Comparison of authentication solutions

Authentication is the act of confirming the truth of an attribute of a single piece of data (a datum) claimed true by an entity. Out of different types of authentication Two-factor authentication is a technology that provides identification of users by means of the combination of two different components. There are number of Two-factor authentication and Multi-factor authentication providers around us. Multi factor authentication products can provide significant benefits to an enterprise, but the technology is complex and the tools themselves can vary greatly from provider to provider.

Legend

The term "Phishing" refers to attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.

"Malware", short for malicious software, is any software used to disrupt computer operations, gather sensitive information, gain access to private computer systems, or display unwanted advertising.

"Password guessing" refers to cracking of password which is the process of recovering passwords illegally from data that have been stored in or transmitted by a computer system.

A "man-in-the-middle attack" (often abbreviated to MITM, MitM, MIM, MiM attack or MITMA) is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other

"Server side data breaking" refers to an incident in which sensitive, protected or confidential data has potentially been viewed, stolen from servers or used by an individual unauthorized to do so.

"shoulder surfing" refers to using direct observation techniques, such as looking over SomeOne's shoulder, to get information. It is commonly used to obtain passwords, PINs, security codes, and similar data.

"OTP interception" refers to that service provider sends the one time password to user's contact(SMS, E-mail, etc) for authentication purpose, but that doesn't reach the user possibly intercepted by fraudulent person.

"Side channel vulnerabilities" allow attackers to infer potentially sensitive information just by observing normal behavior of software system, Attacker is a passive observer

"A Hardware Token" is an Authenticator in the form of a physical object, where the user's interaction with a login system proves that the user physically possesses the object. Proving possession of the Token may involve one of several techniques.

A "software token" is a type of two-factor authentication security device that May Be used to authorize the use of computer services. Software tokens are stored on a general-purpose electronic device such as a desktop computer, laptop, PDA, or mobile phone and can be duplicated. This is in CONTRAST to hardware tokens, where the credentials are stored on a dedicated hardware device and therefore cannot be duplicated (absent physical invasion of the device).

TOTP - Time based one time password

EOTP - Event based one time password

"Mutual authentication" or two-way authentication refers to two parties authenticating each other at the same time, being a default mode of authentication in some protocols (IKE, SSH) and optional in others (TLS).

"Biometric authentication" is a type of system that relies on the unique biological characteristics of individuals to verify identity for secure access to electronic systems.

"Scalability" is the capability of a system, network, or process to handle a growing amount of work, or its potential to be enlarged in order to accommodate that growth.

"Transaction Signing" is a term used in internet banking that requires customers to digitally "sign" transactions in order to preserve the authenticity and integrity of the online transaction.

Threat coverage

Transport Methods

Feature Support