Table of Contents
- Summary
- Market Categories and Deployment Types
- Key Criteria Comparison
- GigaOm Radar
- Vendor Insights
- Analyst’s Take
- Methodology
- About Andrew Green
- About GigaOm
- Copyright
1. Summary
Multifactor authentication (MFA) is a credential verification method that requires the provisioning of two or more verification factors to gain access to an IT resource. It’s a highly effective method for preventing social engineering attacks, protecting end-user accounts by authenticating them with methods that cannot be easily shared or compromised. These typically include biometrics (such as fingerprint or face scanners) or tokens (such as mobile phones, cards, or dongles).
Multifactor authentication can verify identity in three ways, namely by using:
- Something the user knows: Good, old-fashioned passwords.
- Something the user has: An item only the authorized person typically has access to, such as an ID card, token, or more commonly now, a smartphone.
- Something the user is: Biometric data that belongs to the authorized person—such as a fingerprint or face scan—available on most smartphones or laptops today.
MFA solutions can ensure a seamless user experience by requiring users to provide additional authentication methods only in uncommon or abnormal situations. If a user makes a request in the normal and expected circumstances, such as logging in from a managed company device at 9 a.m. from the company office, then the user can log in with one authentication factor. If the user logs in from a different device and location, the system will require a second factor to perform authentication.
A key feature enabled by MFA technology is passwordless authentication, where other verification methods supersede passwords. This not only improves security by removing the vulnerable password, but it can also improve user experience by removing the difficulty of managing different passwords and the burden of resetting them every few months. Smartphones are one of the biggest enablers for passwordless authentication. This is because smartphones are all-in-one authentication tokens with capabilities for biometric inputs. They boast a wide range of modules, including GPS, network connectivity, biometric scanners, HD cameras, and cellular connectivity.
As a key technology for improving security posture, MFA became a key assessment element in multiple rules and regulations for compliance. As such, businesses not only need to deploy and maintain MFA solutions, but to get relevant certifications, they must also prove that MFA is deployed and enforced across their workforce and customer base.
How to Read this Report
This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:
Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.
GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.
Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.