Keywords Explained: MFA

Keywords Explained: MFA

MFA, which stands for multi-factor authentication, is an authentication method that requires users to combine two or more verification methods that differ in nature. They are typically based on knowledge (something you know, like a password), possession (something you have, like a smartphone) and inherence (something you are, like fingerprints and other biometric information). MFA is effective in preventing unauthorized access by third parties and identity theft, and it enables user identification with higher accuracy.

MFA provides more accurate identification and enhanced security

Different types of information that can be used for MFA are as follows.

SYK: Something You Know Information known only to an individual, such as login passwords for web services, phone numbers, secret questions, etc.
SYH: Something You Have Information on things owned by an individual, such as cash cards, driver's licenses, one-time passwords for login, etc.
SYA: Something You Are Information about a person’s biometric characteristics. This could include facial recognition and fingerprint recognition information for unlocking a smartphone, for example. Biometric information is particularly difficult to fake so has a low risk of loss or theft.

Since each of these different elements proves the identity of the user, combining these elements allows greater accuracy for identification. In addition, even if one authentication method is breached, another factor must be used to authenticate the user. As a result, MFA effectively strengthens security by preventing unauthorized logins and identity theft.

Difference between two-step and two-factor authentication

Two commonly used identification methods are two-step authentication (2SA) and two-factor authentication (2FA). 2SA refers to verification done through two stages. Different elements may be combined, or information from the same element may be used to authenticate in two steps. On the other hand, 2FA refers to verification that combines two different elements among three authentication elements, which inevitably results in 2SA.

(Posted on September 12, 2022, Original article posted on August 8)
by SoftBank News Editors