Content

Scroll back

Whitepaper Multi-Factor authentication

Authentication is an important topic for modern online applications. Authentication is a complex issue. Many applications tend to externalize the authentication process itself to specialized online services, called identity provides (IdP). These IdPs provide an assertion with the user’s identity based on a certain level of assurance to the application.
Authentication standards like the NIST EAG and the ISO 29115 define authentication assurance levels, including features and requirements to fulfill these levels. Higher authentication levels require multifactor authentication. Currently three categories of authentication factors exist. These are possession (for example a secure token), knowledge (for example a password) and inherence (for example a fingerprint).
The technological development is very fast paced. This also includes new attack vectors against existing authentication methods and new technologies, that can be used to create new authentication methods. IdP need to adapt quickly to such changes, because potentially many applications are influenced by the current state of the IdP’s authentication methods. IdP’s again can utilize the concept of externalizing the authentication within their own system to create a highly flexible and adaptable agile authentication system. The main IdP executes different authentication methods which are connected by standardized authentication protocols. This design provides the possibility to exchange authentication methods quickly and without downtime.
Scroll forward