Why You Need Multi-Factor Authentication | Syniverse

Multi-Factor Authentication (MFA) is now an essential part of every digital experience. While we are all used to passwords, we previously only used MFA when logging into select services such as banking or work VPNs. However, due to increased digital fraud, MFA is now a critical requirement for accessing many, if not all, digital services.  

Why is MFA Required? 

The sad truth is that passwords are insecure. While passwords were mentioned in Hamlet, computer passwords were first invented in 1961. It wasn’t long before the first password hack happened in 1962. And the first recorded password bug was in 1965. In many ways, it is surprising that they were relied on for so long. 

However, the kiss of death for passwords was the pandemic. The mass move of services and money online prompted fraudsters to follow suit. 

IBM and CrowdStrike recently reported that over 30% of security incidents are caused by compromised user accounts and 90% of dark web for-sale assets are cloud account credentials. 

There have also been a range of high-profile data leaks caused by the lack of MFA, such as 23andMe.  

MFA massively reduces the risk of unauthorized access – preventing up to 99.9% of automated attacks and reducing phishing by 75%

MFA is the new seatbelt. Many in the Industry are now talking about MFA as the new seatbelt. Making it mandatory across all services is now essential. 

Example of services adding MFA 

MFA is no longer just for banking. Many services are adding MFA to protect users and prevent fraud. These include loyalty schemes such as the British Airways Avios membership program and genetic testing companies, like Ancestry and 23andMe. Other industry examples include: school lunch money companies (Parentpay), travel providers (Transport for London), gaming (Roblox), social media (Reddit) and healthcare, (U.S. Department of Health and Human Services).  

What is MFA? 

MFA is authenticating in multiple ways to access a digital service. For example, using both a password and a One-Time PIN (OTP) code to log into a website. However, it is important to get MFA right to leverage the security benefits. It is called Multi-Factor because it is essential that different forms of authentication are required. Using multiple passwords, forms of Knowledge-Based Authentication, such as additional pass codes, or personal information, like Date of Birth, do not count as MFA. This is because they have the same vulnerabilities as passwords.  

True MFA requires 2 out of the following 3 factors: 

  • Something you know, or Knowledge Based Authentication. This could be a password, passcode, or personal information. 
  • Something you have, or Device-based Authentication. This could be a physical security key or more commonly a mobile phone, which is validated using a SMS OTP.  
  • Something you are, or Biometric Authentication. This could be a fingerprint, iris, or voice print. 

While each individual factor has weaknesses, it is exponentially harder to crack multiple factors at the same time.  

MFA options 

First of all, there really aren’t any bad MFA choices. Any MFA method is better than none at all.  

There are many choices out there and which you choose to support depends on a range of factors.  

OTPs are the most common. People know them and they have the widest coverage. SMS OTP or email OTP are the most commonly used, but voice or push/app-based OTPs are also available, as well chat-based.  

Increasingly, other phone-based authentication methods, such as frictionless authentication, are being used. This is also called Network Verify or Silent Authentication by some providers. While these methods have narrower coverage, not all operators support them, although they provide a better user experience and conversion. 

Biometrics, usually on a mobile device, but also cloud based for some solutions, are increasingly gaining traction. 

Lastly, Passkey is an exciting new method. Backed by Google, Apple, and Microsoft, it offers app-free device-based authentication across most mobile devices. It incorporates both digital signatures and biometric support. 

Want to learn more about multi-factor authentication? 

Contact a Syniverse expert.  

Learn more about optimizing your Mobile Identity and Authentication strategy.  

Download our White Paper — Cracking the Security Trilemma.  

Related Posts: 

Why Multifactor Authentication Should Be Everywhere, But Not a Nightmare! 

Verify Your Customers with Voice Calling Two-Factor Authentication 

PSD2 and Strong Customer Authentication: Is Text Messaging Allowed? 

Frictionless Authentication — Key to Improved CX in Banking and Financial Services 

Previous

Next

Submit a Comment

Your email address will not be published.