Strong, two-factor (2FA) and Multi-Factor Authentication (MFA) solutions are becoming more common in both Business-to-Employee (B2E) and Business-to-Consumer (B2C) interactions today. Username/password authentication is insecure and overly cumbersome for users. The bulk of data breaches that have occurred in the last few years have involved the compromise of passwords on user and administrative user accounts. Many businesses and public-sector organizations are finding that they must provide higher levels of authentication assurance while delivering a more user-friendly experience, to reduce their risks of fraud and data theft.
New and some existing regulations are mandating that custodians and processors of personal and other sensitive data types must use 2FA or MFA methods to mitigate against fraud and data loss risks. For example, the Revised Payment Service Directive (PSD2) in the EU will require banks, financial institutions, and other payment service providers to offer strong customer authentication (SCA) and perform user behavioral analysis to authenticate and authorize monetary transactions. Full-featured MFA solutions can provide these necessary functions which will assist customers in meeting the regulatory requirements.
Common features of 2FA and MFA solutions include:
- Interoperability with existing IAM repositories, such as Active Directory, Azure Active Directory, or other LDAP directories
- Fast provisioning via LDAP or SCIM
- SSO capabilities to on-premises applications utilizing proprietary cookies, SAML, or OAuth
- SSO capabilities to SaaS applications through OAuth or SAML assertions
- Multiple authentication methods, such as KBA, email/phone/SMS OTP, mobile push apps, mobile biometrics, Smart Cards, USB keys, etc.
- Risk-adaptive authentication, based on administrative user defined policies per organization
- Evaluation of multiple risk factors, including user attributes, device identities, and environmental variables such as IP address, geo-location, geo-velocity, device health, behavioral biometrics, and/or historical analysis of user behavior
- Interoperability with identity and access governance systems
- Interoperability with identity analytics and security intelligence systems
inWebo was launched in Paris, France in 2008. The company has offices in Silicon Valley, California, and has expanded its operations across both North America and Europe/Middle East/Asia regions. The company’s solution is cloud-based, and they offer authenticators for computer browsers and mobile devices, as well as SDKs for developers to extend these authentication options to their specific environments.