Two-Factor Authentication: From Hassle to Necessity

10

With the holiday shopping season right around the corner, businesses will need to double down their efforts to verify their customers at rapid speed and security. Enter Two Factor Authentication (2FA), which, contrary to popular belief, does not have to be a hassle. CEQUENS Product Manager, Hussein Al-Safy explains the road ahead for 2FA.

What do customers look for when embarking on a shopping spree? For most of us, a website that looks good, is user-friendly, intuitive, and easy to maneuver from start to finish is a website we are likely to visit again. Whereas websites that feel heavy, impenetrable, or focus on security at an inconvenient level are websites we would rather not have to deal with, ever. Both types of websites mean well, but you would think that technology would’ve found a solution that gives you the best of form and (security) function by now.

The truth is, there is a solution, which is Two-factor authentication (2FA). Not only is it considered by security experts as one of the most effective ways to protect data and systems against even the most sophisticated of attacks and resourceful attackers, but done right, the process can be completely hassle-free.​ Yet, with paltry adoption rates and a general resistance by users, suffice it to say users find 2FA to be annoying.

I am here to tell you that it is not. By adding extra layers of security to existing login functions, you can verify user identities through either something you know, such as a PIN or a password, or through something you own, such as an email address or a mobile device. Not only is the process simple, but it is also necessary. Regulated industries such as financial services, healthcare, and e-commerce are under regulatory pressure from bodies such as PCI, HIPAA, PSD2, DFARS, NIST, etc. to implement authentication for privileged access. It is now mandatory for cyber insurance requirements to prevent unauthorized access to servers, workstations, and remote desktops.​ Additionally, according to Gartner, enterprises that rapidly expand remote access without implementing Multi Factor Authentication (MFA) will experience 5 times as many account takeover incidents as those that use MFA.

So how can you make 2FA a must without compromising on CX? My advice would be to look for technology that understands the challenge. As a business you will need to look at solutions that are seamless, offer multichannel support, provide accessibility features such as biometrics and hardware tokens, and mostly importantly, offer high speed verification.

Moreover, it is time to change the narrative as far as 2FA is concerned. Is security a hassle or an essential yet simple step that keeps cyber threats at bay? We’re currently working towards that objective at CEQUENS with cybersecurity awareness projects geared towards sectors that need them the most – namely finance and banking, logistics, e-commerce, and healthcare. With enough education over time and with greater service reliability, we can get somewhere where 2FA/MFA is a quick step we all accept as a way to keep cyber criminals at bay.