In a time when cyber-attacks continue to increase, passwords no longer serve as the only security measure to prevent unwanted access. In addition, users are increasingly giving greater amount of sensitive information over the Internet. To achieve this security, double factor authentication is the best option. We explain how it works and what advantages it has over simple passwords.
Digital security or cybersecurity has become a major concern for companies, which find that threats also arrive via telematic means and have to be appropriately protected.
A cyber-attack can seriously harm a company, endanger sensitive information stored, make customers lose confidence in it and damage its image, hence the importance of having appropriate protection against this type of illegal acts.
Why is a robust security necessary?
In a study conducted by First Data, a company specializing in technology related to trade, 26% of respondents stated that their personal information had been compromised in the last month and 34% had been affected in the last year.
The antivirus company Norton goes further and states in a study that almost half of the adult population online (about 16.5 million people) has been the victim of a cyber-attack during 2017, which has resulted in a total cost of 1,750 million of euros for the companies concerned.
The use of just a password to identify does not ensure full protection against security breaches. Although safer and more complex passwords are used (with symbols, numbers, etc.), the survey carried out by TeleSign shows that 73% of accounts are protected with a duplicate key and 54% of people use five or fewer passwords throughout his life on the internet.
According to a Verizon study, 81% of attacks take advantage of insecure or stolen passwords, being the main tactic employed. It is possible to use a password manager, which allows to remember all the keys and that each one is unique, avoiding that a possible security problem affects the rest. However, the best solution to achieve even greater protection is double factor authentication.
What is robust authentication?
Robust authentication consists in using at least two identifiers to be able to perform any operation, be it banking, commercial, etc. These identifiers can be of a biometric nature, or, for example, something that only you know.
Currently it is very common to find double factor authentication, or also called two-step verification. Is a security process in which the user provides two authentication methods to verify his identity and thus better protect his account and all the resources that he access from the product or service he is using.
The traditional method, or single-factor authentication (SFA), is one in which the user only enters a previously established password and already has access, while the second factor is usually a security code sent by SMS or an element biometric like a facial scan or fingerprint.
A common case is when you get a key to the mobile phone when you are doing a transaction in the bank, which also expires after a certain time and you cannot use it again. This combined with any other identifier. It allows you and only you to be able to carry out a banking, commercial operation, etc.
The cybersecurity company Symantec conducted a study in which it concluded that 80% of security breaches could have been avoided simply by using double-factor authentication.
How does double factor authentication work?
This authentication can be done through a one-time password (OTP) that is sent via email, SMS or call and allows the correct identification of the user. This method is very popular in the banking industry to avoid the fraudulent use of credit cards.
On the other hand, authentication can also be done with a time-based one-time password (TOTP). Thanks to an algorithm, the application has the ability to autogenerate codes taking into account the time. This is usually used in important social networks such as Twitter or Facebook.
The protection of users’ sensitive information is of vital importance, especially when they store data such as credit cards or digital certificates, such as Viafirma Suite.
For this purpose fortress was designed, designed to protect the digital certificates of the user. It works with the centralized signature or electronic signature in the cloud, a very secure authentication solution that improves the usability of the signature. This means that the certificate is hosted in the cloud, on a secure server, and it is accessed after the user has been identified by as many factors as the system is configured.
The simple fact of working with the firm located in the cloud means that security increases, because if the certificate is stored on a device, it is easier for someone with access to this positive to sign for us, especially if the own passwords are stored in it.
This authentication process is performed robustly with at least two layers of security (double factor authentication), which are:
- Something the user knows (password)
- Something that the user has (key card, code by SMS, OTP code)
- Something that the user does or is (signature, speech, fingerprint, other biometric factors)
This solution fully respects the eIDAS regulation, in force since 2014, whose objective is to create a legal framework that regulates, gives legal consistency and generates trust among the digital businesses of the European Union.
In short, double factor authentication has practically become a mandatory standard for any company that offers a digital product or service and wants to guarantee the security of its users’ data. The importance of cybersecurity is beyond doubt, seeing the number of gaps and infractions that occur every day on the Internet and the sensitivity of data that is stored in an unsafe manner.
Therefore, the adoption of a double layer of security in the solutions used in the company is essential, especially in digital signature tools. Viafirma meets all the requirements of the eIDAS regulation to guarantee the necessary trust in the use of this type of solution.