Create an ArticleUser Guide

Upcoming Challenges With Multi-Factor Authentication

Jun 18, 2021


Notice: Undefined variable: cofig in /var/www/icrowdmarketing/submission/news.php on line 386

Notice: Trying to get property 'poweredby' of non-object in /var/www/icrowdmarketing/submission/news.php on line 386

iCrowdMarketing


Jirsak/Shutterstock.com



Upcoming Challenges With Multi-Factor Authentication


Safety in the Information Age which we now find ourselves in, with the Quantum-era fast approaching is paramount to the survival of the social and economical systems we have built that themselves depend on digital infrastructures. One of the very important elements in digital defense is how multi-factor authentication protects against hackers, or to use the correct umbrella term under which authentication belongs -cybersecurity. We will talk about what authentication is, the types of authentication available and used today as well as what challenges are presented in the cybercrime-plagued digital world to the latest iteration of popular authentication methods like multi-factor authentication.

The Information Age brought with it critical innovations that would make up the building blocks and ultimately the cornerstones that determine how we live life today. The Information Age brought with it completely new paradigm shifts in how jobs and income is distributed, as well as new processes like automation and information-intensive industry. This age brought technological and industrial innovations such as transistors, data, optics, and most importantly computers. Looking back to the beginning of time, we evolved in several stages, from transforming primordial materials, transitioning on to harnessing the energy, and finally transforming and harnessing the power of information -that is data, computing information, and the knowledge and algorithms associated with it. The internet would not come around to be something that we all use and depend on, at least in its fully-fledged public form, until The 1990s and 2000s. Today, it is apparent that the internet is equally as important (if not more so) as something so essential as electricity and water.

What are Authentication, Authorization, and Encryption?


Authentication, or verification in general, is a process by which a user is authenticated or verified thereby gaining access via a key or pass to a server or cloud. Authentication is utilized by a server that is set up to verify exactly who or what is accessing the information on a given website, server, or data cloud. It is used by the client (s) most often by inputting a username and password. Other methods of authentication can include retina scans, voice recognition, fingerprint, and/or cards. Authorization is almost always coupled with authentication in a multi-stage process where the user/client is verified. This process determines whether a user/client has the necessary permission to access/use any resource, data, or file on the given access point. Encryption is an indispensable part of the verification processes stated above. Encryption transforms data so that it cannot be read without a decryption key. Encryption uses Secure Shell (SSH) and Socket Layer (SSL) protocols that are encrypted with varying ‘bits’ of encryption complexity (128-256 bit for example). Data that is encrypted is done so both from the client (browser) side, as well as the server (web) side before any data transmission happens between these two points. Multi-factor authentication is an evolution of authentication processes that are used very commonly today on all types of connected devices e.g. laptops, smartphones, and even enterprise-grade systems.

What is Cybersecurity?


According to communications and IT grandfather Cisco, “Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes. Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, and attackers are becoming more innovative.” Cybersecurity is the highest-priority defense paradigm against cybercrime and the protection of digital systems in general. It defines anything from the antiviruses and antimalware apps that we all know, to industry-grade firewalls as well as the knowledge surrounding digital defense.

Challenges That Are Present For Multi-Factor Authentication


Most of us may be unaware of what multi-factor authentication is, but all of us have probably used it at some point on everything from our Google mail account to accessing many other apps. The days of single-factor authentication are practically over, where a single login step is required. According to OneLogin, “Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN. MFA is a core component of a strong identity and access management (IAM) policy. Rather than just asking for a username and password, MFA requires one or more additional verification factors, which decreases the likelihood of a successful cyber attack.” Today, MFA and 2FA (two-factor authentication) are in use, with the former being the more secure option. The difference between MFA and 2FA is rather simple, the latter has one less verification step. A good example of this would be that, let’s say, to access a data point or log into a service a user using 2FA needs to provide two types of unique identification to the server. In the case of MFA, this process usually has three steps. For MFA, this means a simple password first, followed by a one-time-key sent by the system, finally ending with a third unique data sample that can be a voice clip, retina scan, or fingerprint.

Cybercrime is abundant these days, hence the need for such complex and sometimes cumbersome cybersecurity approaches. The more steps a login process has, the more difficult it is for cybercriminals to snoop out a user’s private credentials and form the puzzle piece needed to hack into an account. There are thus several challenges to these systems. Every ten seconds or so, there is a data breach somewhere in the world. These data breaches can cost organizations millions of dollars in damages. Complex authentication processes greatly reduce these issues, but organizations are met with the following human challenges when using these processes;

  • Employee resistance

  • Reduced productivity

  • Lack of IT support

  • Lack of resources to implement

  • General lack of interest in adopting these measures


Other than just the human aspect, there are technical concerns with MFA as well. Due to the unbelievably fast adoption of emerging technologies as well as billions of IoT or Internet-of-Things devices, additionally, remote work and BYOD (Bring Your Own Device) work culture, the need for MFA has never been greater. Today we have high-end wearable IoT devices (smartwatches), connected personal drones, smart vehicles, smart sensors, and even entire smart cities made up of these elements available to us. All of this brings with it big security risks and cybercrime threats as well. Here are some of the technical challenges of authentication processes that also describe why the multi-stage token approach (SMS, time-based, and hardware) is still not exactly bulletproof;

  • Controlling unauthorized access to a constantly growing, dynamic device environment

  • Meeting consumer demand for seamless, comfortable authentication mechanisms

  • SMS-based MFA is now deemed unsafe by NIST due to breach vulnerabilities

  • MFA is sometimes difficult for developers to create in programming languages like Java

  • More stages will not add extra security if a hacker knows one piece of the information


Better Solutions For MFA Cybersecurity


MFA is still the way to go for any personal device or login process. However, as we have seen above, SMS-based tokens are very vulnerable to breaches and effectively deem the security approach ineffective. Thankfully, today there is enough awareness surrounding MFA security threats that we have alliances such as FIDO working on the cybersecurity of this issue. Below are tried-and-tested approaches to a much more secure MFA process;

We are seeing more and more passwordless and hardware-based authentication approaches to MFA that have proved themselves much more secure than simple SMS and one-time key approaches. Google’s Authenticator is deemed quite secure and is supported by several services such as Github, Amazon Web Services, and Gmail.

Tags: English