35 Authentication

Passwords are the most common form of authentication used in the world today. But passwords can easily be forgotten and commonly compromised. Two-factor authentication (2FA) adds an extra layer of security by requiring users to use two different authentication factors to verify their identity.

The two step verification or 2 Factor Authentication is an extra layer of security that is known as "multi factor authentication" that requires not only a password and username but also something that only, and only, the user knows e.g. tokens, OTP, answer of security questions etc. Using a Two Factor Authentication process can help to lower the number of cases of identity theft on the Internet, as well as phishing via email. For security reason authentication is used by user (Retail/ Corporate) while performing transactions through digital platform.

The Two Factor Authentication requires two different kinds of evidence before executing transaction successfully. This option enables the System Administrator to maintain authentication pattern for each transaction of a specific user segment.

Second Factor authentication can be set for each User type (Retail & Corporate) and for user type and User Segment combination (as of now user segment is only available for Retail user type).

This maintenance can be setup for each entity in a multi entity setup, which enables banks in defining different authentication mode for a same transaction for each entity.

In a multi entity setup, if the user is changing his entity, post login, then system should ask for second factor authentication.

The types of 2 factor authentication used are as follows:

• OTP : A onetime password will sent on user’s registered mobile number or email id .
• Security Questions: User will be asked to answer the security questions set up by him.
• Random Number based Soft Token: The token randomly changes on the soft token app after the system defined time, and user will be required to enter the same on screen to authenticate the transaction.
• Time based Soft Token : It is a time based soft token that gets generated on the soft token application. Token gets expired after a defined time and user will be required to generate a new token.
• Push Notifications based 2FA :User will get a push notification to authenticate and complete a transactions on his registered device (mobile/wearable), on initiation of a transaction from a different form factor .
• Since the user is required to authenticate the transaction on the device where he has received the push notification, It acts as an additional security wherein the user can approve/reject the transaction only from his registered device. For receiving push notifications user should allow the same for the respective app on his device.

Note:

Two factor authentication is only for retail and corporate user.

Pre-requisites

• Transaction access is provided to System Administrator.
• Approval rule set up for Bank Administrator to perform the actions.
• Transactions are enabled for 2 Factor Authentication aspect.

Figure 35-1 Workflow

Description of "Figure 35-1 Workflow"

Features supported in Application:

The following options are available as part of this maintenance:

• View Authentication
• Edit Authentication
• Create Authentication

Navigation Path:

From System/ Bank Administrator Dashboard, under Security widget, click Authentication.

OR

From System/ Bank Administrator Dashboard, click Toggle Menu, then click Menu and then click Security. Under Security , click Authentication.

• Authentication - View
  
• Authentication - Edit
  
• Authentication - Create
  
• FAQ