Two Factor Authentication

                                                    TWO   FACTOR   AUTHENTICATION

• Security Process
• User is provided with two levels of identification
• Both the required factors must be used and must be correct to prove one's identity
• One  factor required for this security is somethig that user pocessess. Can be physical like USB stick token, bank card or digital like figerprint,eyeiris or voice
• The other is something that the user knows such as username,password , PIN
•                

Mobile Phone Two Factor Authentication

Developed to avoid the issue -

                 The thing that the user pocesses like USB stick, Bank Card or Key can be lost by the user or stolen making the access impossible. Also the cost involved in procuring and subsequently replacing these items is also costly.

The Approach -

•   mobile devices such as mobile phones and smartphones are used to serve as "something that the user possesses".
• For the user to authenticate themselves

                     -they can use their personal access licence (i.e. something that only the individual user                            knows) plus a one-time-valid, dynamic passcode consisting of digits
                               Personal Access License +   Dynamic Passcode
                     - the code is sent to their mobile device by e-mail or sms

• If the user has already used a sequence of digits (passcode), this is automatically deleted and the system sends a new code to the mobile device
• if the new code is not entered within a specified time limit, the system automatically replaces it.  Ensuring that already used, old codes are left on the mobile device
• specifing how many incorrect entries are permitted before the system blocks access would further enhance the security