MFA, or Multifactor Authentication (sometime one will read “multi-factor”), is now a recommended practise. It is even a must for many businesses. There is no point managing fined grained access rights and solving the WWWW (Who/What/When/Where) problem if the user identity isn’t guaranteed at 200%.
Multifactor authentication (MFA) as an heritage
Multi-factor authentication has been introduced in EZC Group’s lineup since 2012 with the YobiDrive key that combined two features:
- Authentication
- Private key release for vault mode
Featuring a message allowing the user to authenticate the transaction to be validated, the 2012 YobiDrive key introduced a mechanism now mandatory since MiFID II.
Multi factor authentication for the masses
EZC Group S.A. has integrated since 2013 the OATH OTP engine in Confidentializer’s core as an addition to the more feature rich mechanism introduced by the 2012 Key. This addition has been made to solve the following problems:
- Although now a mandatory feature, multi-factor authentication is still a complex feature to integrate
- Many site owners don’t have a business model that can afford paying a per user premium for running MFA
- While running OATH OTP site owners want to be able to run other means of authentication for specific users
Initially developed as an option, the OATH OTP token management is now part of the core.
As matter of fact there are other solutions for MFA on the market, the key value of Confidentializer is to make fully customised and integrated solutions possible, such as a second factor directly integrated in your solution’s mobile app, offline or online.
And as always with our products there won’t be a per user premium for integrating MFA.
