Fundamentals by Nevis: What is MFA

Multi-Factor Authentication

Relying on passwords alone leaves companies vulnerable to cyberattacks. Multi-factor authentication (MFA) provides an added layer of security by requesting multiple verification factors to authenticate a digital user’s identity before granting access to applications, accounts, etc.

MFA verification factors come from one of four categories:

Something you know: this refers to the standard username and password that users often require to set up and log in to accounts.

Something you have: this could be anything from a token or key to a one-time password (OTP) or PIN.

Something you are: this refers to biometric authenticators like fingerprint, facial, or iris scans as well as voice recognition.

Somewhere you are: this could be your geolocation as well as your timezone.

If a user fails to authenticate using one of these factors, or if one factor has been compromised, the MFA system can request additional information to verify a user’s identity

Benefits of Multi-Factor Authentication

The clearest benefit of MFA is the added security it offers both customers and companies by eliminating dependence on the password, a weak link in the security chain. However, there are even more advantages:

More customer trust: With more and more personal data being shared online and stored in the cloud, users are more vulnerable than ever to potential data breaches. That is why providing added protections to ensure customer information does not fall into the wrong hands creates an added layer of trust between service providers and their users. MFA provides precisely this as well as a clear competitive advantage.

Cost savings: Cyberattacks not only diminish customer trust and cause reputational damage, they are also costly to recover from. Having an MFA system in place not only offsets the risks of attacks, it also offsets the expense of recovering data, restoring systems, and potentially paying off ransomware hackers. Furthermore, MFA makes it possible for IT departments to dedicate their valuable time to more critical system and infrastructure questions.

Streamlined login process: In order for passwords to offer real protection against hacking, they have to be long and complex. MFA provides the same or greater security without the hassle. Thanks to the integration of technologies like biometric authentication and hardware tokens, authentication is as easy as plugging in a USB stick or looking into your mobile device.

MFA enhances the overall UX by providing a user-friendly approach to security that still offers incredibly strong protections. This helps ensure that users and customers remain loyal to products, services, and companies.

How Does Multi-Factor Authentication Work?

As mentioned, MFA is a security method that requires users to provide two or more authentication factors to verify their identity before gaining access to data, services, and applications. One of the most common and familiar forms of MFA is two-factor authentication (2FA), which has been around for decades. However, both 2FA and MFA have gained greater traction with the advent of new technologies, like biometric authentication and hardware tokens, which have proven to be reliable and secure factors.

For 2FA and MFA to provide strong protection, at least two distinct factors from the aforementioned categories must be provided for verification and authentication. For example, a password and a fingerprint or a facial scan and a hardware token. Requesting two factors from the same category — for example, a password and a security question — is not considered MFA.

One of the most widely used factors is the one-time password (OTP). This refers to the 4-8 digit code that companies provide via email, SMS, or push notification. They are only generated upon request and on the basis of a user seed value, which is already determined during the initial registration process, and a counter, to avoid duplicate codes.

Nevis Products for Multi-Factor Authentication