Sep 21, 2020
Second-Factor Authentication with Facial Biometrics – Use Case 7/22
Currently, Second-Factor Authentication (2FA) is one of the most widespread methods to prevent online fraud. Just within the European Union, more than half of consumers have suffered fraud in the past two years. Data from the survey carried out by the European Commission show that 56% of the citizens of Europe have been the victim of fraud or hacking.
A great part of that fraud is associated with authentication in digital applications. We do not always choose passwords completely secure for applications with which we carry out delicate procedures, such as banking or others related to payments or purchases. This is where the second authentication factor comes into play as an extra security solution.
What is Second-Factor Authentication?
Second-Factor Authentication (2FA), also named as two-step authentication or two-step verification, is the process by which the identity of a user is verified by an additional second way with an alternative method of identification different to the primary one.
It is an extra security measure that reinforces the user’s first authentication and verification measure. Systems that include two-factor authentication have almost inviolable security, far surpassing simple password methods.
Second-Factor Authentication is framed within the processes that we know as Multi-Factor Authentication (AMF). These processes are essential for certain types of identity verification procedures where a high level of security is required, although they are already beginning to be implemented on many platforms.
Although a password being hacked and having a stranger accessing our personal account of streaming video services and platforms is a grievance, this is not comparable to the one that may arise when doing so to access to our online bank account. That is why, access to sensitive services and platforms such as banking or financial entities should always opt for identity verification and two-step authentication systems.
These control methods ensure that the user is granted access to the system only after presenting two or more different evidence pieces of his identity. These controls, among others, can be:
- Physical objects: credit card, electronic chip, NFC chip, key …
- Biometric characteristics: facial recognition, smile and/or gesture recognition, fingerprint recognition, iris, use of voice. ..
- Alphanumeric password: Numeric pin, complex passwords, answers to questions that only the user knows …
- Graphic password: Symbols or set of tactile movements, line patterns …
- Single-use passwords: Also known as OTP (One-Time Password), is a code that can be received by SMS or mail to which only the specific user has access.
In this way, the combination of two of these controls or identity tests creates a two-factor authentication system that prevents a foreign agent with criminal intentions from accessing our data, systems, services and management platforms without our consent.
Get an in-depth look at how digital identification shields security in this comprehensive guide.
Facial recognition systems
A two-step verification system that includes facial recognition as one of the security controls for authentication on the platform and/or service is one of the most secure and complex methods.
Facial recognition is a method of identifying a subject by an image, video or audiovisual piece showing his face. This biometric identity test is secure and complex, as it extracts a series of unique mathematical patterns from the face of the user to be identified and compares them with the already registered identity of the subject in question.
There are facial biometrics systems that not only take as a reference a static image of the user’s face (being this an incomplete and unsafe system), but also carry out identity verification with real-time video, analyzing smile and gestures in such a way that security authentication and verification is complete. This video identification systems are covered against possible attacks such as deepfakes.
High-security biometric facial recognition has great advantages compared to, for example, OTP by email or SMS, which can be hacked more easily, or a fingerprint, which requires a fingerprint reader that is not present in all electronic devices.
Request a free demo of SmileID, the new standard in facial biometrics security.
How does biometrics work for second-factor authentication?
The second facial-biometric authentication factor can be used in any Strong Customer Authentication (SCA) strategy with multi-factor as a frictionless and hard alternative with top-level security.
Two-step verification with facial recognition allows companies to accept payments easily and simply and log in their users. For example, in an e-commerce platform or in two-factor authentication to log in to applications or systems in the banking and financial sector. It is also possible at ATMs.
The process is simple, fast and agile:
- The platform and/or system requests the usual password or pin, or the first chosen authentication factor.
- Then, the user is asked to show his face, as a second factor.
- The user is asked to smile broadly at the camera.
- The system performs the appropriate security checks background (in milliseconds).
- Once the identity has been validated, access is granted, payment is processed or the appropriate action is taken on behalf of the user.
This process, carried out by video-identification in streaming real-time, complies with the maximum guarantees, unlike systems with selfies that cannot really be considered a second factor of authentication with facial recognition.
SmileID, revolutionizing multi-factor authentication
This technology complies with the highest security standards such as AML5 (or 5AMLD), eIDAS and all KYC (Know Your Customer) controls to offer the same technical and legal guarantees as face-to-face identification. In the same way, it offers total reliability thanks to its proven artificial intelligence algorithm and its machine learning model.
Integration of SmileID as one of the controls in a second-factor authentication system is easy through an API or even through a button on the platform of the company, organization or service.
Request more information on facial biometrics for two-step authentication by contacting eID here.