In most 2FA applications, ‘possession’ is demonstrated by knowledge of a one-time-password (OTP) that is generated either by a token, or at an initial log-in phase by the website’s / IT network’s server, and is communicated to the end-user via a device / token. As the name suggests, this password can only be used once - in real time – to authenticate the user for the associated data or financial transaction.
This process negates the possibility of a ‘constant’ password being lost or forgotten, or from being stolen, for example by a phising attack (email scam), and then used to access a system illegally on a future occasion. The fact that the OTP is generated by a known source, communicated by an independent medium, and has to be inputted by the user before an operation is verified, makes it almost impossible for the transaction to be corrupted.
