Any authentication solution that delivers any factor of the identification process through a mobile device is utilizing mobile authentication. This could be a one-time password transmitted through SMS text message or even email. Even an application on a mobile device that generates an OTP offline is also considered to be mobile authentication.
1.855.DYNAPASS
DynaPass Authentication Glossary
Posts Tagged ‘one time password’
Smartphone
Mobile phones with more advanced computing platforms are known as smartphones. Smartphones typically run applications with more functionality than traditional mobile phones as well as offering higher resolutions, touch screens and web browsing capabilities. Some authentication methods utilize smartphone technology for transmission of a one-time password through mobile applications.
Out-of-Band Authentication
Authentication that requires utilizing a separate network for transmission of identification factors is considered out-of-band. An example would be during two-factor authentication when a user logs into an online banking account. When a bank account holder logs into the banks website from their home computer with traditional login credentials a one-time password may be delivered to their mobile phone through SMS text message. This mobile OTP is an out-of-band authentication solution because it utilizes the cellular phone company’s network for transmission as opposed to the network which established the connection.
Authentication Token
During multi-factor and two-factor authentication processes a device may be used for one time password generation or OTP transmission. Known as an authentication token and ranging from a proprietary device to a regular mobile phone these tokens are used for out-of-band authentication. Many times when discussing the cost of authentication security the token is mentioned due to the costs associated with hardware creation and network expenses. Downsides to tokens are that they can be misplaced, stolen or broken.
Two Factor Authentication – Dual Factor Authentication (2FA)
Two Factor Authentication (TFA or 2FA) is also called strong authentication and is a security process which requires two independent mechanisms for authentication. Two factor authentication implies the use of two out of the three factors to assert an entity’s identity to another entity. The three factors are: Something you know, like a Personal Identification Number (PIN); Something you have, like a mobile device for receiving a one time password or ATM card; Something you are, like a face scan, iris scan or your fingerprint. Two factor authentication is used generally in electronic computer authentication where stronger means of authentication is needed to protect sensitive data. For example, electronic personal health information (ePHI) on a computer accessed by many different individuals can be exposed and can result in HIPAA fines and violations for the medical institution. Two factor authentication can be used in these instances to decrease the probability of a non authorized user to access this information.
One-Time Password (OTP)
A one-time password (OTP) is a password that is only valid for one session or transaction. Unlike traditional static passwords, one-time passwords are not vulnerable to replay attacks. This means that if a potential intruder manages to record an OTP that was already used to log into a service or to conduct a transaction, he or she will not be able to use it again since the password is no longer valid. One-time password generations are random which make them hard to predict. There are different ways to make the user aware of an OTP. Some systems use electronic tokens that the user carries that generate a one-time password and show them using a small display. Other systems focus on software that run on a user’s mobile phone and there are systems that generate one-time passwords on the server side and then send them to the user using an out-of-band channel such as SMS messaging.
See DynaPass Two-Factor Authentication
See DynaPass One-time Password
Solutions
Resources
Awards & Affiliations
Follow Us On
Copyright © 2015 DynaPass Inc. All rights reserved.
Terms & Conditions |
Privacy Statement