People can access email and valuable data using a broad array of devices, such as notebooks, tablet PCs and of course smart-phones, regardless of location. Two Factor Authentication, (2FA) is a system that enables users to make payments or obtain information over the Internet securely (Remote Access). Its’ purpose is to ensure that only the person with the relevant information and systems can gain access. For example it is used by most of the major banks to allow their customers to access their bank accounts securely and check balances or make payments. It is also used by organisations to enable their users to gain access to email or other organisational data via the Internet.
2FA aims to ensure that the person requesting the data is the right person by being able to prove their identity and thereby decreasing the potential for fraud, theft or other form of illegal activity.
Two separate methods of proof of identification are required in order to verify the two-stage authentication process. If both sets of information match the criteria logged in a system, the system will allow access to the secure data that the individual is requesting.
Two factor authentication requires the use of two of the three regulatory-approved authentication features:
- Something the user knows (for example a password or PIN);
- Something the user can use ( for example a bank card, smart card or Bank ATM)
Without these two elements matching, authentication will not be possible. This is known as the “something you have” and “something you own” principal. It essentially the modern form of a ‘lock and key’ in that without the key, the lock cannot be opened (the token or PIN is the key in this scenario)