Second-Factor Authentication (2FA) has been implemented across Europe under the PSD2 regulation and is helping protect consumers with online fraud. In a new case study, Electronic IDentification has explored the technology.
Data from the European Commission claims that 56% of citizens in Europe have been the victim of fraud or hacking. One of the causes of this is a weakness in online credentials. Despite advice, many people still make their passwords simple and easy to crack, leaving their online banking or payment details vulnerable.
Research from Ata Hakçıl found that one in 142 passwords is still 123456, which is not secure.
The second-factor authentication, which also goes by two-step authentication or two-step verification, ensures online verification needs to be backed by two methods, instead of one.
These multi-factor authentication processes boil down to three separate styles. These are knowledge-based verification such as a password or a PIN, an item in possession like a credit or debit card, and finally biometrics which is most commonly a fingerprint.
In its post, Electronic Identification said, “Although a password being hacked and having a stranger accessing our personal account of streaming video services and platforms is a grievance, this is not comparable to the one that may arise when doing so to access to our online bank account. That is why, access to sensitive services and platforms such as banking or financial entities should always opt for identity verification and two-step authentication systems.”
This process came under the PSD2 regulation as the SCA ruling. This required European companies accepting electronic payments to confirm their customers through 2FA.
A common system leveraged for 2FA is facial recognition, which is technology that can identify someone based on a static image of a user’s face or through a short real-time video. The technology analyses points of the face to ensure it is the right person.
The post said, “High-security biometric facial recognition has great advantages compared to, for example, OTP by email or SMS, which can be hacked more easily, or a fingerprint, which requires a fingerprint reader that is not present in all electronic devices.”
Electronic Identification’S SmileID provides this facial recognition technology and is used in dozens of systems for second factor authentication, it said.
“This technology complies with the highest security standards such as AML5 (or 5AMLD), eIDAS and all KYC (Know Your Customer) controls to offer the same technical and legal guarantees as face-to-face identification. In the same way, it offers total reliability thanks to its proven artificial intelligence algorithm and its machine learning model.”
To read the full case study click here.
Copyright © 2018 RegTech Analyst