|
|||||||
|
 |
||||||
 |
 |
 |
 |
 |
|||
|
AT.Pass advanced 2-factor authentication |
||||||||||||||||||
|
||||||||||||||||||
|
Home > Software Products > AT.Pass > The 3-factor Authentication The Three ‘Factors’ of Authentication The need for a more robust authentication means is always on the agendas of corporate IT executives. Multi-factor authentication refers to the approach of using more than one authentication means to complement each others, forming a more secure method to distinguish the genuine individual from an unauthorized one.
Generally there are three types (or ‘factors’) of authentication means. The first type is proprietary knowledge – the question of “what you know”. If someone knows a secret code that is only known to the called party and the calling party, the called party considers the calling party as the intended user. This is the premise of the static “User ID and Password” system. The second type is personal belonging – the question of “what you have”. If someone can present a personal belonging that only the calling party has, the called party considers the calling party as the intended user. This is like checking identification proof in the physical world. The issue is how to detect the presence of the individual’s personal belonging such as physical token, smart card and mobile phone through the network. The third type is biological characteristics – the question of “who you are”. For examples, fingerprints, eye retinas and irises, voice patterns, facial patterns, hand geometry and movements such as hand writing. Two-factor authentication using PIN and token
The most accepted form of two-factors authentication systems usually tests "what you know" and "what you have". Although technically viable, it is rare to find three-factor authentication systems that demand the testing of "what you know", what you have" and "who you are" because the burden of usability would increase as more factors are tested. |
