Multifactor Authentication

Authentication can be accomplished with one factor, two factors, or multiple factors. Which one is the weakest level of authentication and which is the most secure and why? When would a more secure system be required? Be able to explain these multifactor authentication methods: password protection, token presence, voice biometrics, facial recognition, ocular-based methodology, hand geometry, vein recognition, fingerprint scanner, thermal image recognition, and geographical location. What are some challenges of multiple factor authentication when using biometrics? There is a lot of interesting information covered in this article that you do not need to memorize, but that you should be aware of.

Abstract

Today, digitalization decisively penetrates all the sides of the modern society. One of the key enablers to maintain this process secure is authentication. It covers many different areas of a hyper-connected world, including online payments, communications, access right management, etc. This work sheds light on the evolution of authentication systems towards Multi-Factor Authentication (MFA) starting from Single-Factor Authentication (SFA) and through Two-Factor Authentication (2FA). Particularly, MFA is expected to be utilized for human-to-everything interactions by enabling fast, user-friendly, and reliable authentication when accessing a service. This paper surveys the already available and emerging sensors (factor providers) that allow for authenticating a user with the system directly or by involving the cloud. The corresponding challenges from the user as well as the service provider perspective are also reviewed. The MFA system based on reversed Lagrange polynomial within Shamir's Secret Sharing (SSS) scheme is further proposed to enable more flexible authentication. This solution covers the cases of authenticating the user even if some of the factors are mismatched or absent. Our framework allows for qualifying the missing factors by authenticating the user without disclosing sensitive biometric data to the verification entity. Finally, a vision of the future trends in MFA is discussed.


Source: Aleksandr Ometov, Aleksandr Ometov, Niko Mäkitalo, Sergey Andreev, Tommi Mikkonen, and Yevgeni Koucheryavy, https://www.mdpi.com/2410-387X/2/1/1/htm
Creative Commons License This work is licensed under a Creative Commons Attribution 4.0 License.