Comparison of authentication solutions

Authentication is the act of confirming the truth of an attribute of a single piece of data (a datum) claimed true by an entity. Out of different types of authentication two-factor authentication is a method that provides identification of users by means of the combination of two different components. There are number of two-factor authentication and multi-factor authentication methods. Multi-factor authentication products can provide significant benefits to an enterprise, but the methods are complex and the tools themselves can vary greatly from provider to provider.^[1]

Legend

The term phishing refers to attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.

Malware, short for malicious software, is any software used to disrupt computer operations, gather sensitive information, gain access to private computer systems, or display unwanted advertising.

Password guessing refers to cracking a password, which is the process of recovering passwords illegally from data that have been stored in or transmitted by a computer system.

A man-in-the-middle attack (often abbreviated to MITM, MitM, MIM, MiM attack or MITMA) is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other

Server side data breaking refers to an incident in which sensitive, protected or confidential data has potentially been viewed, stolen from servers or used by an individual unauthorized to do so.

Shoulder surfing refers to using direct observation techniques, such as looking over someone's shoulder, to get information. It is commonly used to obtain passwords, PINs, security codes, and similar data.

One-time password (OTP) interception refers to a service provider sending a one time password to user's contact (SMS, E-mail, etc.) for authentication purpose, but that doesn't reach the user, possibly intercepted by a fraudulent person.

Side channel vulnerabilities allow attackers to infer potentially sensitive information just by observing normal behavior of a software system. The attacker is a passive observer.^[2]

A hardware token is an authenticator in the form of a physical object, where the user's interaction with a login system proves that the user physically possesses the object. Proving possession of the token may involve one of several techniques.^[3]

A software token is a type of two-factor authentication security device that may be used to authorize the use of computer services. Software tokens are stored on a general-purpose electronic device such as a desktop computer, laptop, PDA, or mobile phone and can be duplicated. This is in contrast to hardware tokens, where the credentials are stored on a dedicated hardware device and therefore cannot be duplicated (absent physical invasion of the device).

TOTP - Time-based one-time password

EOTP - Event-based one-time password

Mutual authentication or two-way authentication refers to two parties authenticating each other at the same time, being a default mode of authentication in some protocols (IKE, SSH) and optional in others (TLS).

Biometric authentication is a type of system that relies on the unique biological characteristics of individuals to verify identity for secure access to electronic systems.

Scalability is the capability of a system, network, or process to handle a growing amount of work, or its potential to be enlarged in order to accommodate that growth.

Transaction signing is a term used in internet banking that requires customers to digitally "sign" transactions in order to preserve the authenticity and integrity of the online transaction.

Threat coverage

Provider	Phishing	Malware	Password guessing	Man in the middle	Re-used password attacks	Server-side Database Break-in	Shoulder Surfing	Theft of Authenticator	OTP Interception	Channel vulnerabilitiess
Authenticator Plus	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Authentify Inc	Yes	N/A	N/A	Yes	N/A	N/A	N/A	N/A	N/A	N/A
Authy	Yes^[4]	Yes^[4]	Yes^[5]	Yes^[5]	N/A	N/A	N/A	N/A	N/A	N/A
Azure Multi-Factor Authentication	Yes^[6]	Yes^[7]	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Clef	Yes^[8]	N/A	Yes^[8]	N/A	N/A	Yes^[8]	N/A	Yes	N/A	N/A
Cognalys Inc	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
CryptoPhoto	Yes^[9]	Yes^[9]	Yes^[10]	Yes^[10]	Yes^[10]	Yes^[10]	Yes^[9]	Yes^[10]	Yes^[10]	Yes^[10]
Duo Security	Yes	N/A	N/A	Yes^[11]	N/A	N/A	N/A	N/A	N/A	N/A
Entersekt	Yes^[12]	Yes^[12]	Yes^[12]	Yes^[12]	N/A	N/A	N/A	N/A	N/A	N/A
FreeOTP	N/A	N/A	N/A	Yes	N/A	N/A	N/A	N/A	N/A	N/A
Google Authenticator	No	N/A	N/A	N/A	N/A	No^[13]	N/A	N/A	N/A	N/A
Latch	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
LaunchKey	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
LoginTC	Yes	N/A	Yes	Yes	Yes	Yes^[14]	Yes^[14]	Yes^[14]	Yes^[14]	Yes^[14]
MePIN	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Mi-Token	Yes	Yes	N/A	Yes	N/A	N/A	N/A	Yes	N/A	N/A
Nexmo	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Nexus Smart ID^[15]	Yes	N/A	Yes	Yes	N/A	N/A	Yes	N/A	Yes	N/A
OASIS OASIS2FAM^[16]	Yes	N/A	Yes	Yes	Yes	Yes	Yes	Yes	Yes	N/A
OpenOTP Token	Yes	Yes	Yes	Yes	Yes	N/A	N/A	Yes	Yes	N/A
Ping Identity	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
PortalGuard	Yes^[17]	N/A	N/A	Yes^[17]	N/A	N/A	N/A	N/A	N/A	N/A
privacyIDEA	Yes^[18]	N/A	Yes	N/A	Yes	Yes^[19]	N/A	N/A	N/A	N/A
Protectimus	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Rublon	N/A	Yes^[20]	Yes^[20]	N/A	N/A	N/A	N/A	N/A	N/A	N/A
SAASPASS	Yes	Yes	N/A	Yes	N/A	N/A	N/A	N/A	N/A	N/A
SAT Mobile ID	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
SecSign	Yes^[21]	Yes^[21]	Yes^[21]	N/A	N/A	N/A	N/A	N/A	N/A	N/A
SecureAuth^[22]	Yes^[22]	Yes^[22]	Yes	N/A	Yes	Yes	Yes	Yes	Yes^[23]	N/A
SecurePass	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
SmartSign	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Solidpass^[24]	Yes	Yes	N/A	Yes	N/A	N/A	N/A	N/A	N/A	N/A
SyferLock GridGuard^[25]	Yes	Yes	Yes	Yes	Yes	N/A	Yes	N/A	Yes	Yes
Symantec/Verisign VIP	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
TeleSign	Yes^[26]	N/A	Yes^[26]	N/A	Yes^[26]	N/A	N/A	N/A	N/A	N/A
TextPower	N/A	Yes^[27]	N/A	Yes^[28]	N/A	N/A	N/A	N/A	N/A	N/A
Token2	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Toopher	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Totp.Me	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
VASCO Data Security	Yes	N/A	N/A	Yes	N/A	N/A	N/A	N/A	N/A	N/A
WWPass	Yes	Yes	N/A	Yes	N/A	N/A	N/A	N/A	N/A	N/A
WiKID Systems	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Yubico	Yes	Yes	N/A	Yes	N/A	N/A	N/A	N/A	N/A	N/A
RSA Security^[29]	Yes	Yes	Yes	Yes	Yes	N/A	Yes	Yes	Yes	N/A

