The security of the data of users, companies and customers has become one of the biggest challenges of the digital era. For a long time this sensitive information has been a currency, and criminals also have an interest in learning as much as possible about the user in question. At the same time the significance of new technology concerned with safety in business increases. A good example of such a development is two-factor authentication. It is implemented by an increasing number of important portals and providers, and it is also of great interest to smaller companies in a number of areas.
Actually the principle of authentication has already been kept for years: when there is a restricted domain, one logs on to it with a username and password, and thus gains access. This principle is followed in everything from a simple login on Facebook, putting in a PIN at the ATM, to using computers at the workplace. The problem is: if someone else knows a password or PIN, they can gain direct and comprehensive access very easily.
The two-factor authentication should now ensure that the loss of a password or the unwitting sharing of this sensitive information does not automatically lead to a third person being able to access the data. In order to achieve this, a second hurdle is built into the already familiar process. Alongside a username and password, another PIN is also needed now. In this regard the fact that cellphones have already become an everyday tool is mostly utilised. The user can have a PIN, mostly a number around six digits, which is then needed for the login. With this there is a physical item which is not so easily given away, and which serves as additional protection for oneâ€™s account on the internet. But hackers themselves donâ€™t stop at cellphones: it can happen that hackers intercept the numerical code which is sent to the cellphone as an SMS, and then once again they gain access to the network. For this reason it is safer to rely on a separate token. With this method the user only needs to push a button on his token to identify himself and to gain access. There is no code which can be intercepted. And only someone in possession of the token gets access to the network.
Many portals and services have introduced the two-factor authentication in recent years. Hacker attacks on big services like Sony or Adobe were certainly also responsible for this. It is particularly appreciated that the token applies when security infringements are identified or if sensitive information like passwords and e-mail are to be changed. This form of additional safeguarding has already been adopted in quite a different area. The best example of this is probably found in online-banking: up to a few years ago it was still normal to use just a TAN for online banking activity. Now almost all banks have made the change, so that the user must carry out additional authentication by means of a cellphone or a chip device. This clearly increases the security in online-banking.
The chip cards used in companies for additional security when logging on with a password are also popular. Companies use them especially when their employees work via remote access, amongst many options for the additional securing of the line and the login itself. Firms should inform themselves of the possibilities in this regard, where the biggest factor of uncertainty is still the user himself.
The principle of two-factor authentication is already fairly old and definitely kept, however it is only seldom used in certain important areas. This is mostly because the additional step is considered inconvenient after years of easy logins. The future and research in this field are thus focused on simplifying the use of the second factor. There are creative solutions as to how this can be done, from a fingerprint on the smartphone to custom radio contact with the credit card, many things are possible. The fact is just that this type of security has become virtually obligatory for middle-sized and small companies these days.