Multi-Factor Authentication (MFA)

Multi-Factor Authentication, also known as MFA, is a process of multi-step identity verification that enhances security when a user logs in to an account, system, or application. MFA works through different methods called authentication factors.

The first authentication factor during a classic MFA relies on the person’s username and password combination, aka their credentials. Other authentication factors vary from SMS One-Time Passcodes (OTPs), physical tokens, and push notifications to more complex authentication solutions such as physiological and behavioral biometrics.

What is Multi-Factor Authentication (MFA), and how does it work?

MFA is a security measure that prevents unauthorized users from accessing an account. MFA works by requiring everyone attempting to log in to an account, system, or application to prove their identity in several ways before being granted account access. Most MFA deployments use at least two authentication factors (2FA).

There are three large category types of Multi-Factor Authentication factors: knowledge, possession, and inherence. The most common drawback of traditional MFA factors is customer churn, as increased user friction during login is resulting from the user having to perform additional steps before accessing an account. Other MFA drawbacks include long deployment times and high implementation costs.

  1. MFA knowledge factors - something you know Knowledge-based MFA methods such as the username and password combination (credentials) and security questions are weaker because they can easily be stolen or simply guessed. Find out why passwords are no longer enough.

  2. MFA possession factors - something you have Though more secure than knowledge-based authentication factors, MFA possession factors also bring significant disadvantages, including high costs and customer churn. Sending SMS one-time passcodes (OTPs), push notifications, or having someone use a physical token every time they want to log in majorly adds friction to their user experience. Learn how to reduce customer churn.

  3. MFA inherence factors - something you are MFA Inherence factors can authenticate users by their inherent characteristics, including the user’s physiological biometrics and behavioral biometrics. While physiological biometrics, such as retina or fingerprint scans, can be highly expensive and time-consuming, behavioral biometrics, such as typing biometrics, are seamless and don’t require costly hardware.

Innovative MFA solutions bring behavioral biometrics into play to secure users' digital experiences without adding friction to the process. An example is TypingDNA typing biometrics, a solution that authenticates users based on how they type on their keyboards. As it doesn’t require additional hardware, typing biometrics’ setup costs are minimal, which helps enterprises cut authentication costs while reducing the need for SMS 2FA. Watch our demo & learn more.