Since its appearance in the 1980s with security tokens, dual authentication has made its way into our daily lives, with our smartphones and email addresses as the main levers.
While the benefits of 2FA are undeniable(it reduces the risk of account hacking by 99%), its implementation must be preceded by a state-of-the-art Data Quality Management policy.
Once upon a time, double authentication
A little history first! The first version of multi-factor authentication dates back to the security tokens invented in the 1980s. Computer security company RSA pioneered the concept with SecurID (1986). This was simply a hardware token generating single-use numerical codes. Users had to enter this code in addition to their usual password to access a system, thus achieving a somewhat archaic form of double authentication.
It wasn't until the democratization of smartphones in the 2000s that multi-factor authentication became an integral part of our daily lives, with the SMS code complementing the usual password.
The concept quickly became a security standard for many online services, with various methods such as authentication applications, security keys, SMS, smartphone button clicks and so on.
In concrete terms, what is double authentication?
Double authentication, often referred to as "2FA" for two-factor authentication, is a security mechanism in which users provide two distinct types of proof of identity before they can access an account or system.
The idea is to add a layer of security so that the compromise of a single authentication element (e.g., a password) does not allow access to an account or service.
The 2FA is most often based on a combination of two of the following three factors:
- What the user knows. This is usually information that only the user should know, such as their password, PIN, the answer to a security question, etc.
- What the user owns. This refers to devices or hardware in the user's possession, such as a smart card, security tokens (like RSA's SecurID), a smartphone (on which the authentication code can be sent by SMS or generated by an application) or a USB security key.
- What the user is. This category refers to biometrics. We're talking about physical elements unique to the individual, such as fingerprints, facial recognition, iris recognition or, more rarely, voice recognition.
For a system to be considered as using double authentication, it must impose two of these three categories before allowing access. For example, withdrawing money from an ATM requires a bank card (which the user has) and a PIN (which the user knows).
By imposing this additional requirement for access, 2FA significantly reduces the risk of unauthorized access, even if one of the authentication factors has been compromised.
Double authentication: the craze in figures
According to Google, there are now over 15 billion accounts protected by dual authentication. In detail:
- 61% of Internet users have activated 2FA on at least one of their accounts;
- SMS(73%) and email(64%) are the most frequently used methods;
- The 25-35 age group is the biggest adopter of the 2FA.
There are a number of benefits to this craze:
- Since 61% of Internet users use the same password for several services, 2FA is often the only "valid" layer of protection if the first security factor is compromised;
- 81% of security breaches are due to weak or stolen passwords;
- According to Google, 2FA reduces the risk of account hacking by 99% to 100%.
Double authentication is therefore very popular with users. On the corporate side, 2FA is not just a cybersecurity solution. It's also a reassuring factor for customers, particularly when it comes to creating an account or using software or applications. That's why 62% of the companies surveyed by Zippia offered 2FA on their solutions and websites.
Dual authentication: what are its applications in the enterprise?
Companies can integrate 2FA into their website, product range and internal tools to protect their data, employees and customers.
| Application | Details |
| Online customer area | If the company offers an online customer area (such as an account portal, subscription service, e-commerce, etc.), it may require a 2FA to access accounts. |
| Access to company intranet and extranet | To protect internal resources and sensitive information, especially if employees, suppliers and/or customers access these resources outside the company network. |
| HR Systems | For employees to access their pay slips, for example. |
| Corporate mobile applications | For banking applications, order tracking, etc. |
| Online training | For companies offering training courses, webinars and other online content. The 2FA ensures that only registered participants access these exclusive resources. |
| Collaborative platforms | Platforms for project management, team communication, etc. |
| Loyalty programs | Point-based loyalty programs, sponsorship, etc. |
Data Quality Management:
an ESSENTIAL prerequisite for 2FA
The whole principle of 2FA is based on the use, processing and validation of user data. If this data is unreliable, inaccurate or obsolete, the mechanism loses all meaning, especially if it relies on sending an SMS or email. This is where Data Quality Management (DQM) comes in.
#1 Real-time data validation
How does it work? DQM tools incorporate algorithms that instantly check the structure and validity of data entered on forms. For example, for a telephone number, the system will check the length, format and "plausibility" of the number according to the country of origin.
Application to 2FA: when the user enters a telephone number to receive a 2FA code, real-time validation ensures that the number is correct before integrating it into the database.
#2 Data update
How does it work? DQM tools have audit and tracking functions that identify obsolete or inconsistent data. They can, for example, detect telephone numbers or email addresses that have not been used for a long time, and prompt the user to confirm or update this information (through activity logging, analysis of email bounces, SMS interactions, etc.).
Application to 2FA: when the user tries to log in after a long period of inactivity, the system may request confirmation of 2FA information.
#3 Data standardization
How does it work? Data standardization aims to convert entries into a standard format, regardless of how they were originally entered. For example, telephone numbers may be entered with or without international dialling codes, or with various separators (dots, hyphens, spaces). Your DQM tool will normalize them into the correct format.
Application to 2FA: if a user living abroad registers for 2FA, standardization guarantees that his or her number is correctly formatted and recognized by the system, whatever the country.
Data Enso, data quality for security
Data quality is therefore vital to the successful implementation of dual authentication, both for security reasons and as a matter of user experience.
As a Data Quality Management specialist, Data Enso offers you intuitive, 100% RGPD-compliant tools to clean up your existing database(batch processing) or integrate a preventive solution into your contact forms to avoid the registration of erroneous information.
Don't take risks. Make sure your 2FA is based on solid, reliable and up-to-date data. Put us to the test!
