Two-Factor Authentication 2015: Opportunities and Prospects

Modern technologies have brought a lot of conveniences and opportunities into our lives, but also sharply reduced the chances of complete privacy. Photos that are not intended for prying eyes, credit card numbers, passwords for accounts in social networks and e-mail services, business documents stored in cloud services, the hand of a hacker is able to reach all this with little to no effort.

Traditionally one of the most vulnerable aspects of computer security is strong authentication. Therefore, multifactor authentication methods are constantly being improved and developed. The usual two-factor authentication, when temporary passwords are delivered by a text message, is far from being the only option. Let’s see what means of security authentication exist nowadays and what means are being developed?

1. Applications for smartphones.

According to recent studies, smartphones are used by about 50% of inhabitants of the Earth. If we take into account only the developed countries, where the problem of data protection is most acute, the numbers are even more impressive.

That is why applications that can turn the smartphones of the users into an OTP token are increasingly distributed. In ‘Google Play’ and ‘App Store’ you can download Protectimus‘ mobile authentication application for Android and iOS smartphones and for Android Smart Watch.

The Protectimus SMART application allows you:

  • to select OTP (one-time password) generation algorithm, (HOTP, TOTP, OCRA);
  • to set the length of the 2 step verification code (6 or 8 characters);
  • to use the data signing function (CWYS), which protects from banking trojans and data modification;
  • to create multiple tokens on a single device.

The system of data protection with the help of a software application, however, has one drawback. If the signing in the account takes place from another device (PC, laptop), the software token properly fulfills its functions. But if you go to a site with the same device on which the mobile authentication app is installed, the effectiveness of the protection will be reduced.

One-time password token Protectimus SMARTOTP token Protectimus SMARTProtectimus SMART OTP token

2. Hardware tokens.

Hardware OTP tokens can provide a higher level of information security. These devices operate autonomously; they don’t require an internet connection. In addition, one-time password token can be protected by a PIN-code to avoid unauthorized use in the case of loss or theft. Hardware tokens may look different, but they are always quite compact and small in size. For example, the ‘Protectimus Slim’ has a stylish design in the form of a credit card and TOTP token ‘Protectimus One’ is designed as a convenient key fob that can be worn together with the keys.

The ‘Protectimus Ultra’ token stands out for its reliability. Its main feature is that the secret key is generated only during the activation of the token, which means that even the developers of the OTP token don’t know the secret key in advance. ‘Protectimus Ultra’ uses the OCRA algorithm (OATH Challenge-Response Algorithm), which is currently the most reliable one-time passwords generation algorithm.

Hardware two-factor authentication OTP tokens

3. Biometric methods.

The previously described two-factor authentication methods are based on the one-time passwords generation while biometric techniques use different biometric parameters of the person instead of OTP passwords. Identification happens by the unique, peculiar to the only person’s individual parameters: voice, fingerprints, retina, or even selfie can act as identifiers. However, such ‘tools’, although very attractive in terms of ease of use, are not as reliable as usual and ‘boring’ one-time passwords.

4. Implementation of the implants.

Instead of the standard hardware token, which can be lost or stolen, the chip, embedded under the skin, is impossible to lose. Smartphone acts as a device for detecting a ‘key’. So far this method is still not thoroughly worked out and remains experimental. Although it is possible that it will someday become the leading method in the authentication of the users – who knows?

5. The method of comparing background noises.

Not so long ago, the Swiss developers have come up with an original idea to authenticate users using the background noise. Its essence is that when you try to log into your account, the device from which it is mad, and the smartphone simultaneously record the background noise, which surrounds the user. The records are matched on the server, and if the noises from both devices are similar, the user gets access to his account. Although the method is quite interesting, it raises some questions about the degree of its reliability.

Among them are:

  • the high load on the server in the case of simultaneous processing of large amounts of data;
  • the opportunity for the hacker to be in the same sound environment as the victim;
  • the differences between the quality of microphones on different devices, and, as a result, differences in noise records.

It’s important to note that not two-factor, but multifactor authentication is already becoming the standard. In this case, the authentication process involves not only the OPT password check-up but also the analysis of typical user behavioral characteristics: the model and version of the browser, the place of entering the network, etc. If these and other parameters do not differ from usual, the access is possible without the entry of the one-time password. This model, which supplements traditional 2FA, is used in Protectimus two-factor authentication solution. Thus, the user can achieve both the desirable convenience and reliable data protection.

Author: Denis Shokotko

Once upon a time, in a small town there lived a boy named little Denis. As years went by and the boy grew up, his interest in everything new and unknown grew, too. Denis was particularly interested in information technologies. And, his feelings were reciprocated. His new hobby was so fascinating that he decided to devote the rest of his life to it. Soon after that, he developed his first software program, then another one and another one, and more... In software development, no one could compare to him. His talent could not but be noticed and appreciated. Before long, he is among the originators of a new innovative project. And now, Protectimus in Denis’ life is like a mistress that would not share him with another or put up with any unfaithfulness :)

Share This Post On

1 Comment

  1. It is in point of fact a nice and helpful piece of information. I’m glad that you just shared this useful information with us. Please stay us informed like this. Thank you for sharing.

    Post a Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from Protectimus blog.

You have successfully subscribed!

Share This