多因素认证-可信身份认证-双因子身份认证技术-Authing身份云以开发者为中心

Challenges facing modern enterprises and organizations

The rapid development of big data, the Internet, and 5G, while bringing unlimited development opportunities to mankind, has also spawned a large number of information leakage incidents. According to the "IBM 2020 Data Breach Report", the average total cost of a data breach is 3.86 million U.S. dollars (approximately RMB 25.21 million)

For companies, the cost of data breaches is getting worse. On the one hand, companies will be punished by regulators. For example, British Airways was fined 204 million euros by the Office of the Information Commissioner (ICO) for data breaches. On the other hand, once a data leak occurs, it will not only make the company lose the trust of customers and users, but also affect the company's long-term development.

Therefore, the use of multi-factor authentication (hereinafter collectively referred to as MFA) has become a basic means for enterprises to prevent data leakage. Multi-factor authentication requires users to use at least two factors to verify their identity, and only after passing the verification can they access applications, which is rapidly spreading among enterprises.

At the end of last year, LastPass conducted a survey of 47,000 companies and found that 57% of companies worldwide are currently using multi-factor authentication, an increase of 12% over the previous year. Statistics also prove the effectiveness of MFA. Earlier this year, Microsoft reported that 99.9% of the illegal accounts it tracks did not use multi-factor authentication.

Authing multi-factor authentication core function

Authing guarantees business security through multiple authentication methods

Customized authentication process, one-key open, simple operation

Support equipment environmental data reporting, multi-dimensional analysis of security levels

Support configuration strategy to achieve environmental risk adaptation

Also suitable for in-app permission control scenarios

Integrated into the universal login component (Guard) by default

User data management, behavior log query

Provide SDK and open interfaces to help developers quickly call-related capabilities and build custom user management pages

Multiple authentication methods to improve corporate identity security

Mobile token

SMS/email verification code

Compatible with third-party authenticators

Biometrics

Graphic lock

Mini Program Certification

Mobile token

With strong dynamic OTP password verification, it helps protect account security and avoid malicious attacks.

Advantages of Authing multi-factor authentication

Empower Authing applications to quickly enable multi-factor authentication (MFA), and immediately improve application authentication and access security levels

Developer friendly

Provides an out-of-the-box client SDK to facilitate client developers to quickly implement MFA

· Support multiple terminals: Web, iOS, Android

· Built-in multiple multi-factor authentication terminal components, such as OTP, verification code, fingerprint unlock, facial recognition, graphic lock, etc.

· Only need to call a method to evoke the MFA certification component, get the certification result, and complete the certification process

Custom data reporting

Customized data reporting, participating in the process to initiate decision-making, covering more complex and refined scenarios

· Support data reporting during Authing SDK initialization

· Support timing data reporting

· Support active data reporting during application runtime

Strategy-based

The trigger conditions for multi-factor authentication are based on custom strategies, and the strategy system is simple, efficient, complete and flexible

· Simple: you don’t want to configure a complicated strategy, you can use the default security strategy or preset hit conditions

· Efficient: Millisecond level judgment strategy hits, multi-factor authentication is immediately aroused; based on the good user interface

· Complete: The strategy is described based on functional expressions, and developers can obtain enough information (including but not limited to user information, equipment, network, location, behavior, custom report data, etc.) to write strategy hit logic

· Flexible: Hit judgment based on multiple methods at the same time

Simple configuration

Based on a friendly user interface, quickly configure multi-factor authentication for specific applications

· One-click on/off multi-factor authentication

· One-click to enable the default security policy, no need to understand the policy configuration, can also greatly improve application security

· Preset dozens of important and commonly used strategy hit conditions, which will take effect upon selection and can be used by non-engineers

Adaptive multi-factor authentication, higher performance choice

Compared with traditional multi-factor authentication, "adaptive" multi-factor authentication can choose to apply different MFA methods according to the current security situation, so as to ensure security while also taking into account the user experience. "Adaptive" multi-factor authentication provides a more flexible and intelligent verification strategy.

When the user goes through the authentication process, "adaptive" multi-factor authentication generates multiple "key elements" for the currently logged-in user

User attributes

Such as user name, password, user identity and other attributes and information of the user

Location awareness

Location awareness is divided into the virtual location (IP address) and physical location (country, region, etc.)

Request source

Judge the source of the current user’s request, such as hardware device information, the user’s current system, etc.

Biometrics

Use the user's biological information for identification, such as fingerprint information, face recognition, etc.

Behavior analysis

A series of user behaviors such as whether it comes from a commonly used login location, whether the wrong password is entered multiple times, and the user's previous operation records

MFA industry use cases

In general, we see a tendency to use MFA in industries dealing with sensitive data, such as insurance and banking. There is no additional identity layer in these vertical domains, so there is an urgent need for MFA.

MFA is one of the best ways to prevent accounts from being stolen. If an attacker wants to invade an account protected by MFA, he not only needs to steal credentials, but also needs to verify additional factors. MFA greatly increases the time and energy required by attackers to invade accounts, so it is difficult for them to carry out large-scale attacks.

Authing can centrally configure a variety of authentication factors other than passwords, including dynamic token, certificate, face, fingerprint and other biometrics. It can integrate a variety of common third-party authentication sources. At the same time, the developer API is provided to support other applications to use the identity authentication ability of IDaaS.

Financial system

Educational system

Government affairs system

Ensure access to financial data

In order to protect financial data and online transactions from criminals, multi-factor authentication (MFA) of Authing is used to verify the identity of users.

When logging into financial websites and apps, the MFA of Authing sends authentication information to users' smartphones to prevent unauthorized access.

When conducting financial transactions, the MFA of Authing double verifies the user's identity to ensure the identity security of trading partners and protect online transactions from criminals.