The purpose of two-factor authentication is to add an extra layer of security when logging into a device or website. Everyone is familiar with using a password to log in to their email, bank account, or social network. Two-factor authentication requires the user to know more than just the password, they have to further prove that they are who they say they are. Typically this is done by entering in a short pin sent to the user via text.
According to BioCatch, the way that a PC user uses a mouse can identify who they are. ZDNet explains:
The entire way that we use the human-machine interface embedded within each and every modern computer, browser, or website, is like a unique fingerprint. Lefties will operate a mouse differently to right-handed people, for example, and each user ?grabs? an icon at a different point, angle, and so on.
BioCatch can analyze the way that users use their mouse to create a profile for them. This profile is then used to determine whether or not you are who your machine says you are. It’s estimated that this method of authentication is capable of identifying and preventing fraudulent logins 80 to 90 percent of the time.
There are several variables that are taken into consideration by BioCatch’s user profiles. These variables are put into four layers of properties:
Layer One: Standard Authentication
Layer one consists of the device, network, IP address, hardware, and location – all traits that physically tie you to your PC. These are the typical authentication properties used when logging into an account. The following layers, however, take a much different approach to authentication.
Layer Two: Physical Profile
Layer two consists of mainly motion-related actions, such as moving objects around the screen, hand-eye coordination, and the mouse pointer (or finger on touch screen devices).
Layer Three: Cognitive Profile
Layer three consists of examining mental abilities, such as response time and connection time. It also looks for suspicious activity that is out of the norm. One example used by ZDnet is online banking – normally, a user would check their balance before doing anything. If a money transfer is their top priority, something might be up.
Layer Four: Invisible Challenges
BioCatch’s final layer of protection is meant to authenticate a user’s identity, but not in the traditional sense. BioCatch purposely puts problems in the way of the user in order to determine who they are. Everyone reacts to potential threats differently, and their response can be used to verify one’s identity.
Despite whether or not BioCatch’s ideas become mainstream, there’s one thing we know is certain: you need to keep yourself protected from hackers with more than just a password. Two-factor authentication might have its flaws, but it’s a better protection measure than others, especially considering how weak passwords have been recently in light of powerful, sophisticated malware.
White Mountain IT Services can equip you with two-factor authentication methods, like SMS messages via a cell phone. Call us at (603) 889-0800 today to see what we can do for your business.