Two-Factor Authentication Essay Example for Free

Two-Factor Authentication raiseAccording to the Federal Financial Institutions Examination Council, verifying someones identity online involves at least one of a few factors. These factors are the followingInformation the Person K at a timesThis could be a engrossrname and password combination, social protection number, a PIN they chose, or something else that the person could know entirely others wouldnt.Something the person is able to Physically PossesA good of this is the persons ATM card. A more secure physical factor could be a use flash device with a key on it. The final factor that understructure be apply is something rum to that person only, a BiometricFingerprints and Rental Scans are exercises of this.The difference between unity and multi-factor stylemark is that single factor would only use one of these, like a username/password combination, which could be easily stolen through and through a variety of methods both local and remote to that persons physical l ocation (keygrabbers, network sniffing, trojans, observation, brute beat back attacks, or just loose lips). Multi-factor authentication requires at least one other input. Therefore an example of two-factor authentication would be having to enter your username and a password and also your ATM card number and pledge code from the back, or a fingerprint scan and entering your ATM card number, or regular(a) all three for three factor authentication.The FDIC feels that financial institutions should be victimisation two-factor authentication. There have been a number of recommendations made to the financial institution industry, and most large banks and investment houses are now utilize two-factor. The bank should definitely be using multi-factor authentication. Two-factor authentication will not only protect their customers, but it will help protect them against liability in the event that one of their customers does have their identity stolen.Since they are a small bank, budget wil l be a serious consideration when making the defeat to two-factor authentication. A method that has been used in the government and military, and that is now easily accessible is the use of a hardware sequential number generator. This involves the use of a small (cigarette lighter sized) device that generates a brand-new unique number every few minutes. It is based off of a algorithm the bank computing machine knows and each person has their own unique seed number, so each persons numbers are unique to them. When they log in, they are asked for a username/password combination and the number off their hardware key. According to the FDIC this is now one of the most commonly used technologies used by online banking services.Considering that the bank is small, the above suggestion of a hardware key that generates one-time passwords is really the best option. However, USB fingerprint readers are not too expensive now, and using biometrics like this could be an option especially for bu siness customers. The upside of the hardware key is that you can bring it with you wherever you go, but that brings up the downside that it can be stolen. Your fingerprints cannot be stolen so easily. Either way, two-factor authentication should be implemented as soon as possible to protect the bank and their customers.