Making 2FA More Secure

Uploaded on 2021-04-15 in TECHNOLOGY--Developments, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

Two-factor authentication is not a new technology and many companies use social media apps to verify someone’s identity, but now the possibility integrating it into facial recognition can add an extra layer of security.

Two-factor authentication (often shortened to 2FA) provides a way of 'double checking' that you really are the person you are claiming to be when you're using online services, such as banking, email or social media. It is available on most of the major online services. Essentially, two-factor authentication is the process of confirming one’s identity through two different challenges, using something you already know, have, or contain. 

In two-factor authentication, one test can be to fill in the username and password. The next challenge can be to verify the identity by tapping on a push notification, entering an OTP shared via email, text message, phone call, or other channels.

Now a team from Brigham Young University School of Mathematics (BYU)  has built an algorithm that could possibly bring two-factor authentication to facial recognition technologies in everything from cell phones to surveillance systems with the use of facial motion.

The project started when the group researched facial motion and how it could be analysed. That evolved into seeing if students are paying attention in class and it eventually morphed into improved security for facial recognition with the use of facial motion. They developed a technology called Concurrent Two-Factor Identity Verification. According to Dr. D.J. Lee, it means that “you show your face and make the facial motion just once, you don’t have to do it twice. With the facial motion, if people want to use your photo they cannot fool the system since the photo is not moving.” 

The technology first uses facial recognition and then a secret phrase is mouthed, a movement with one’s lips is made, or a facial motion is made to satisfy the second step of authentication. Even if a video is used, the chances of that video matching the secret facial motion are low.

This video could be used on a computer, cell phone, or any piece of technology with a camera on it. Dr Lee thinks there could be numerous other uses, such as to start the engine, smiling at a camera to gain access to a hotel room, using it to gain access at an ATM, and even using facial motion in disabled people to control a computer.. " We don’t necessarily limit this to unlocking a phone or mobile device. This can be used for many different applications.” he said. The next step is a demonstration of the technology with the hopes of attracting some interest of people looking to help develop the algorithm further. 

NCSC:           LearnG2:            I-HLS:          HeraldExtra:     

You Might Also Read: 

Google Creates Video Tools To Fight Deepfakes:

 

« Cyber Crime In 2021: How Hackers Are Evolving
Trump's Family Get Blocked On Facebook »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alert Logic

Alert Logic

Alert Logic delivers unrivaled security for any environment, delivering industry-leading managed detection and response (MDR) and web application firewall (WAF) solutions.

Nimbusec

Nimbusec

Nimbusec scans your website around the clock and informs immediately if it has been hacked or manipulated

FIDO Alliance

FIDO Alliance

FIDO Alliance is a non-profit organization formed to address the lack of interoperability among strong authentication devices.

MSPAlliance

MSPAlliance

MSPAlliance is the world’s largest industry association and certification body for cloud computing and managed service professionals.

Newberry Group

Newberry Group

The Newberry Group provides comprehensive IT services and solutions that optimize operations, minimize risk and deliver measurable business value.

Sertainty

Sertainty

Sertainty enables developers to mix intelligence into data files for active risk mitigation and data control. Discover the impact of Data: Empowered.

Tier One Technology Partners

Tier One Technology Partners

Tier One Technology Partners is an IT managed services provider that focuses on cybersecurity, cloud services, IT consulting, and infrastructure.

1Kosmos

1Kosmos

1Kosmos provide Digital Identity and Passwordless Authentication for workforce and customers. Powered by advanced biometrics and blockchain technology.

Bechtle

Bechtle

Bechtle is one of Europe’s leading IT service providers offering a blend of direct IT product sales and extensive systems integration services.

Tetrate.io

Tetrate.io

Tetrate Service Bridge provides enterprises with a consistent, unified way to connect and secure services across an entire mesh-managed environment.

Vertek

Vertek

Vertek is a leading provider of operations consulting, end-to-end business process outsourcing, business intelligence, software applications and managed cybersecurity solutions.

Cybecs Security Solutions

Cybecs Security Solutions

Cybecs was founded to address rapid technological advancement, changing business models, global privacy regulations, and increasing cyber threats for global organizations.

Kusari

Kusari

Securing your software supply chain starts with understanding. Kusari is on a mission to bring transparency to your software supply chain and power secure development.

Increase Your Skills (IYS)

Increase Your Skills (IYS)

Armed and ready: raise awareness of cyberattacks in your company with the Full-Service Awareness Platform from IYS – fast and effective. We help you develop a robust, sustainable security strategy.

PDQ

PDQ

PDQ helps IT professionals to manage and organize hardware, software, and configuration data for Windows- and Apple-based devices.

CloudBees

CloudBees

CloudBees is building the world’s first end-to-end automated software delivery system, enabling companies to balance governance and developer freedom.