What is Multi-Factor Authentication (MFA) and why should I use it?
Multi-factor authentication is a security measure that requires the user to provide two or more factors to gain access to resources such as your computer, online account, or VPN.
There are 3 main types of MFA methods:
Something you know – PIN, password, or secret questions.
Something you have – Authenticator app, text message, smartcard, tokens.
Something you are – fingerprint, voice, or other biometrics.
Why is it important?
The main benefit of MFA is to protect against unauthorized access by requiring users to identify themselves with more than just a username and password. Having multiple layers will make it much more difficult for criminals and hackers to gain access to your data.
As you add more layers of security to your systems, it does in turn make it less convenient for users when accessing applications or services. The key is to balance security and accessibility so that access is secure, but the requirements for access are not so tedious.
The future of MFA using AI & ML
Multi-factor authentication is a constantly evolving to make it more secure for organisiations and less inconvenient of end users. Artificial Intelligence (AI) and machine learning (ML) can be used to pick up user behaviors that indicate whether an access request is ‘normal’ and therefore doesn’t require additional authentication.
AI can asses the risk score by looking at:
Time of login – If a user has made an login attempt and a few moments later, the users tries to log in again. It will flag as suspicious.
Location – If a user has logged in from two different locations at unrealistic times.
IP Address – Logging in from a different IP address can flag the user to re-input their multifactor authentication.
Combine AI with machine learning (ML) and you can introduce keystroke dynamics and mouse dynamics, where the computer will learn how you typically operate your hardware.
These AI-based authentication systems and predictive analytics are already making our lives much easier. We are already seeing these techniques go beyond the entry-level sign in methods and encompass other areas where the security of the user data is essential.