Is iPhone the Catalyst for Ubiquitous Multi-factor Authentication?
March 31st, 2009 by Scott OlsonThis week alone, I have seen two separate iPhone apps enabling multi-factor authentication for the likes of your accounts at AOL, eBay, PayPal and Blizzard, the provider of the popular online game World of Warcraft. The first application is provided by Verisign and provides multi-factor authentication for AOL, eBay, and PayPal to combat identity theft and account takeover. This could easily be expanded to include other sites and is a significant improvement over the options that were previously available. The second application is provided by Blizzard to authenticate users to their popular online games, like World of Warcraft, and is intended to address their account takeover problems.
Before these mobile applications, sites could either provide a separate hardware token for multi-factor authentication which was expensive and difficult to manage, or it could provide this capability through a text message on the phone which could be costly for both the consumer and the company. This application solves the token problem by attaching itself to something that most users always have in their possession (their mobile phone) and solves the cost problem by bypassing costly text messages and embedding the password generation intelligence in the mobile app. There is a beta version of the Verisign app for some BlackBerry models and for another 40 phones in development. The Blizzard version is currently only available for the iPhone and iPod touch, but other models will likely follow. The ease of adoption for the iPhone could be the difference make in this instance and it could be a positive step in the direction at combatting online fraud and more specifically account takeovers.
Tags: account takeover, identity theft, iPhone, Online Fraud
