Downsides of 2FA solutions.
Passwords, the first authentication factors, can be stolen or lost. And what becomes of the second authentication factor if an employee's phone gets damaged (or again stolen or lost) and he or she cannot receive the SMS code? It is the same issue with a security key that can also be forgotten inside the pocket of a pair of jeans and run through the laundry. There are 2FA solutions that involve biometrics as a second factor of authentication. But Touch ID and Face ID can easily be compromised.
The lack of pertinence, in terms of security, is magnified, when an employee finds himself locked out of an app after losing a factor. Believe it or not, but this employee actually finds himself in the very same position as a hacker, who's trying to gain access to the employee's account. If an account can be reset without an access factor, then a hacker can, too. However, without recovery options, the employee account may be lost forever. To meditate...
Finally, hackers are seasoned criminals. For example, they can set up or reconfigure two-factor authentication to keep the real account holder out of his or her own accounts.
Replacing 2 with M doesn't necessarily cut it.
MFA solutions are definitely more robust, in terms of security, than 2FA applications. However, the reality is that they add another level of friction to the user's experience.
Besides the added layer of friction, MFA solutions offer several key limitations. To use mobile SMS code MFA, an employee must carry a mobile phone, charged, and kept in-range of a cellular network, whenever authentication might be necessary.
There are MFA solutions that necessitate a piece of hardware like security keys, and that comes at a cost: Pay for each physical token and allocate resources for the hardware’s maintenance.
The smartphone and the security key can be lost or stolen.
MFA solutions that leverage biometrics give the user a sense of enhanced security. The reality is, however, rather different... unless advanced biometrics are involved. Voice can be replicated, fingerprints can be copied, face can be spoofed and iris scanners can be hacked.
BlockID is the next generation contact-free authentication solution powered by advanced biometrics and Blockchain technology. Your workforce enrolls identity and authenticates with the levels of assurance per the NIST 800-63-3 guidelines of IAL2 and AAL2.
Visit the Workforce User Journey for more information.
Our private Blockchain-based data storage architecture promotes trust between your organization and your employees for all accesses to your systems and internal applications.
Leveraging the BlockID Private Blockchain Ecosystem entails storing employees' biometric information in a virtually incorruptible system to ensure they are who they say they are at all times throughout the process. Employees’ data stored in our distributed ledger aren’t subjected to data breaches.
The immutability of a distributed ledger is leveraged to record service provider-customer interactions. The document can never be modified, leaving an auditing trail, and therefore creating trust between all parties involved.
“Cybercrime is a daily threat to every organization and government across the globe...These Verizon solutions (powered by 1Kosmos BlockID) offer a significant step forward in cybersecurity protection.”
Alex Schlager, Executive Director and Chief Product Officer of security services at Verizon Business