Making 2FA More Secure

Two-factor authentication is not a new technology and many companies use social media apps to verify someone’s identity, but now the possibility integrating it into facial recognition can add an extra layer of security.

Two-factor authentication (often shortened to 2FA) provides a way of 'double checking' that you really are the person you are claiming to be when you're using online services, such as banking, email or social media. It is available on most of the major online services. Essentially, two-factor authentication is the process of confirming one’s identity through two different challenges, using something you already know, have, or contain. 

In two-factor authentication, one test can be to fill in the username and password. The next challenge can be to verify the identity by tapping on a push notification, entering an OTP shared via email, text message, phone call, or other channels.

Now a team from Brigham Young University School of Mathematics (BYU)  has built an algorithm that could possibly bring two-factor authentication to facial recognition technologies in everything from cell phones to surveillance systems with the use of facial motion.

The project started when the group researched facial motion and how it could be analysed. That evolved into seeing if students are paying attention in class and it eventually morphed into improved security for facial recognition with the use of facial motion. They developed a technology called Concurrent Two-Factor Identity Verification. According to Dr. D.J. Lee, it means that “you show your face and make the facial motion just once, you don’t have to do it twice. With the facial motion, if people want to use your photo they cannot fool the system since the photo is not moving.” 

The technology first uses facial recognition and then a secret phrase is mouthed, a movement with one’s lips is made, or a facial motion is made to satisfy the second step of authentication. Even if a video is used, the chances of that video matching the secret facial motion are low.

This video could be used on a computer, cell phone, or any piece of technology with a camera on it. Dr Lee thinks there could be numerous other uses, such as to start the engine, smiling at a camera to gain access to a hotel room, using it to gain access at an ATM, and even using facial motion in disabled people to control a computer.. " We don’t necessarily limit this to unlocking a phone or mobile device. This can be used for many different applications.” he said. The next step is a demonstration of the technology with the hopes of attracting some interest of people looking to help develop the algorithm further. 

NCSC:           LearnG2:            I-HLS:          HeraldExtra:     

You Might Also Read: 

Google Creates Video Tools To Fight Deepfakes:

 

« Cyber Crime In 2021: How Hackers Are Evolving
Trump's Family Get Blocked On Facebook »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

eSentire

eSentire

eSentire is the authority in Managed Detection and Response Services, protecting the critical data and applications of organizations from known and unknown cyber threats.

SiteLock

SiteLock

SiteLock is a global leader in website security solutions. We provide affordable, cybersecurity software solutions designed to allow small to midsize businesses to operate without fear of an attack.

CERTuy

CERTuy

CERTuy is the national Computer Emergency Response Team for Uruguay.

BPC Banking Technologies

BPC Banking Technologies

BPC’s advanced fraud prevention solution helps card issuers and acquirers combat the growing threat by monitoring 100% of transactions, online, in real-time across all channels.

CyberPrism

CyberPrism

CyberPrism provides SaaS solutions using proprietary technology, underpinned by industry-leading technical practitioners to protect OT within Government, Maritime and Industrial markets.

ANIS

ANIS

ANIS represents the interests of Romanian IT companies and supports the development of the software and services industry.

Span

Span

Span designs, develops and maintains information systems based on advanced technological solutions of global IT leaders.

SOCOTEC Certification International

SOCOTEC Certification International

SOCOTEC Certification International has been providing management systems assessment and accredited ISO certification services to organisations around the world since 1995.

Wontok

Wontok

Wontok deliver innovative value-added data security services that fill the gaps left in traditional security solutions.

Aigner Business Solutions

Aigner Business Solutions

Aigner Business Solutions GmbH is a specialist in IT-Security and Data Protection. Concise and focussed.

Help AG

Help AG

Help AG provides leading enterprise businesses and governments across the Middle East with strategic consultancy combined with tailored information security solutions and services.

Digitale Gründerinitiative Oberpfalz (DGO)

Digitale Gründerinitiative Oberpfalz (DGO)

Digital Founder Initiative Oberpfalz's goal is to build a sustainable start-up culture in the field of digitization throughout the Upper Palatinate district of Bavaria.

Prelude

Prelude

Prelude offer the first autonomous platform built to attack, defend and train critical assets through continuous red-teaming.

Cyber Unit

Cyber Unit

Cyber Unit offer next level protection from cyber attacks in packages and pricing options that are accessible to smaller organizations.

HackersEra

HackersEra

HackersEra is a leading offensive cybersecurity service provider. We enable our clients to operate in a more secure environment efficiently and produce more value.

CipherStash

CipherStash

CipherStash is a complete data governance and breach prevention platform.