Multifactor authentication (MFA) is a security system that requires more than one form of authentication to verify the legitimacy of a transaction.
The goal of MFA is to create a layered defense and make it more difficult for an unauthorized person to access a target such as a physical location, computing device, network or database. If one factor is compromised or broken, the attacker still has at least one more barrier to breach before successfully breaking into the target.
In the past, MFA systems typically relied upon two-factor authentication. Because consumers are increasingly using mobile devices for banking and shopping, however, physical and logical security concerns have converged. This, in turn, has created more interest in three-factor authentication.
Typical MFA scenarios include:
- Swiping a card and entering a PIN.
- Downloading a VPN client with a valid digital certificate and logging into the VPN before being granted access to a network.
- Logging into a website and being requested to enter an additional one-time password (OTP) that the website's authentication server sends to the requester's phone or email address.
- Swiping a card, scanning a fingerprint and answering a security question.
- Attaching a USB hardware token to a desktop that generates an OTP and using the one-time password to log into a VPN client.
In the United States, interest in multifactor authentication has been driven by regulations such as the Federal Financial Institutions Examination Council (FFIEC) directive calling for multifactor authentication for Internet banking transactions.
Continue Reading About multifactor authentication (MFA)
'multifactor authentication (MFA)' is part of the:
View All Definitions