Copyright: prykhodov / 123RF Stock Photo
Though you may have been hearing more talk about two-factor authentication lately, it isn’t really that new – it’s just that the current security challenges and solutions are new.

The concept of “we’ll need more identification than that” goes way back to analog days – being hired for a job often required candidates to produce several pieces of photo ID, everything from a license to a passport. Your state’s driver’s license bureau may have required not just your learner’s permit but perhaps a yearbook photo.

In the digital world, sites that require two-factor authentication, or 2FA, are trying to reach a higher level of security and ensure user data is protected from cyber attacks.

Visitors to 2FA sites aren’t able to access certain areas with just a login name and password – they need to perform at least one more task, such as type in a code that the company texts to them, share some obscure personal info that only the visitor should know, or provide biometric information, such as a fingerprint.

Mobile phones have created a greater need for 2FA – in the desktop-only days, any verification information was stored in the machine or a corporate network, and extra security wasn’t as much of a concern. But mobile users are out and about and may always be connected to certain sites, which makes data more vulnerable to being stolen, along with the physical device itself.

But phone also can be useful for helping provide this protection, such as newer iPhones/iOS that can use thumbprints to activate the phone or tie it into other functions, such as purchases or site log-ins. Microsoft also sells thumb-reading peripherals for sign-ins.

These and other types of tools can help make sure any data that’s sent or received remains secure to the mobile phone user and whatever company they’re communicating with.

Here’s why 2FA can help:

• It shows you are serious about security. Companies that want to emphasize high levels of protection should consider this authentication. Along with being smart from a security point of view, it’s also a strong selling point when talking to customers.  With all the talk about identity theft and how hackers are becoming smarter, customers want to make sure their data and password info is as safe as possible, even if it means an extra step or two for registration.
  
  
• It doesn’t require too much more time or effort to create. Seth Rosenblatt and Jason Cipriani from CNET said the user experience at most 2FA sites won’t be affected by the extra procedures, and companies that have balked at upgrading security have found that it’s not too difficult to switch. Really, the only time a user has to even think about extra steps is when they create a new account or lose/want to update their information.
  
  
• The industry is going there. Mario Aguilar from Gizmodo said that companies that are already offering two-factor authentication are in a better position than companies that still rely just on past practices such as passwords. He uses the comparison of traditional banks that require just passwords, with Google, that has additional security for its gmail service.
  
  

• Passwords may be going away. At the same time that businesses are encouraged to offer extra security features, we may also be seeing a phasing out of passwords or the ‘handshake’ method, where a site checks out the information about the account that’s visiting and allows it to enter or blocks its access. (all done behind the scenes, of course.) Add to this that we also now have unique passwords for pretty much any online task, from electronic banking to reading the newspaper. So many security businesses are looking for better solutions to the whole keychain of passwords, such as biometrics or encrypted daily codes that are randomly generated and sent to all employees on a network each morning.  If this happens, the password will be less important than the authentication.
  
  
• Companies are de-centralizing more. The workforce of the past had everyone in a main building or branch offices. Today, virtual workers can literally come from anywhere around the world, especially contractors who may be brought in for specific projects. These individuals rarely meet in person, but attend virtual meetings and electronic gatherings. The company bringing them in may not be entirely sure who this person is or how secure their local network is at first.  But requiring extra steps for a log-in may create more confidence that the person is who they say they are.  Or if their password is compromised, the thieves won’t be able to fully connect.
  
  

Computer security can be complex, but putting effort into prevention can pay off if you want to assure your customers that you go above and beyond to protect their data. For more digital strategies, visit Trumpia.com.

Free Mobile Marketing Success Kit

Get Your Copy Today