Multifactor Authentication sounds like a very grandiose and complicated process, but in actual fact the principle behind it is quite simple. One method of authentication can conceivably be falsified but using two or more makes it infinitely more complicated to achieve and makes it much easier to fully secure your access points.
Something you Know, Have and Are
Multifactor Authentication took root in the access control world with the advent of biometric technology almost two decades ago. If you want to ensure a person is who they say they are, then using part of the human body is the most obvious and least corruptible method of proving identity.
Using the unique traits of the human body adds a level of authentication that is hard to beat – it’s no simple process to impersonate someone else at this level. How would you realistically impersonate fingerprints, a retina scan or even a sophisticated voice analysis? (yes, you could impersonate a voice, but modern detection systems can look at the whole underlying vocal pattern detecting subtle differences).
Excellent Multifactor Authentication uses a combination of attributes – ‘Something you know’ (such as a password or PIN) ‘Something you have’ (such as a smart card, token or fob) and ‘Something you are’ (such as a fingerprint, iris scan or other biometric method). You can use two, three or more methods to ensure the likelihood of a breach is highly unlikely.
Whilst biometrics kick-started the Multifactor Authentication approach, it has been further accelerated by the boom in the use of mobile smartphones as authentication devices. Bluetooth Low Energy systems have become popular as they offer excellent security and convenience for users with a minimum of cost and fuss involved in authenticating the user.
Using a Bluetooth Low Energy system offers a further level of security as the authenticated smartphone is needed to turn the security system on in order to recognise it in the first place. In practice this is seamless for the authorised person, but ‘under the bonnet’ the security system is making multiple checks to ensure it’s not being fooled by an imposter.
There are very practical advantages to this approach too – it’s fair to say most people either own or have access to a smartphone/smart device and they are highly affordable and easy to use. Generally, we all carry a smart device around with us at all times too, so we are less likely to leave it behind or lose it.
For the security operator its also a great approach. The smartphone offers easy to establish Multifactor Authentication but equally, it reduces the costs and inconvenience of having to issue cards/fobs. The details can also be quickly updated (removing older credentials and adding new ones), usually without the smartphone even needing to be present.
Greater Security in a Hyper-Connected World
Undoubtedly Multifactor Authentication will become even more important as we all move into a fully connected Internet of Things (IoT) world. The security at the endpoints (the places where the outside world is granted access to secure areas) is vital to the security network as a whole.
We are already seeing that physical and IT security are becoming closely linked – a breach of physical security has the potential for far-reaching consequences. Therefore, Multifactor Authentication that is stringent but also easy for people to use is vital.
TDSi has courted Multifactor Authentication for several years (our highly popular DIGIgarde PLUS reader being a prime example) and it’s clear this is a level of security that is already essential for any facility that needs watertight access control.
Undoubtedly, we will see increasing numbers of security factors being introduced into access control systems in the future to ensure we are always several steps ahead of potential intruders!