The advent of the Internet revolutionized the consumer experience. From performing high-value transactions to accessing corporate networks remotely, consumers today have numerous options to conduct their business from anywhere in the world. To stay competitive in this fast growing field of e-commerce, organizations are constantly thinking of innovative ways to reach customers over the Internet. But, new e-commerce channels emerge through a myriad of new devices (mobile phones, tablets, PCs), operating systems (iOS, Android, Windows, and so on), and channels (such as social media sites and auctions). Therefore, organizations constantly face new threats and vulnerabilities because of the introduction of new technologies.
Many organizations rely on user name and password to authenticate users. However, because the user name and password are static, they offer little protection against unauthorized access. They are also vulnerable to a wide variety of phishing and Trojan attacks. Attackers can easily decipher static passwords, and then impersonate the original user to access any confidential data. Moreover, most users use easy-to-remember, weak passwords that can be easily stolen, cracked, and be compromised, exposing the system to fraudulent attacks. Many organizations try to address these threats by implementing counter-phishing programs and stricter password policies, but newer and more efficient threats are constant. Also, some password management tools require centralized administration of passwords, which by itself poses a security risk. Clearly, to reduce or prevent online fraud and sabotage, organizations must move beyond authentication methods that depend solely on user name and password.
The only cost-effective way to secure data and inspire consumer confidence in online business is to introduce Two-Factor Authentication (2FA). With 2FA, the user provides two or more of the three means of identification (factors) for authentication. These factors are:
- A knowledge factor: Something the user knows; for example, a static password or PIN.
- A possession factor: Generated from something that the user has; for example, a hardware or software token device.
- An inherence factor: Something the user is; for example, a biometric finger print.
The IBM® Total Authentication Solution delivers a highly secure, token-flexible, centralized authentication infrastructure that can integrate with the existing infrastructure of the organization to provide end-to-end (E2E) protection of sensitive data.
This IBM Redguide™ publication highlights the key features and differentiators of the Total Authentication Solution, and how it can create a complete authentication solution that empowers you to meet your business and security challenges.
Table of contents
Business value of the IBM Total Authentication Solution
IBM Total Authentication Solution architecture
IBM Total Authentication Solution: Key differentiators