How to improve 2FA protection

relemedf5w023 · Post by **relemedf5w023** » Sat Feb 08, 2025 5:10 am

To combat targeted attacks, 2FA needs to be identity-based rather than device-based, and biometrics can be one of the best methods of identification in this regard. They ensure that the device is in the hands of the owner and not someone else. “The only way to truly authenticate is to rely on biometrics. It matches pre-known biometric information with the user who is authenticating,” says Harding.

Biometric security has become an integral part of everyday life. The most common types include fingerprint and facial recognition built into phones, as well as voice recognition when calling the bank, for example. “These biometric systems are already in people’s pockets, it’s just a matter of using them,” Harding added. “Biometrics have been popularized by Apple and Android. The irony is that they didn’t add it for security, they added it for convenience.”

However, it is not a perfect means of protection in itself. As recent examples from information security practice have shown, biometric protection can be fooled by fake images or information. For example, it bosnia and herzegovina mobile database already been proven that a fingerprint scanner can be fooled by gelatin candies (a hacking technique known as the gummy bear hack), and a facial recognition sensor may not be able to distinguish a person’s face from Facebook photos that have been given a three-dimensional appearance.

These types of exploits are being countered by anti-spoofing systems being developed for biometric readers. For example, Face-ID can now read facial contours. “In the past, some of these authentication systems were very easy to fool,” Harding says. “The key to the evolution of biometrics is the ability to counter spoof.”