Thanks for a great 30 years SMS protocol, but your hippy-dippy, free-wheeling, network needs an upgrade.
From a recent Forbes’ article: “…behind the façade, the SMS system over which those codes [2FA] are being sent is wide open. An archaic network that runs across mobile networks worldwide, where there’s no end-to-end encryption, where you have no way to know over which networks your message travels in open-text form between sender and recipient.”
So is SMS 2FA the equivalent of wearing a mask on your mouth but hanging it below the beak? Better than nothing, but bad at source control, pun intended. By the way, can we all agree that the hipster beard trend and the mask mandates are a wacky combination?
Effective as an N95 Mask
At Journey, we’ve got the authentication equivalent of an N95 mask. The platform supports the most advanced methods. Effective authentication includes two or more of these factors.
- Something you know: A shared secret such as a password but is no longer very powerful.
- Something you have: A mobile device because it is fairly unique to an individual. Use a shared secret and add it to something you have for added security.
- Something you are: Biometrics including face, voice, and fingerprint.
- Somewhere you are: Location, which is in the works.
Types
- Multi-factor authentication uses two or more authentication types.
- Mutual authentication is where the system authenticates both the agent and customer. Each party can then see that the other is authenticated.
- Step-up authentication is a real time request for additional authentication.
- Continuous authentication is where authentication happens multiple times during the session. This could be behavioral biometrics, passive voice, or others.