The way that internet users are accessing the internet has become increasingly mobile.
In fact, mobile internet usage now surpasses the number of users on a desktop.
The tipping point was well over a year ago, and hackers can intercept messages easier than ever due to the lowered security standards.
The implication is that mobile owners protect their phone and computer at any cost because it has more information about your life than you might know!
Many people know the benefits of two-factor authentication (2FA), as almost every resource offers such an option.
Unfortunately, many 2FA approaches are more of a hassle than helpful. For example, one-time passwords provided by SMS messages can be costly, and can take up to several minutes to receive the message which gives potential violators more time to intercept the message.
Along with it, a third party becomes involved in the authentication process as an SMS gateway.
Two-Factor Authentication Issues
These issues plaguing 2FA approaches are enough inconvenience to discourage users from the additional account protection.
Fortunately, there are now better solutions to the problem through Confirm What You See (CWYS).
CWYS is a mobile application that turns the mobile device you are trying to protect as the security token itself. The app helps protect against cyber threats such as automated transfer, replacement and data modification.
With the use of the CWYS functions, the OTP-generation process involves using not only the secret key, time or challenge, but also the transactions/transfer details such as transfer amount, currency, recipient, etc. Thus, even if the password is intercepted, it will be of no use to the hacker.
There are several advantages to such heightened security:
- Possibility to choose the OTP-generation algorithm (according to server response, time)
- Additional application protection through the PIN code
- Possibility to choose the lengths of the one-time password (6 or 8 characters)
- Possibility to create several tokens on one device
- No need to replace the battery, which is often the case with hardware tokens
- Possibility to install the application on Android smart watches
- Data signing functions (CWYS), which protects from such latest hacking threats as automated transfer and replacement.
As security methods are continuing to develop at a prodigious rate, it is nearly impossible to keep up with the best security model without knowing about the types of hacks the device is prone to. – smbtechnologies