Products

Electronic signing and identification solutions for all types of organizations.

Electronic Signature

Send out contract in seconds.

Digital Identifying

Remotely verify identities.

Pricing

See and compare various packages and prices.

Integrations

API

Easily integrate Signhost into your own system with our REST API.

Mobile App

Sign and send documents quickly, easily and securely with the Signhost app.

Third-Party Integrations

Find out whether Signhost integrates with the third-party software you currently use.

Documentation

Go to our REST API documentation.

Pricing

Insights

Blog

Read more about digital signatures and e-identification subjects.

FAQ

Find answers to common inquiries about our e-signature and e-identification solutions.

Glossary

Explore key terms related to digital signatures and digital identification.

Company

About us

Signhost is Entrust's cloud signing and identification solution.

Entrust

The global leader in identities, payments, and digital infrastructure.

What Is Multi-Factor Authentication?

Multi-factor authentication (MFA) is a security protocol that requires a user to verify their identity by providing two or more authentication factors. It is a critical aspect of Identity and Access Management (IAM) that ensures only authorized entities can access sensitive data.

Traditional authentication relies on a single factor — a username and password combination — while 2FA and MFA enhance security by adding additional layers of protection through different types of credentials.

How MFA works

MFA works by prompting users to confirm their identity through multiple independent factors, such as one-time passcodes (OTPs), hardware tokens, and biometric scans. Once users input their login credentials, the system asks them for additional factors before granting access.

Authentication factors

Authentication factors can be:

Something you know (knowledge): Information like passwords, PINs, or answers to security questions known only to the user.
Something you have (possession): A physical item such as a mobile, security token, or smart card in the user’s possession.
Something you are (inherence): The user’s unique behavioral and physical traits, such as fingerprints, facial features, and speech patterns.
Somewhere you are (location): Geographical or network-based information, such as a trusted IP address or GPS coordinates.

Importance of MFA

Enhanced security

MFA works as a security layer to enhance authentication processes. Additional authentication factors significantly reduce the likelihood of a successful breach even if passwords are compromised.

Increased trust

As a key component of a robust cybersecurity strategy, MFA increases user confidence in a system or application by making it harder for hackers to access and misuse personal data.

Protection against attacks

MFA mitigates threats from credential-based attacks, such as brute force attacks and credential stuffing, making it harder for attackers to exploit vulnerabilities.

Regulatory compliance

MFA measures are necessary in some industries to ensure security and compliance. In the EU, the eIDAS Regulation and the PSD2 mandate strong customer authentication (SCA) measures, encouraging the use of MFA to ensure secure online transactions. Similarly, the Network and Information Systems Directive 2 (NIS2) specifically mentions the use of MFA for regulated entities to ensure security.

In the US, the Gramm-Leach-Bliley Act (GLBA) mandates financial institutions to use MFA, particularly for accessing customer information online.

MFA methods

Different MFA methods include:

OTPs: A single-use passcode that is sent to a trusted device, email address, or mobile app.
Biometrics: Use factors inherent to the user’s identity to authenticate them, such as fingerprints, facial recognition, and iris recognition.
Token-based: Involves the use of hardware or software tokens, such as USB keys and authentication apps, that generate time-sensitive codes.
Push notification: A login request sent to a trusted device where the user approves or denies access.
Adaptive MFA: Evaluates user behavior, location, and device type to identify suspicious activity and ask for additional authentication factors as needed.
Certificate-based: Uses PKI to authenticate users, relying on digital certificates issued by a certificate authority. The certificate contains a public key, while the corresponding private key, held by the user, ensures secure access.

Challenges

User resistance: Users may find MFA processes cumbersome and inconvenient and show reluctance in adopting it. The key is to communicate openly about how it can protect them and introduce less-intrusive methods first.
Cost and complexity: Implementing MFA can be resource-intensive, especially for smaller organizations with limited budgets. Opt for solutions that scale with your business and start by prioritizing high-risk areas.
Device dependency: MFA often relies on devices like smartphones, which can pose a challenge if these are compromised in any way. Implement backup authentication methods to ensure uninterrupted access without sacrificing security.

Common use cases for MFA

Financial services: Protects sensitive financial data and transactions in banking and investment platforms.
Online accounts: Secures email, social media, and other personal accounts against unauthorized access.
Corporate IT security: Ensures secure access to enterprise systems, reducing insider threats and external attacks.
E-commerce: Safeguards customer accounts and payment information during online transactions.
Healthcare: Protects patient records and complies with regulations like HIPAA to maintain data privacy.

*Disclaimer: This content does not constitute legal advice. The suitability, enforceability or admissibility of electronic documents will likely depend on many factors such as the country or state where you operate, the country or state where the electronic document will be distributed as well as the type of electronic document involved. Appropriate legal counsel should be consulted to analyze any potential legal implications and questions related to the use of electronic documents.