Multifactor Authentication

Authentication can be accomplished with one factor, two factors, or multiple factors. Which one is the weakest level of authentication and which is the most secure and why? When would a more secure system be required? Be able to explain these multifactor authentication methods: password protection, token presence, voice biometrics, facial recognition, ocular-based methodology, hand geometry, vein recognition, fingerprint scanner, thermal image recognition, and geographical location. What are some challenges of multiple factor authentication when using biometrics? There is a lot of interesting information covered in this article that you do not need to memorize, but that you should be aware of.

4.3. Proposed MFA Solution for V2X Applications

4.3.1. Factor Mismatch

Assuming that the number of factors in our system is $l=4,$ the system secret $S$ can be represented in a simplified way as a group of

$S \leftarrow\left[\begin{array}{llll} F_{1} & F_{2} & F_{3} & F_{4} \end{array}\right]$

Here, if any of $S_{i}$ are modified-the secret recovery mechanism would fail. An improvement to this algorithm is delivered by providing separate system solutions $\bar{S}_{i}$ for a lower number of factors collected. Basically, for $\bar{l}=3,$ the number of possible combinations of factors with one missing is equal to four, as follows

$\begin{array}{l} \overline{S_{1}} \leftarrow\left[\begin{array}{lll} F_{1} & F_{2} & F_{3} \end{array}\right] \\ \overline{S_{2}} \leftarrow\left[\begin{array}{lll} F_{1} & F_{3} & F_{4} \end{array}\right] \\ \overline{S_{3}} \leftarrow\left[\begin{array}{lll} F_{1} & F_{2} & F_{4} \end{array}\right] \\ \overline{S_{3}} \leftarrow\left[\begin{array}{lll} F_{2} & F_{3} & F_{4} \end{array}\right] \end{array}$

The device may thus grant access based on a predefined risk function policy. As the second benefit, it can inform the user (or the authority) that a particular factor $F_{i}$ has to be updated based on the failed $S_{i}$ combination. Indeed, this modification brings only marginal transmission overheads, but, on the other hand, enables higher flexibility in authentication and missing factor validation.