Second factor authentication (2FA) solutions: Evaluation, FAQs & more

Select the right second factor of authentication (also known as two factor authentication or 2FA) technology for your organization with these comprehensive resources.

Technologies which use second factor of authentication (also known as two factor authentication or 2FA) has rapidly gained prominence among Indian organizations as a way to prevent unauthorized access and security breaches. Although banks are quite ahead when it comes to the adoption of second factor authentication technology, other verticals are rapidly catching up.
In this context, evaluation of a second factor authentication mechanism is a crucial exercise in the selection of an appropriate solution for your enterprise—especially in today's times, when the market offers several choices for second factor authentication solutions. To assist you on this front, here's a detailed FAQ for evaluation of second factor authentication solutions.       

What are the available options when it comes to second factor authentication?
Second factor authentication technology is available in various forms. So you need to select an appropriate two factor authentication solution based on an enterprise risk analysis exercise. Tokens, smartcards, and biometrics offer different ways of identifying as well as authenticating users. In this tip, we will evaluate strength and weakness of different kinds of second factor authentication solutions.

SMS two-factor authentication for electronic identity verification
The token versus tokenless second factor authentication debate has been going on for long. While tokenless second factor authentication options are easier to deploy and more user friendly, it offers its own fair share of challenges. More importantly, the choice between token and tokenless second factor authentication should be based on user role as well as frequency of usage. In this article, we take a comparative overview of the usage of token versus tokenless second factor authentication within organizations.

 How does second factor authentication and layered authentication differ?
Second factor authentication and layered authentication represent different methods of user authentication. Although the two methods provide same levels of protection, these are deployed differently. As part of this tip, learn the prime difference between these two second factor authentication methods, as well as discover the technologies which will mesh better with your systems.

Can the use of digital certificates (with passwords), be considered as second factor authentication?
There's much confusion when it comes to the use of digital certificates as a second factor of authentication. While digital certificates issued by certification authorities are used by businesses to establish their credentials for Web transactions, it's still a matter of debate as to whether these can be treated as a second factor authentication method. This article takes a look at whether digital certificates can be treated as second factor of authentication.

How can hackers bypass second factor authentication systems?
Deploying second factor authentication does not guarantee 100% protection theft of user credentials. So before you actually decide to deploy second factor of authentication, do have a look at how much you will be able to control unauthorized access to IT systems with this technology.

Are there any Indian second factor authentication deployments that we can learn from?
In the backdrop of escalating phishing and social engineering attacks, the Reserve Bank of India (RBI) issued a directive last year to Indian banks about deployment of second factor authentication as a security measure for online credit card transactions. Several leading Indian banks are currently busy in deploying second factor authentication for their internet banking channel.  We take a look at these second factor authentication deployments.

Second factor authentication thwarts identity theft at Bank of India
Bank of India, the leading Indian public sector bank, has faced its fair share of phishing and pharming attacks. Due to these threats, the bank wanted to protect its customers' online identity as well as its reputation. Here's a look at how Bank of India uses second factor authentication (2FA) to protect its Internet banking base of more than 3,00,000 customers from online identity theft.

Central Bank of India opts for token agnostic second factor authentication
Unlike typical second factor authentication rollouts, leading Indian public sector bank Central Bank of India has decided to deploy token-agnostic second factor authentication solution for its internal as well as external customers. Get an up-close view of this notable implementation and the reasons behind using deploying token agnostic second factor authentication.

Lakshmi Vilas Bank's online plans to include second factor authentication
A significant growth in online financial transactions after introduction of Reserve Bank of India's RTGS and NEFT systems has raised Internet banking safety concerns for Lakshmi Vilas Bank. As a result, the leading scheduled commercial bank is bringing in an additional layer of protection with adoption of SMS based two factor authentication. Discover the prime reasons why the bank took the decision to forsake hardware tokens and adopt SMS based second factor authentication technology.

Read more on Identity and access management products