Transport methods

Provider	SMS^[30]	Phone Call	Email^[31]	Hardware token	Software implementation	Recovery method^[31]
Authenticator Plus^[32]	No	No	No	No	Yes	Email
Authentify Inc^[33]	Yes	Yes	No	Yes	Yes	Email
RSA Security	Yes	Yes	Yes	Yes	Yes	Email / helpdesk
Authy^[34]	Yes	Yes	No	Yes	Yes	Email^[35]
Azure Multi-Factor Authentication^[36]	Yes	Yes	No	No	Yes	Email
Clef^[37]	No	No	No	No	Yes	Email
Cognalys Inc	No	Yes	No	No	Yes	Email
CryptoPhoto	No	No	No	No	Yes	Paper TAN
RCDevs OpenOTP	Yes	No	Yes	Yes	Yes	SMS/Email
Duo Security	Yes	Yes	No	Yes	Yes	Email^[35]
Entersekt	No	No	No	No	Yes	Email
FreeOTP	No	No	No	No	Yes	Email
Google Authenticator	Yes	Yes	No	No	Yes	Paper TAN^[35]
Latch	No	No	No	No	Yes	Email
LaunchKey	No	No	No	No	Yes	Email
LoginTC	No	No	No	Yes^[38]	Yes	Email
MePIN	Yes	No	No	Yes	Yes	Email
Mi-Token	Yes	Yes	Yes	Yes	Yes	Email
Nexmo	Yes	Yes	No	No	No	Email
Nexus Smart ID^[15]	Yes	No	Yes	Yes	Yes	SMS/Email
OASIS2FA^[16]	No	No	No	Yes	Yes	Email/Recovery Codes/Helpdesk
Ping Identity	Yes	Yes	No	No	Yes	Email
PortalGuard	No	Yes	Yes	No	Yes	Email
privacyIDEA	Yes	No	Yes	Yes	Yes	Email / helpdesk
Protectimus	Yes	No	Yes	Yes	Yes	Email
Rublon	No	No	Yes	No	Yes	Email
SAASPASS	No	No	No	No	Yes	Email
SAT Mobile ID	Yes	Yes	No	Yes	Yes	Email
SecSign	No	No	No	No	Yes	Email
SecureAuth	Yes	Yes	Yes	Yes	Yes	Email
SecurePass	No	No	No	Yes	Yes	Email
SmartSign	No	No	Yes	No	Yes	Email
Solidpass^[24]	Yes	No	No	Yes	Yes	Email
SyferLock GridGuard	Yes	No	Yes	No	Yes	Email
Symantec/Verisign VIP	Yes	Yes	Yes	Yes	Yes	Email
TeleSign	Yes	Yes	No	No	Yes	Email
TextPower	Yes	No	No	No	No	Email
Token2	Yes	No	No	Yes	Yes	Email
Toopher	Yes	No	No	No	Yes	Email
Totp.Me	No	No	No	No	Yes	Email
VASCO Data Security	Yes	Yes	Yes	Yes	Yes	Email
WWPass	No	No	No	Yes	Yes	Email
WiKID Systems	No	No	No	No	Yes	Email
Yubico	No	No	No	Yes	Yes	Email

