Last month, Confident Technologies released Two-Factor Mobile Authentication, a
new security solution that is both multi-layered (referring to a second level of security before login) and multi-factor (referring to the use of a second, out-of-band device: the user’s cell phone).
How it works
1) Enroll online at your bank.
2) Select three categories that are meaningful to you. In the example below, food, beverages, and airplanes were chosen.
3) During future website logins requiring multi-factor identification,* the bank
sends a text message with a link (as shown below) or a push notification through a smartphone app.
4) After clicking the link, an image-based challenge appears as a grid of randomly-generated pictures. The user clicks on the three categories previously chosen (in this case food, beverages, and airplanes).
The pictures and grid locations vary, so it is extremely difficult for a virus to capture the unique authentication code created.
5) Once the bank receives confirmation that the correct pictures were selected, the online banking session proceeds automatically.
More secure than text-message solutions
While many banks use multi-factor authentication via text-message for security, there are two risks that still exist:
1) The message can be intercepted using malware.
2) The user’s cell phone could be stolen or “borrowed” providing the thief account access if they know the user’s username/password.
Because the hacker doesn’t know your preselected categories, Confident’s System provides an extra dose of security.
* Two-factor identification is often required when logging in from a new IP address, different device, or other unexpected condition.