Buguroo has provided consumers with a handy primer that details the relative strengths and weaknesses of some of the most common forms of two-step authentication. The company notes that Strong Customer Authentication is a key component of new regulatory standards like PSD2, and will be increasingly important for companies and financial institutions that are hoping to prevent fraud and cyberattacks.
On that front, buguroo notes that the most popular form of two-step authentication – SMS Authentication – also happens to be one of the weakest. An SMS system will send a one-use passcode via email or text message, but that code can be easily intercepted if the device is already compromised. SMS codes are also inconvenient because they force the user to navigate through multiple screens, and expensive for the provider due to the high volume of texts.
One-Time Password (OTP) applications like LastPass and Google Authenticator, on the other hand, tend to be much more effective. The applications generate a one-use passcode that forces the user to meet dynamic time, event, or challenge-response conditions. The tech does not incur any text costs, and offers better security than the static codes associated with SMS.
Biometric authentication, meanwhile, has been gaining traction in recent years. Such solutions often take advantage of the face and fingerprint recognition tech that is readily available in modern smartphones. The tech is safe and highly convenient, although weaker systems are still vulnerable to spoofing attacks.
That’s where behavioral biometric solutions come into play. Behavioral biometrics authenticates users based on passive factors like typing patterns to provide ongoing security that will catch any bots and fraudsters that do manage to get past the initial login.
To that end, buguroo is developing its own behavioral biometric platform with the help of $11 million in Series A funding. The company’s current solutions recently became available through NICE Actimize’s X-Sight Marketplace.