ClickCease

MFA BUYER’S GUIDE: 3 Questions to Ask Before Purchasing Any MFA Solution

Here are the three questions every customer should ask when evaluating Multi-Factor Authentication solutions.

August 19, 2022
Fitzwilliam Anderson
Learn More about the author: MFA BUYER’S GUIDE: 3 Questions to Ask Before Purchasing Any MFA Solution
Strategic Content Editor
Share:

Finding the right Multi-Factor Authentication solution for your company can be a daunting experience. When researching various providers online, be prepared to discover many conflicting perspectives on fraud prevention and user experience (UX). Purchase the wrong solution and you could be on the hook for a spike in fraud. To help you navigate the MFA marketplace with confidence and select the right solution for you, we answered the top three most common (and important) questions we get from clients.

Want a one-stop shop for picking the right MFA solution? Download Prove’s comprehensive, accessible, and FREE 18-page Buyer’s Guide.

 

What is Multi-Factor Authentication?

Let’s cover the basics first. Many customers have heard about MFA but don’t know exactly what the term implies. Let’s go to the source. The National Institute of Standards and Technology (NIST) defines Multi-Factor Authentication as: “Authentication using two or more factors to achieve authentication. Factors include:

  1. Something you know: Think passwords and PINs. 
  2. Something you have: Think FIDO keys or phone.
  3. Something you are: This is also called inherence. Think of biometric data like fingerprints, face scans, and voice recognition.

While the MFA framework is not new (even the ATM requires you to swipe your debit card and enter your PIN before letting you withdraw cash), it is increasingly common online. Today, for instance, creating a social media account, signing into your email from an unfamiliar computer, and ordering food online will most likely require you to undergo an MFA process. The reason? MFA is a powerful tool to prevent fraud.

What is the role of one-time passcodes (OTPs) in a modern MFA solution?

Today, the one-time password (OTP) is a commonly used credential that verifies a user’s identity using something you have (a phone). At Prove, we call this ‘running a possession check.’

 

Here’s how it works from the user’s perspective: When a customer first creates an account, they enter their phone number. Later, when they log in or complete a high-risk transaction, a series of random digits is texted to their phone. To continue, they must enter the digits that were texted to them. You probably have first-hand experience with OTPs if you’ve ever logged into your Amazon account from a new computer or opened your banking app on your phone.

 

Although OTPs are extremely popular with consumers and used widely across industries, one-time passcodes (OTPs) are a controversial topic in the digital identity space because of their security vulnerabilities. While almost every fraud expert would agree that old-school OTPs have significant security vulnerabilities (SIM swaps), the question is what to do next. Some experts believe that OTPs should be fortified to protect against SIM swaps while others think it is best to pivot to new technologies altogether. In truth, both parties are probably right. The long-term goal should be to pivot to better authentication technologies while the short-term goal should be to fortify and improve existing security technologies that are already popular with consumers. 

 

Check out the MFA Buyer’s Guide for a comprehensive list of ways fraudsters can steal OTPs and how you can stop them.

 

What should we look for in new solutions?

When investing in a digital identity solution, it’s critical to prioritize user experience (UX). In today’s economy, customers are short on time and want identity verification to be a painless experience. In fact, according to the 2022 Passwords & Authentication Consumer Trends Report:

  • 62% of U.S. consumers said they’d abandon trying to log into an account after just three failed password attempts
  • 51% would switch brands as a result of slow identity verification
  • 34% would switch providers if they’re unable to log into their accounts easily. 

Because time is a priceless commodity in today’s fast-paced world, speed is critical. Prove’s Multi-Factor Authentication (MFA) Buyer’s Guide: How to Upgrade to True MFA provides actionable tips on how to improve UX and accelerate authentication on the back-end without breaking the bank.

Conclusion

This brief Q&A only touches the surface of all there is to know about Multi-Factor Authentication. If you want to take a deep dive into MFA, check out Prove’s Multi-Factor Authentication (MFA) Buyer’s Guide: How to Upgrade to True MFA. This comprehensive and accessible guide covers the following: 

 

  • A landscape of the different types of available authenticators
  • How you can fortify your current OTP authenticator ASAP while you work to replace it with stronger authenticators
  • The goals/KPIs for new authenticators coming to market
  • A checklist of critical elements you should think about when selecting and deploying MFA solutions/authenticators.
  • Guidelines for deploying next-generation authenticators when you are ready to do so

 

Download the MFA Buyer’s Guide today or schedule a meeting with one of Prove’s in-house digital identity experts.

The modern
way of proving identity

Trusted by 2500+ leading companies to reduce fraud and improve consumer

Fitzwilliam Anderson
Strategic Content Editor

Keep reading

See all blogs
Read the article: Account Takeovers: The Silent Revenue Killer
Blog
Account Takeovers: The Silent Revenue Killer

Account takeover (ATO) fraud is rapidly becoming one of the biggest threats facing digital marketplaces and gig platforms. Learn how ATO attacks work, why they are accelerating, the latest fraud trends and statistics, and how continuous identity verification helps organizations prevent account takeovers while protecting revenue, customer trust, and user experience.

Blog
Read the article: The Silent Drain: How SMS Pumping Is Bleeding Digital Marketplaces Dry
Blog
The Silent Drain: How SMS Pumping Is Bleeding Digital Marketplaces Dry

SMS pumping fraud is silently increasing verification costs for digital marketplaces by exploiting OTP workflows. Explore how these attacks operate, why traditional SMS authentication is failing, and how proactive phone intelligence can prevent fraud before an SMS is sent.

Blog
Read the article: Prove and Baselayer Partner to Bring Real-Time Business Verification to ProveX
Blog
Prove and Baselayer Partner to Bring Real-Time Business Verification to ProveX

Prove and Baselayer simplify business verification by combining trusted identity, real-time KYB intelligence, and seamless onboarding into a single workflow without requiring additional verification steps.

Blog