Authentication solutions provider LogMeOnce has announced a new two-factor authentication system called PhotoLogin.
The idea is to let users authenticate via selfie: When using the system to log in to an online application, a user takes a photo of herself via her desktop or laptop computer, and that image is then sent to her mobile app for confirmation; from there, she can swipe the image to access metadata such as GPS, IP address, or time stamp, and must verify or reject it.
It isn’t based on facial recognition, and it doesn’t actually matter whether the image features the user’s face. It could be a picture of anything. What matters is that the user gets a mobile notification for each login attempt, and that becomes a second authentication factor, complementing other credentials such as a PIN or password, as the user must confirm or deny the login attempt. As such it’s similar to the mobile notifications used by 2FA systems such as Google Authenticator.
It can still be paired with biometric authentication, however, as LogMeOnce also supports fingerprint scanning. With all of these authentication mechanisms activated, the platform could offer users a particularly secure multi-factor login option.