As we know of it today, the Smartphone is fast becoming our spouse, or significant other. Just take a moment and think about it: How much time do you actually spend on it? For who knows how many mobile apps are on it? How much online shopping do you do with it? Or for that matter, how much time do you actually spend on it even when you are out with family and friends, and are expected to be social?
Good or bad, the Smartphone has become a leash on our lives, both personally and professionally. Because of this, it is also fast becoming the prime choice for the Cyber attacker. But keep in mind that this not so much from a technical standpoint…yea, they have probably millions of ways in which to install rogue mobile apps, and steal your password.
But given our sheer dependence on the Smartphone, the Cyber attacker also realizes the total damage that he or she can inflict upon society with a large scale attack on the Smartphone. Put it another way….just imagine one day that you actually lost your Smartphone or it was stolen….you will have an instant feeling of paralysis and helpnesess bestowed upon you. That is the pain the Cyber attacker of today wants you to feel.
So what can be done about this? Well, the major cell phone manufacturers have implemented newer forms of Security measures one of them known as the “2FA”. What exactly is it? Well, it is an acronym which stands for “Two Factor Authentication”. In other words, your iPhone, or Samsung/Windows Mobile device has two layers of security on it before you can access its full functionality.
The first layer of defense, is of course entering either your passcode or password when you first activate your device. True, the password still has many issues of its own, and we will address them in a later blog. Once you have gotten through this first layer, then the next layer becomes a tad more complicated.
In this case, you have to have evidence of something:
- That you have;
- That you know;
- That you are.
With the first one, this can be a security token, such as an RSA Token. Many remote workers use this, when they login into their workstation. Basically, it consists of a series of numbers that is constantly rotating. With the second, this could be the answer to a challenge question, such as “What is your mother’s maiden name?”. Finally, with the last one, this could be a Biometric, such as either your fingerprint or even a scan of your eyeball.
Not to sound biased, it is the last one which provides probably the best layer for a second means of defense. After all, your eyeball and your fingerprint are unique to you and only you, and nobody can steal them, like your password. In fact, Apple has pioneered the use of fingerprint recognition with the iPhone 6, it is called the “Touch ID”. It’s the little circle at the bottom, that is the actual fingerprint sensor.
We will continue this as we look into the advantages and even the disadvantages of using 2FA on your Smartphone. Stay tuned.