Abstract
The escalating number of reported security susceptibilities taking advantage of the weaknesses of fixed or static password oriented authentication techniques, and the considerable financial/brand loss caused to the ventures due to those susceptibilities are only stressing the fact that the customary fixed password based authentication resolutions are no longer a sufficient shielding instrument for crucial enterprise applications.
This calls for these ventures to critically investigate and embrace multi-factor, tougher, safe, dynamic one-time password based authentication expertise into their IT infrastructure. This article strikes a critical examination of the 2-Factor Authentication with a strong analytical exploration of the pros and cons accruing to this type of authentication.
It is also worth noting that the dynamics in the contemporary society in the field of technologies have exposed the user of the services provided by the service-providers who depend on these technologies to dire vulnerabilities. These vulnerabilities expose the users to “man-in-the-middle attack.” This has therefore made the one level authentication methods for example the use of static passwords, use of fingerprints or even PIN untrustworthy. This is especially true after the Citibank’s scam scandal.
Discussion
Security experts and specialists have long flaunted the need for implementation of stringent security measures for the Web based transaction enterprises. At a glance, 2-Factor Authentication is the technique of human authentication where two factors are used to authenticate. Items like USB tokens and smart cards are increasingly being used in many organizations due to proliferation of online identity theft cases, (Yoon & Kee-Young, 2008).
Fingerprints have been most authoritative method of authentication and have been known historically as an effective method of authentication. However recent developments in criminal activities have proved that this method is no longer worth all the trust.
Tokens
Biometrics
The most common type of biometric data used in authentication is the thumbprint. However, this type of authentication is becoming multi-factor as biometric readers are added on the devices to provide comparison between two data strings during authentication process. This mode could prove to be quite costly especially where it involves a big number of users.
Security Token
Smart cards and USB tokens are the most common forms of security tokens. These security tokens make use of microcontroller technology, a security application, a secured storage area and an OS (Operating System).
Phones
This is a new category of token devices which involves 2-FA tool transforming the phone into the token device through SMS messaging or through by an interactive telephone call. The phone becomes a multi-factor authentication by the fact that the user communicates over two channels. This type of T-FA method reduces logistical costs considerably by scrapping off the need for separate hardware token device though the user incurs the cost of text messaging and data services and cellular calling minutes.
Other types of the tokens include the Smart cards and the Universal Serial Bus which have been discussed above. In smart card, the ATM PIN and the card reader are the factors. Strong authentication has security advantages. Despite this advantage, this multifactor authentication is yet to spread widely in the market. The following are factors contributing to lack of pervasiveness:
Product proliferation
Due to difficulty in deploying the client PC software needed to make the systems work several and in fact most vendors have developed their own installation packages for network login, VPN connection credentials and Web connection credentials. It implies that performing control over so many packages and check for conflicts at the same time becomes difficult.
User password management
Since users have naturally found it difficult to retain one authentication factor for instance a password, and it is very common for users to be expected to retain and remember a number of unique passwords, Two-Factor Authentication does not eliminate this problem either. This is because in this Authentication, one factor acts as a password or PIN code. One probable solution would be to have another factor (a second one) as a biometric rather than having entities that users have to keep in memory.
Interoperability of Authentication
2-Factor Authentication is not standardized. It has various implementations which make it difficult for the T-FA to pervade through.
Cost Effectiveness
Addition of a second factor in the authentication is accompanied with additional cost responsibility of implementation as well as maintenance. This is because it is logistically challenging to deploy hardware tokens.
Password security
The security of the systems and tools used in T-FA is cause for concern too. Since more than a few products of this sort store passwords in plain text for the smart card or the token software, it largely counteracts one aspect of the authentication. Therefore due to this lapse, a prowler may get the password without any problems. However, since it is a multi-factor mechanism, the intruder will still be required to possess the relevant USB token or smart card for his attack to succeed. In conclusion, though the 2-factor authentication helps in mitigating security problem it does not remove the threat completely, (Ashutosh, 2008).
Works Cited
Yoon Eun-Jun; Kee-Young Yoo. “Information Security and Assurance, International Conference” Breaking a Smart Card based Secure Password authentication Scheme, 2008.
Ashutosh, S. “Dynamic authentication: Need than a choice:” Application Security Review journal Group Hyderabad, India; 2008.