Network World 9-vendor multifactor authentication roundup

Due to numerous exploits that have defeated two-factor authentication, many IT departments now want more than a second factor to protect their most sensitive logins and assets. The market has evolved toward what is now being called multi-factor authentication or MFA, featuring new types of tokens and authentication methods.

For this review in Network World, we looked at nine products, five that were included in our 2013 review, and four newcomers. Our returning vendors are RSA’s Authentication manager, SafeNet’s Authentication Service (which has been acquired by Gemalto), Symantec VIP, Vasco Identikey Authorization Server, and TextPower’s SnapID app. Our first-timers are NokNok Labs S3 Authentication Suite (pictured above), PistolStar PortalGuard, Yubico’s Yubikey and Voice Biometrics Group Verification Services Platform.

All of these products are worthy of inclusion in this review as representative of where the MFA market is heading. In addition, if you want to stay on top of MFA developments, we recommend you follow our Twitter list here.

My review also features a collection of screencaps here, and an overall trends rundown as well here.

 

2 thoughts on “Network World 9-vendor multifactor authentication roundup

  1. Great research David!! I think it will provide a great reference for folks looking for a solution.

    One element that I didn’t see come up though was identity verification as opposed to token-based authentication. FIDO leaves identity verification to the relaying party. One-time password solutions (SMS, Code generators) rely on the authenticator (mobile) device which is bound to the account to always be in possession of the identity holder – this is quite an assumption however, given the obvious device possession situation, but also the whole concept of identity verification on binding leaves some large holes. Google is trying to address the former with its newly announced “Trust API”, but that will only work on Android and will not address the fraudulent binding issue.

    I’d like to throw our hat into the ring as well if that’s ok with you.. Biomio (biom.io) is a multi-factor authentication platform with emphasis on combining identity verification with authentication, as well as making the authentication itself extremely user-friendly by following the “what the administrator allows, what the user prefers” metaphor. We’re also looking to open source the platform in the near future.

    Feel free to reach out if you’d like to chat further.

    Best Regards,
    Dan Itkis, BIOMIO

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.