What is 2FA?
In today's world of increasing digital crime and internet fraud many people will be highly familiar with the importance of online security, logins, usernames and passwords but if you ask them the question "What is Two Factor Authentication?" the likelihood is they will not know what it is or how it works, even though they may use it every single day.
With standard security procedures (especially online) only requiring a simple username and password it has become increasingly easy for criminals (either in organised gangs or working alone) to gain access to a user's private data such as personal and financial details and then use that information to commit fraudulent acts, generally of a financial nature.
How does it work?
Two Factor Authentication, also known as 2FA, two step verification or TFA (as an acronym), is an extra layer of security that is known as "multi factor authentication" that requires not only a password and username but also something that only, and only, that user has on them, i.e. a piece of information only they should know or have immediately to hand - such as a physical token.
Using a username and password together with a piece of information that only the user knows makes it harder for potential intruders to gain access and steal that person's personal data or identity.
Historically, two-factor authentication is not a new concept but its use has become far more prevalent with the digital age we now live in. As recently as February 2011 Google announced two factor authentication, online for their users, followed by MSN and Yahoo.
Many people probably do not know this type of security process is called Two-Factor Authentication and likely do not even think about it when using hardware tokens, issued by their bank to use with their card and a Personal Identification Number when looking to complete Internet Banking transactions. Simply they are utilising the benefits of this type of multi factor Authentication - i.e. "what they have" AND "what they know".
Using a Two Factor Authentication process can help to lower the number of cases of identity theft on the Internet, as well as phishing via email, because the criminal would need more than just the users name and password details.
The downside to this security process is that new hardware tokens (in the form of key fobs or card readers) need to be ordered, then issued and this can cause slowdowns and problems for a company's customers wanting and waiting to gain access to their own private data via this authentication procedure. The tokens are also usually small and easily lost so causing more problems for everyone when customers call in requesting new ones.
SecurEnvoy look to resolve this problem with Two Factor Authentication by utilising mobile phone SMS technology. With over 5 billion mobile phones in use, turning a phone into an authentication device quickly solves the need and additional cost and delays of sending out hardware tokens.
Using Two Factor Authentication without tokens is called Tokenless Authentication, patented by SecurEnvoy. This type of authentication can be considered faster, quicker and cheaper to set up and maintain across many networks.