FAST, FRICTIONLESS MULTI FACTOR AUTHENTICATION WITH YOUR CHOICE OF BIOMETRICS

Daon’s IdentityX is the core component in a best-of-breed Multi Factor Authentication solution, ensuring strong and secure user authentication. It places your customer’s human identity at the center of each transaction through adaptive, intelligent combinations of biometric and non-biometric factors.

 

WHAT IS MULTI FACTOR AUTHENTICATION

Multi Factor Authentication (MFA) systems require a user to provide two or more user authentication factors before accessing a protected resource. In this context, a “factor” is defined as a single identity credential (for example, a password, physical token or fingerprint). Multi Factor Authentication systems ensure high confidence in the identity of your users and decrease the chance of account hacks.

 

How multi-factor authentication works

Systems that rely on a single non-biometric user authentication factor are vulnerable to attack. Passwords can be hacked or guessed, and tokens/keys can be stolen. Multi Factor Authentication systems (MFA systems) solve this problem by requiring your users to provide two or more factors that span multiple categories:

  • Something you are – biometric user authentication: face, voice, fingerprint, etc.
  • Something you know – knowledge-based user authentication: PIN, password, etc.
  • Something you have – physical user authentication: token, QR code, etc.

To be compliant with National Institute of Standards and Technology (NIST) guidelines, each factor in a Multi Factor Authentication system must be from a different category; using two keys or two passwords is not a true MFA system. Possible user authentication factor combinations include:

  • Something you are PLUS Something you know (Biometric + Pin)
  • Something you are PLUS Something you have (Biometric + Key)
  • Something you have PLUS Something you know (Key + Password)

 

WHICH AUTHENTICATION FACTOR IS BEST?

Biometric factors are proven to reduce fraud and maximize confidence in a user’s identity. They are also shown to improve the user experience and are preferred by upwards of 80% of users, according to recent surveys.

Moreover, customers overwhelmingly prefer to choose their own user authentication factors, and each biometric factor has its own advantages and disadvantages for specific scenarios and use cases.

    The best Multi Factor Authentication system will offer a choice of biometric factors, such as:
  • Face
  • Voice
  • Fingerprint
  • Behavioral Biometrics
  • Emerging Biometrics


Combine multiple biometric factors (a process called multi-modal fusion) with multiple non-biometric factors to create your own fast, flexible and frictionless user authentication model.

 

IdentityX and Multi Factor Authentication

Daon’s IdentityX supports the widest possible range of biometric and non-biometric user authentication factors, which can be combined in many ways.

In our standard IdentityX configuration, Daon securely stores a cryptographic token (key) on a user’s mobile device during the enrollment process. This unique identifier is now “something the user has,” providing the first user authentication factor in an MFA system. In order to gain access to your account, a hacker would need physical possession of your device.

Depending on the capabilities of the user’s device, the needs of the organization and other considerations, IdentityX then asks for something the user knows (PIN, Password, OTP) and/or something the user is (face, voice, fingerprint, or combination of biometrics).

The simultaneous combination of multiple biometric and non-biometric factors creates the strongest possible security while preserving a fast, flexible and delightful user authentication experience.

 

Learn more about Daon MFA and Enhanced Multi Factor Authentication

Confidence in user identity and the security of the system can be further enhanced by incorporating a factor from all three categories or by adding additional biometric factors. For high risk transactions (high dollar value transfers), organizations should consider incorporating additional factors. Simple transactions like “view account” may require only a single factor, while higher risk transaction may require two or more factors and, very risky transactions could require three or more factors. This allows organizations to implement systems that are both simple and convenient for their customers while maximizing the security of the system. To find out more about Daon Multi Factor and Enhanced Multi Factor Authentication, contact us to speak with one of our Multi Factor Authentication experts.