Is OTP safe enough?
The answer is NO. OTP
hacking is way easier than you think. You would know how easy it is to hack the
OPT by just seeing postings on Google. OTP is still one-way authentication and
it’s like you’re strongly authenticated but to the wrong person. It’s no longer
safe. So people are talking about 2-factor authentication (2FA) as a common
alternative method. But quite many of this solutions out there are using 2
different factors to identify a user but using same channel where the user inputs
their information, which is vulnerable to MitM(Man-in-the-Middle) attack. MitM
is an attack where the attacker secretly relays and possibly alters the
communication between two parties who believe they are directly communicating
with each other.(source: Wikipedia)
What if there’s a better way to authenticate in
more secure and economical way?
2WayPIN splits personal information and input each part using
two different channels – PC and mobile phone - to ensure personal information
protection as well as user authentication. The personal information here can be
the user’s bank account no., ID no. or credit card no. and such.
As shown above,
the user inputs a part of his/her personal information into a PC under internet
connection and the other part into his/her mobile phone using landline. 2WayPIN
leverages something the user already knows (bank account no., ID no, credit
card no.) and something the user carries almost at all times (mobile phone),
which makes the service pricing more competitive. But most importantly, it
ensures robust security, not to mention user verification by separating a data
input channel from an authentication channel.
Were your
credentials already stolen? Don’t worry! Even though somebody cracked your credentials,
they still need to go through a second level of authentication with the phone
the user carries in order to get access with your credentials.
Remember your customers are a lot more sensitive
to security than you think. Do not wait and see your customers leave for this
reason.
In today’s world of digital and FinTech, your customers
access online from everywhere and they know hackers are getting smart. Build
customer loyalty and save your budget on security with 2WayPIN.
How does 2WayPIN benefit online service providers and users?
- Quick & Easy
Enter info directly to the phone while you had to get a passcode and enter it into PC in conventional methods like OTP, SMS - Secure
Never input the full information of personla data - Cost-effective
Use the information that the user already know
Use mobile app without the need of H/W - Seamless
24/7/365 seamless service operation - Interoperability
Integrate with 3rd party system using API - SaaS Delivery
Authentication-as-a-Service
Comments
Post a Comment