Multi Factor Authentication (MFA) Settings
In order to ensure your identity, various biometrics factors can be leveraged. In cidaas, Multi-factor authentication is a security mechanism that requires two types of credentials for authentication and is designed to provide an additional layer of validation, minimizing security breaches.
Once configured, User can choose to use login with username and password, or straightaway go to password-less option and identify with the configured biometrics. This is illustrated below.
In cidaas, an Administrator has to enable multifactor authentication to the appropriate users. When this is configured, a User can go to their User Profile page, and find various MFA options made available to them.
In order to enable MFA, cidaas administrator can go to Administrator Dashboard -> Multifactor settings -> “MFA Settings”.
Once Administrator has enabled MFA option, users can go to their business portal, login and see these options on their profile settings UI. It will be available under "Physical Verification Setup". Users can click on "configure", and setup one or more of the authentication methods they prefer. An illustration of MFA options in My Profile page is shown below:
How does cidaas implement Multifactor Authentication
Cidaas supports the following Multifactor Authentication. Each of these are detailed in relevant links below:
1. Email: If configured with this option, a six-digit verification code is sent to the user's registered email address.
2. SMS: With this configuration, a six-digit verification code is sent to the user's registered mobile number.
3. TouchID: This mechanism allows user to configure and authenticate with their fingerprint (biometric authentication) using touch sensor of their device.
4. Pattern: Configuring this option allows user to draw a pattern password between the nodes to open the lock in lieu of entering an alphanumeric password.
5. Smart Push: Configuring this option enables user to receive a push notification message. push notification is a message that popup on a mobile device. App publishers can send them at any time; users don't have to be in the app or using their devices to receive them.
6. Voice: Voice authentication relies on a person's unique voice patterns for identification to gain access.
7. Face: Facial recognition analyzes the characteristics of a person's face images input through a digital video camera. It measures the overall facial structure for authentication.
8. TOTP: TOTP is a time-based one-time password (TOTP) is a temporary passcode, generated by an algorithm, use to authenticate access to systems/device.
9. Backup Code: Backup Code is used when a user lost the mobile device and cannot receive verification codes via SMS, voice call, or cidaas authenticator app, then the backup codes is used to sign in.
10. IVR: IVR uses prerecorded and dynamically generated audio to interact with customers.
11. FIDOU2F: The FIDO protocols use standard public key cryptography techniques to provide stronger authentication.
12. Security Question: This is allows you to use a question and answer as an strong authentication.
Once the Administrator enables the multifactor authentication, the user’s login to their account and the enabled authentication mode get displayed under the user’s Physical Verification Setup
Based on the appropriate _authentication _mode user configure the authentication method (multiple authentication mode can be configured).