Making 2FA More Secure

Uploaded on 2021-04-15 in TECHNOLOGY--Developments, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

Two-factor authentication is not a new technology and many companies use social media apps to verify someone’s identity, but now the possibility integrating it into facial recognition can add an extra layer of security.

Two-factor authentication (often shortened to 2FA) provides a way of 'double checking' that you really are the person you are claiming to be when you're using online services, such as banking, email or social media. It is available on most of the major online services. Essentially, two-factor authentication is the process of confirming one’s identity through two different challenges, using something you already know, have, or contain. 

In two-factor authentication, one test can be to fill in the username and password. The next challenge can be to verify the identity by tapping on a push notification, entering an OTP shared via email, text message, phone call, or other channels.

Now a team from Brigham Young University School of Mathematics (BYU)  has built an algorithm that could possibly bring two-factor authentication to facial recognition technologies in everything from cell phones to surveillance systems with the use of facial motion.

The project started when the group researched facial motion and how it could be analysed. That evolved into seeing if students are paying attention in class and it eventually morphed into improved security for facial recognition with the use of facial motion. They developed a technology called Concurrent Two-Factor Identity Verification. According to Dr. D.J. Lee, it means that “you show your face and make the facial motion just once, you don’t have to do it twice. With the facial motion, if people want to use your photo they cannot fool the system since the photo is not moving.” 

The technology first uses facial recognition and then a secret phrase is mouthed, a movement with one’s lips is made, or a facial motion is made to satisfy the second step of authentication. Even if a video is used, the chances of that video matching the secret facial motion are low.

This video could be used on a computer, cell phone, or any piece of technology with a camera on it. Dr Lee thinks there could be numerous other uses, such as to start the engine, smiling at a camera to gain access to a hotel room, using it to gain access at an ATM, and even using facial motion in disabled people to control a computer.. " We don’t necessarily limit this to unlocking a phone or mobile device. This can be used for many different applications.” he said. The next step is a demonstration of the technology with the hopes of attracting some interest of people looking to help develop the algorithm further. 

NCSC:           LearnG2:            I-HLS:          HeraldExtra:     

You Might Also Read: 

Google Creates Video Tools To Fight Deepfakes:

 

« Cyber Crime In 2021: How Hackers Are Evolving
Trump's Family Get Blocked On Facebook »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

TeachPrivacy

TeachPrivacy

TeachPrivacy provides computer-based privacy and data security training that is engaging, memorable, and understandable.

Infigo IS

Infigo IS

INFIGO IS specializes in information security consulting services. Our employees are leading information security experts in Croatia.

Nucleon

Nucleon

Nucleon enables cybersecurity tools, organizations and software developers to become proactive by blocking threats before they become breaches.

Identifi Global Recruitment

Identifi Global Recruitment

Identifi Global is one of the UK's leading Cyber Security & IT Recruitment specialists.

CoverWallet

CoverWallet

CoverWallet combines deep analytics, thoughtful design and state of the art technology to help small businesses with all their insurance needs including Cyber Liability.

David Hayes-Export Controls

David Hayes-Export Controls

David Hayes-Export Controls provides assistance to companies affected by export controls or who are considering entering the market but are unsure of the commercial and regulatory implications.

CliftonLarsonAllen (CLA)

CliftonLarsonAllen (CLA)

CLA exists to create opportunities for our clients through industry-focused advisory, outsourcing, audit, tax, and consulting services.

Codean

Codean

The Codean Review Environment automates mundane software analysis tasks, so security experts can focus on finding vulnerabilities.

ACL Digital

ACL Digital

ACL Digital, an ALTEN Group company, is a leader in design-led digital experience, innovation, enterprise modernization, and product engineering services converging to Technology, Media & Telecom.

iSPIRAL IT Solutions

iSPIRAL IT Solutions

iSPIRAL is a leading regulatory technology software provider delivering state-of-art AML, KYC, Risk and Compliance solutions.

Banyax

Banyax

Banyax provides 24×7 real-time Cyber Defense Center Services using the latest technology tools to provide state-of-the-art defense.

OpsHelm

OpsHelm

OpsHelm provides a Software-as-a-Service solution to help businesses ensure that all of their cloud environments have their security bases covered.

Redpoint Cybersecurity

Redpoint Cybersecurity

Redpoint Cybersecurity is a human-led, technology-enabled managed cybersecurity provider specializing in Digital Forensics, Incident Response and proactive cyberattack prevention.

Contextal

Contextal

Contextal develops cutting-edge open-source cybersecurity solutions, designed to connect the dots and detect complex threats, which slip through the existing protections.

Gutsy

Gutsy

Gutsy uses process mining to help organizations visualize and analyze their complex security processes to understand how they actually run, based on observable event data.

Resillion

Resillion

Resillion (formerly Eurofins Digital Testing) is a global leader in quality engineering and cyber security services with operations in Europe, US, UK, India and China.