When it comes to authentication methods, there are quite a few different options worth checking out. Most people are well aware of some basic methods like passwords and two-factor authentication. However, there are alternative approaches well worth considering for those who desire additional security. All of the methods listed below are strong authentication methods, which also means they may be less convenient than some people would like.
4. Out-of-Band Phone Verification
While relying on any form of two-factor authentication is always a bit of a risk, out-of-band phone verification seems to check a lot of the right boxes. This method relies on calling a registered phone number for authentication purposes. Certain banks around the world implemented this method some time ago. The bank calls a registered number and asks users to enter their password over the phone. This method works well, assuming no one changes his or her registered phone number.
3. Peripheral Device Authentication
One of the newer types of authentication that is worth considering is called peripheral device recognition. The concept is self-explanatory, as peripheral devices are used as a second authentication factor. In most cases, this requires users to place a cryptographic marker on their existing devices, which could be virtually anything. For instance, one could utilize a USB drive or an external Blu-ray player. The only requirement is that it must be connected to one’s computer and recognized as a connected device.
Once the device is connected to the computer, the user can then log onto the platform supporting peripheral device recognition as an authentication method. This is a more than viable alternative to traditional two-factor authentication used by many platforms today. It is not the most convenient solution, although most people have at least one device on them at all times to use in this way.
Taking things one step further than two-factor authentication, 3FA is highly experimental at this point. Adding more layers of security is never a bad idea, even though it does not necessarily make for a convenient solution. There are different types of authentication which can be used as an additional factor, including biometrics such as retina scan, palm vein scans, or fingerprints. Most smartphone users will be familiar with using fingerprint scanning to access their devices, rather than using a password or an unlock gesture.
Although three-factor authentication uses biometrics as an additional measure most of the time, pure biometric authentication is also a viable option. Fingerprint scans, retina scans, and even voice recognition are some of the more common types of biometric authentication available. Making these concepts foolproof has been the challenging part, however. It is possible to use a recording to bypass voice authentication, for example. However, technology continues to evolve and it is now more difficult to trick authentication methods than ever before.
It appears the financial industry is gravitating towards replacing passwords with biometric authentication. Consumers seem to prefer using this method as well. A recent study showed that 93% of consumers prefer biometric authentication over traditional solutions such as passwords or one-time codes. It will be interesting to see whether frictionless biometric authentication becomes the new norm in coming years.