The many faces of multifactor authentication

Lots of different ways to skin the cat

  • Gemalto's Protiva.NET one-time password generator is designed to work with .NET-based applications.

  • RSA even has a downloadable toolbar that provides one-time passwords and stores personal information.

  • This optical smart card reader interacts with a customer's existing smart card and generates a one-time password, providing strong authentication for online transactions.

  • Passfaces is a biometric/cognitive method of authentication that requires customers to recognize a series of faces and click on the right one in order to gain access to the network or Web site.

  • What’s your favorite authentication method?

  • Bank of America is the industry leader in online authentication. Customers who sign up for the optional SafePass authentication system typically receive a one-time password texted to their mobile phones. More recently, the bank began offering a second option, a credit-card sized one-time-password generator, primarily for people who make large transactions.

  • RSA's SecurID system comes in a variety of form factors. Here's an example of a software token for BlackBerry users.

  • This credit-card sized one-time-passcode (OTP) generator represents a high level of security. In the future, experts predict that this type of device will be integrated into a standard credit card so that people won't have to carry around an extra thing.

  • Authentication can be accomplished in many ways, from biometrics to hardware tokens to software-based password generators. And authentication can occur on many devices, including laptops, phones and USB memory sticks. Here are some of the latest authentication schemes.

  • This diagram shows how multi-factor authentication works on the back end.

  • Customers don't want to carry around another card, so hardware-based authentication schemes haven't gone too far. One alternative, which is being used by Bank of America, is to send a one-time password to the customer's mobile phone. This type of "out-of-band" authentication is considered very safe.

Show Comments