Two Factor Authentication for Enterprises: What and How




We all use passwords to secure our valuable data, but is password the safest way to protect it? Well, the statistics say any naïve cybercriminal with help of advanced technology can easily expose 90% of all passwords by testing billions of password combinations per second. This vulnerability gave way to the solution of two-factor authentication (2FA), which acts as another security layer for your data.

The Extra Security

Also known as multi-factor authentication, two-factor authentication (2FA) is a simple method which requires another piece of information apart from the username/password combination to confirm identity and hence access the application or network.

The first factor in 2FA, is to provide the normal details of username and password. The second factor makes the difference which is unique to an individual like a smartphone or even a fingerprint. There are several pieces of information which can be used and most common is an SMS or a phone call on the registered mobile number.

This solution is designed considering that hacking a password can be easy but having access to the additional evidence like the mobile phone or even biological features is difficult. This makes 2FA the most effective security methodology.

The 2FA Approaches

Let us have a look into the options of the ‘Second-Factor’ of the 2FA method.

1) Text Message

This is the most common and popular method of two-factor authentication. Post identity verification through username/password the user will receive a 5-10 digit number also known as OTP (One time password). This OTP can then be entered in the application for successful authentication.

Pros: Text message is a comfortable way for employees to receive an OTP.

Cons: There is complete reliability on a cell phone which if lost or stolen, the authentication process will be left incomplete.

2) Email

Similar to a mobile phone, the OTP can be sent to registered email accounts.

Pros: There is no reliability on a device as emails can be accessed from any device.

Cons: Hackers can get access to your emails and get the code.

3) Voice Call

This is not a common method followed to receive OTP but a person can chose to receive a call on registered mobile number via a text-to-speech service.

Pros: Comfortable method to receive.

Cons: Calls can be intercepted, forwarded or voicemails hacked.

4) Hardware Tokens

This is common in enterprises where a physical device is given to an employee to generate a unique code dynamically.

Pros: It does not require a network connection to receive codes.

Cons: The devices are expensive and can be lost or stolen.

5) Software Tokens

This is an alternate to hardware token where a physical device is not required but a software application is installed in mobile or computer to generate the code dynamically.

Pros: Apps are easy to use and install.

Cons: A download is required to personal devices which can be compromised without user knowledge.

6) Push Notification

These are notifications which generally takes response in form of ‘Yes’ or ‘No’.

Pros: A direct secure connection is available between smartphone and network.

Cons: In the case of a stolen device, the device should be de-listed.

There are pros and cons to each of the above-mentioned methods but it provides you with a more secure application. Enterprises can leverage the method which works best for their employees.

From Security to Employee Productivity

Who could have known that along with security, the 2FA can help in increasing the bottom line of the company? Let us look into the few ways on how this is achieved.

Increased Productivity

After the introduction of various policies like BYOD (Bring your own device), employees have been given flexibility of using their own devices on or off their work hours. With secure methods like 2FA, employees can safely access the company owned applications, data, shared locations and virtual systems without security risks. This directly increases the employee productivity as they can create a work life balance while also being assured that the company’s information is secured.

Increased Awareness

Stolen credentials can pose the greatest risk to the company, and mostly companies or employees are not even aware that their credentials have been compromised. We all are aware of the 2014 eBay data breach, when the organization came to know about the stolen passwords after 229 days.

Alternatively, 2FA notifies account owner the moment the credentials are being used by someone.

Cost Savings

Well, 2FA can mitigate the risk beforehand which otherwise can cause huge financial losses. Beyond the obvious reason, there are two other ways by which cost savings can be achieved. Firstly, help desk inquiries can be reduced significantly, as 2FA gives employees a secure way to reset their own password without the intervention of an IT expert which will take at least 20 minutes to resolve one password reset query. Secondly, with the use of cloud-based 2FA soft tokens like push-notifications, SMS and phone calls organizations can save on spending on expensive hard tokens.

Two Factor Authentication Service by MSG91

We know that two-factor authentication has become mandatory for organizations, be it an IT firm or an e-commerce website. But how can organizations get 2FA included in their security protocol? MSG91 is a recognized bulk SMS service provider in India whose team developed a tool, SendOTP, which is specifically created for sending OTPs in a secure way.

SendOTP has various features like sending real-time message information and handling large databases, which in turn significantly decrease the infrastructure prices. Also, in case of failures in sending messages, SendOTP recognizes it and sends voice SMS. The infrastructure of this application is made such that a large number of SMS’ can be processed in a single go, the logs are maintained, delivery times are verified and list of numbers with unsuccessful attempts are highlighted.

The different ways via which SendOTP works:

Pin Generation

The back-end logic is developed such that a unique PIN is generated for an individual user and which can be used only once.

Number Lookup

Costs are saved to an extent and conversion rate is increased as the application identifies the invalid numbers and make sure the message is only send to valid ones.

Voice Failover

The text-to-speech capability of this solution helps in providing OTP to the user via an automatically generated voice audio call. This feature helps increasing the message delivery rates close to 100%.

Global Coverage

The PIN can be delivered to a user irrespective of her geographical location. MSG91 has a global coverage of 190 countries and 800 networks. The OTPs can be delivered at the best delivery rate and speed when compared to other such solutions in the market.

Conclusion

With the SendOTP application, MSG91 has reduced a significant amount of coding making it easy to implement and maintain. With SendOTP, all that a user has to do is, verify the phone number and enter the verification code and the user will be authenticated in under few seconds. Watch out this space for more on how to integrate MSG91’s APIs in the existing system.



Source link