Fido's U2FA: Safest Way To Authenticate?
Enterprise IT World|September 2018
Fido's U2FA: Safest Way To Authenticate?

In my previous article, we talked about SMS based 2FAs and how this method is not a safe method to authenticate. Universal 2nd Factor, also abbreviated to U2F, the safest method to date provides good protection against phishing attacks, because the URL is also checked during the login process.

This topic of concern has been in debate for quite some time now. SMS isn’t a secure way to use 2FA. It has two key vulnerabilities. Firstly, the technology is susceptible to SIM Swap attacks.

Secondly, hackers can intercept SMS messages by intercepting the Signaling System No. 7 (SS7) phone routing system. The methodology was designed back in 1975 but is still used almost globally to connect and disconnect calls. It also handles number translations, prepaid billing, and crucially, SMS messages.

The other common way to use 2FA codes is to install a dedicated smartphone app. There are lots to choose from. But how secure are specialist 2FA apps? Their biggest weakness is their reliance on a secret key.

articleRead

You can read up to 3 premium stories before you subscribe to Magzter GOLD

Log in, if you are already a subscriber

GoldLogo

Get unlimited access to thousands of curated premium stories, newspapers and 5,000+ magazines

READ THE ENTIRE ISSUE

September 2018