malware attacks

The pitfalls of two-factor authentication – why FSIs are at risk


Two-factor authentication (2FA) has become an essential tool in the fight against cybercrime. 2FA requires users to provide a second ‘factor’ (effectively, an additional security layer beyond an initial username/password) to gain access to an online account. Whether based on tokens, USB devices, scratch cards, short message service (SMS) or biometric data, 2FA is now a principal security mechanism to prevent online banking fraud. However, with three decades on the clock, 2FA is starting to show signs of wear.

Once considered all but impenetrable, today’s cybercriminals have found clever ways to bypass 2FA security – as proven by several recent, high-profile attacks.

As concerns mount over the use of this increasingly vulnerable security tool, IBM has conducted a critical analysis of 2FA technologies, addressing:

  • Key vulnerabilities in two-factor authentication technologies
  • Specific attack methods and vectors utilised by today’s hackers
  • The evolution of fraud prevention strategies to meet this security challenge
  • How a multi-layered security approach can overcome constraints in legacy security infrastructure 
  • A holistic, integrated fraud prevention solution designed to adapt to the ever-changing threat landscape. 

Download this exclusive IBM research to learn best practice methods and tools to overcome vulnerabilities in 2FA technologies.