
Evaluating two-factor authentication solutions requires a look at three critical areas – the security and scalability of the technology, hurdles to user adoption, and the total cost (including internal costs) to deploy and support the system. Below is an analysis of soft token authentication systems and PhoneFactor’s phone authentication solution.
Like a hardware security token, soft tokens rely on a One Time Password as the second factor of authentication. A piece of software is installed on the end user’s desktop computer, laptop, PDA, or mobile phone, which generates a OTP. Software tokens do not require a physical device be deployed to users, so hard costs are less than hardware security tokens, but supporting installation and use of the soft token application on the end user’s device can result in significant internal support costs. If the software is installed on a user’s PC, they must have access to the PC in order to retrieve the OTP. This might not be the case is a user was logging in from a kiosk, mobile phone or other device. Soft tokens are exposed to threats such as computer viruses and software attacks, and are not out-of-band.
| Technology |
|
| User Adoption |
|
| Cost |
|
PhoneFactor’s phone-based two-factor authentication service offers a greater level of security and a better user experience than soft tokens. And, it’s significantly less expensive to deploy and maintain. For more information try the PhoneFactor Demo or Download the Free Version.