What is Multi-Factor Authentication (MFA)?
Multi-Factor Authentication (MFA) is an effective way to protect online accounts and data. It requires users to identify themselves through multiple means of authentication.
Whereas you would usually log in via Single-Factor Authentication (just a password), Multi-Factor Authentication requires at least a combination of two or more factors of authentication:
Something a user knows, like a password or a PIN number.
Something a user has, like a mobile phone, that can receive a verification code (such as One Time Passwords) or physical tokens like USB keys or product numbers.
Something a user is, like fingerprints and facial recognition.
Sounds complicated, but using various types of Multi-Factor Authentication is more common in our daily lives than we might realise. For example, think about entering your password to access your social media and then getting a verification code via text message to finish the login. Or using your fingerprint to confirm payment after logging into your online account.
If you do significant business through mobile or online channels, ensuring customer and data safety is a must. MFA has many benefits, such as reducing fraud and data theft, increasing customer trust, and improving the customer experience by offering a solution for password problems or simplifying the login process.
Multi-Factor Authentication also serves a multitude of use cases spread over various different industries. Because even though the market you're operating in may differ from that of another business, data safety is high on everybody's priority list.
What is Two Factor Authentication (2FA)?
Two Factor Authentication (2FA) is probably the most common type of Multi-Factor Authentication. It requires two identifiers to verify the user’s identity. Technically speaking, a combination of any two identifying factors would be considered 2FA, but the most common combination includes the verification code, often referred to as a One Time Password or OTP.
The One Time Password can be sent by different platforms and messaging channels. The most common ones we see are email and SMS, but did you know you can also send out OTPs over WhatsApp? And what about an OTP over Voice?
Two Factor Authentication via SMS & RCS
SMS is still the titan of messaging channels, serving billions of users around the world. One of the reasons for this success is the fact that SMS messages can be received on every phone. Even devices without a (reliable) mobile internet connection are capable of receiving an SMS. This makes the reach of SMS very reliable. Businesses quickly caught on to the benefits of SMS, and it is now the most used business messaging channel.
The reliability, reach, and ease of use of SMS messaging make it an ideal channel for sending One Time Passwords or login codes, especially since all you need is the phone number of the recipient.
RCS, or Rich Communication Services, is often seen as the successor of SMS. RCS offers many rich media features (often seen in other popular messaging channels) in combination with the reach and reliability of SMS. It provides a new way to deliver your messages, or One Time Passwords, directly into the standard messaging channel of the (Android) phone of your customers.
Two Factor Authentication via Email
No access to the telephone numbers of your customers? No problem. One Time Passwords via email are always an accessible option. Customers who feel uneasy about sharing their personal information, such as their telephone number, will often prefer receiving OTPs over email.
Two Factor Authentication via WhatsApp
WhatsApp is one of the most popular social messaging apps today. Two billion people across the world use WhatsApp on a monthly basis, sending about 100 billion messages each day, making it the most-used mobile messaging channel. And it's not just about the global reach - WhatsApp OTPs are encrypted from end to end, making it one of the safest options available.
It's no surprise that WhatsApp Business is also a popular choice for sending One Time Passwords. There is, however, a caveat; You need to have an opt-in from your customers before you can send them their One Time Password or login code.
Two Factor Authentication via Push Messages
Did your customers already adopt your own native app? Then you can also integrate and enable two factor authentication via push notifications within your own app. For example, whenever a customer approves a payment online, have them confirm it on their mobile phone via their own app.
Two Factor Authentication via Voice
Is your business not using online messaging channels? Or does your target audience perhaps benefit from spoken communication rather than written text? One Time Passwords over Voice via a Voice OTP will allow you to reach customers with limited sight, without mobile phones, or destinations that are not reachable by SMS. It's available in different spoken languages and voices.
You can even use Voice as a backup channel, in case your SMS OTPs cannot be delivered. This will push your delivery rates close to 100%
Two Factor Authentication via Authenticator Apps
This is another phone-based option for 2FA. An authenticator app generates codes locally based on a secret key. Authentication apps can be secured and synced across multiple devices and are more often used to secure internal employees.
This option does require the download of another app, which not all consumers are keen on.
Two Factor Authentication via Backup Codes
When purchasing new hard- or software, you will sometimes be presented with backup codes. These are often used when the normal 2FA enables services cannot be reached. For example, if you've lost the phone connected to the SMS 2FA. These hard-copy backup codes are a final fallback and can also be very useful in situations where an internet or phone signal is not available.
The right Two Factor Authentication channel for you
First and foremost, protecting your customers and data should be the top priority for every business. With each technological advance, criminals will find new ways to hack accounts and steal data. Of course, most businesses have their own measures for security, data protection, and compliance in place, but Multi-Factor Authentication can minimise the risk even more.
So, what channel is the best fit for your business? That depends on the use case, strategy, and preference of your customers. With the One Time Password API from CM.com, you can send OTPs via a channel of choice.
Interested? Our experts are happy to help discuss your specific use case and help you choose the perfect messaging channel for your Multi-Factor Authentication strategy.