Challenges facing modern enterprises and organizations
The rapid development of big data, the Internet, and 5G, while bringing unlimited development opportunities to mankind, has also spawned a large number of information leakage incidents. According to the "IBM 2020 Data Breach Report", the average total cost of a data breach is 3.86 million U.S. dollars (approximately RMB 25.21 million)

For companies, the cost of data breaches is getting worse. On the one hand, companies will be punished by regulators. For example, British Airways was fined 204 million euros by the Office of the Information Commissioner (ICO) for data breaches. On the other hand, once a data leak occurs, it will not only make the company lose the trust of customers and users, but also affect the company's long-term development.

Therefore, the use of multi-factor authentication (hereinafter collectively referred to as MFA) has become a basic means for enterprises to prevent data leakage. Multi-factor authentication requires users to use at least two factors to verify their identity, and only after passing the verification can they access applications, which is rapidly spreading among enterprises.

At the end of last year, LastPass conducted a survey of 47,000 companies and found that 57% of companies worldwide are currently using multi-factor authentication, an increase of 12% over the previous year. Statistics also prove the effectiveness of MFA. Earlier this year, Microsoft reported that 99.9% of the illegal accounts it tracks did not use multi-factor authentication.

authing mfa challenge
Authing multi-factor authentication core function
Authing guarantees business security through multiple authentication methods
Customized authentication process, one-key open, simple operation
Support equipment environmental data reporting, multi-dimensional analysis of security levels
Support configuration strategy to achieve environmental risk adaptation
Also suitable for in-app permission control scenarios
Integrated into the universal login component (Guard) by default
User data management, behavior log query
Provide SDK and open interfaces to help developers quickly call-related capabilities and build custom user management pages
Multiple authentication methods to improve corporate identity security
Mobile token
SMS/email verification code
Compatible with third-party authenticators
Graphic lock
Mini Program Certification
authing icon
Mobile token
With strong dynamic OTP password verification, it helps protect account security and avoid malicious attacks.
Advantages of Authing multi-factor authentication
Empower Authing applications to quickly enable multi-factor authentication (MFA), and immediately improve application authentication and access security levels
authing icon
Developer friendly
Provides an out-of-the-box client SDK to facilitate client developers to quickly implement MFA
· Support multiple terminals: Web, iOS, Android
· Built-in multiple multi-factor authentication terminal components, such as OTP, verification code, fingerprint unlock, facial recognition, graphic lock, etc.
· Only need to call a method to evoke the MFA certification component, get the certification result, and complete the certification process
authing icon
Custom data reporting
Customized data reporting, participating in the process to initiate decision-making, covering more complex and refined scenarios
· Support data reporting during Authing SDK initialization
· Support timing data reporting
· Support active data reporting during application runtime
authing icon
The trigger conditions for multi-factor authentication are based on custom strategies, and the strategy system is simple, efficient, complete and flexible
· Simple: you don’t want to configure a complicated strategy, you can use the default security strategy or preset hit conditions
· Efficient: Millisecond level judgment strategy hits, multi-factor authentication is immediately aroused; based on the good user interface
· Complete: The strategy is described based on functional expressions, and developers can obtain enough information (including but not limited to user information, equipment, network, location, behavior, custom report data, etc.) to write strategy hit logic
· Flexible: Hit judgment based on multiple methods at the same time
authing icon
Simple configuration
Based on a friendly user interface, quickly configure multi-factor authentication for specific applications
· One-click on/off multi-factor authentication
· One-click to enable the default security policy, no need to understand the policy configuration, can also greatly improve application security
· Preset dozens of important and commonly used strategy hit conditions, which will take effect upon selection and can be used by non-engineers
Adaptive multi-factor authentication, higher performance choice
Compared with traditional multi-factor authentication, "adaptive" multi-factor authentication can choose to apply different MFA methods according to the current security situation, so as to ensure security while also taking into account the user experience. "Adaptive" multi-factor authentication provides a more flexible and intelligent verification strategy.
When the user goes through the authentication process, "adaptive" multi-factor authentication generates multiple "key elements" for the currently logged-in user
User attributes
Such as user name, password, user identity and other attributes and information of the user
Location awareness
Location awareness is divided into the virtual location (IP address) and physical location (country, region, etc.)
Request source
Judge the source of the current user’s request, such as hardware device information, the user’s current system, etc.
Use the user's biological information for identification, such as fingerprint information, face recognition, etc.
Behavior analysis
A series of user behaviors such as whether it comes from a commonly used login location, whether the wrong password is entered multiple times, and the user's previous operation records
MFA industry use cases
In general, we see a tendency to use MFA in industries dealing with sensitive data, such as insurance and banking. There is no additional identity layer in these vertical domains, so there is an urgent need for MFA.
MFA is one of the best ways to prevent accounts from being stolen. If an attacker wants to invade an account protected by MFA, he not only needs to steal credentials, but also needs to verify additional factors. MFA greatly increases the time and energy required by attackers to invade accounts, so it is difficult for them to carry out large-scale attacks.
Authing can centrally configure a variety of authentication factors other than passwords, including dynamic token, certificate, face, fingerprint and other biometrics. It can integrate a variety of common third-party authentication sources. At the same time, the developer API is provided to support other applications to use the identity authentication ability of IDaaS.
authing mfa example
Financial system
Educational system
Government affairs system
Ensure access to financial data
In order to protect financial data and online transactions from criminals, multi-factor authentication (MFA) of Authing is used to verify the identity of users.
When logging into financial websites and apps, the MFA of Authing sends authentication information to users' smartphones to prevent unauthorized access.
When conducting financial transactions, the MFA of Authing double verifies the user's identity to ensure the identity security of trading partners and protect online transactions from criminals.
authing advance
Connect people and applications around the world