Feature support

Provider	TOTP	HOTP	Mutual authentication	PIN protection	Biometrics	Separate Channel	Scalability	Transaction Signing	Coverage	Revocation
Authenticator Plus	Yes	N/A	N/A	Yes	Yes	N/A	N/A	N/A	N/A	N/A
Authentify Inc	N/A	N/A	N/A	N/A	N/A	Yes	N/A	Yes	N/A	N/A
Authy	Yes	N/A	N/A	N/A	Yes^[39]	N/A	N/A	Yes^[40]	N/A	N/A
Azure Multi-Factor Authentication	N/A	N/A	N/A	N/A	Yes	N/A	N/A	N/A	N/A	N/A
Clef	N/A	N/A	N/A	N/A	Yes	N/A	N/A	N/A	N/A	N/A
Cognalys Inc	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
CryptoPhoto	N/A	N/A	N/A	Yes^[41]	Yes^[41]	N/A	N/A	N/A	N/A	Yes^[41]
OpenOTP Token	Yes	Yes	Yes	Yes	Yes	N/A	Yes	Yes	N/A	Yes
Duo Security	Yes	N/A	N/A	N/A	Yes	N/A	N/A	N/A	N/A	N/A
Entersekt	Yes^[12]	N/A	Yes	N/A	Yes^[12]	Yes^[12]	Yes	Yes^[12]	N/A	Yes
FreeOTP	Yes^[42]	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Google Authenticator	Yes	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Latch	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
LaunchKey	N/A	N/A	N/A	N/A	Yes	N/A	N/A	N/A	N/A	N/A
LoginTC	Yes^[38]	N/A	N/A	Yes^[43]	N/A	Yes^[14]	Yes^[44]	N/A	Yes^[44]	Yes^[38]
MePIN	Yes	N/A	N/A	N/A	Yes	N/A	N/A	N/A	N/A	N/A
Mi-Token	Yes	Yes	N/A	N/A	N/A	N/A	Yes	N/A	N/A	N/A
Nexmo	N/A	N/A	N/A	N/A	N/A	N/A	Yes^[45]	N/A	N/A	N/A
Nexus Smart ID^[15]	Yes^[46]	Yes^[46]	N/A	Yes^[46]	Yes^[46]	Yes^[46]	Yes^[46]	Yes^[46]	N/A	Yes^[46]
OASIS2FA^[16]	Yes	N/A	N/A	N/A	N/A	Yes	Yes	Yes	Yes	Yes
Ping Identity	N/A	N/A	N/A	N/A	Yes^[47]	N/A	N/A	N/A	N/A	N/A
PortalGuard	Yes^[17]	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
privacyIDEA	Yes	Yes	N/A	N/A	N/A	N/A	N/A	Yes	N/A	N/A
Protectimus	Yes	Yes	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
RSA Security	Yes	N/A	N/A	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Rublon	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
SAASPASS	Yes	N/A	Yes	N/A	N/A	N/A	N/A	N/A	N/A	N/A
SAT Mobile ID	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
SecSign	N/A	N/A	N/A	Yes^[21]	N/A	N/A	N/A	N/A	N/A	N/A
SecureAuth^[22]	Yes	N/A	Yes	Yes	Yes^[48]	Yes	Yes	N/A	N/A	Yes
SecurePass	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
SmartSign	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Solidpass^[24]	Yes	Yes	Yes	N/A	Yes	N/A	N/A	Yes	N/A	N/A
SwivelSecure	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
SyferLock GridGuard	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Symantec/Verisign VIP	N/A	N/A	N/A	N/A	Yes	N/A	N/A	N/A	N/A	N/A
TeleSign	Yes^[26]	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
TextPower	N/A	N/A	N/A	N/A	Yes^[49]	N/A	N/A	N/A	N/A	N/A
Token2	Yes^[50]	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Toopher	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Totp.Me	Yes	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
VASCO Data Security	Yes	N/A	N/A	N/A	Yes	N/A	N/A	N/A	N/A	N/A
WiKID Systems	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
WWPass	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A
Yubico	Yes	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A	N/A

References

↑ "Comparing the top multifactor authentication vendors". November 2014.
↑ "Side Channel Vulnerabilities on the Web - Detection and Prevention" (PDF).
↑ "Definition of Hardware Token".
1 2 "INTRODUCING AUTHY FOR YOUR PERSONAL COMPUTER".
1 2 "SECURITY NOTICE: OPENSSH PASSWORDS VULNERABLE".
↑ Larry Seltzer (30 April 2014). "Microsoft Azure is phishing-friendly". Retrieved 27 April 2016.
↑ Yuri Diogenes (22 March 2016). "Microsoft Antimalware for Azure Cloud Services and Virtual Machines". Retrieved 27 April 2016.
1 2 3 "Clef".
1 2 3 "CryptoPhoto Features". Retrieved 18 April 2016.
1 2 3 4 5 6 7 "CryptoPhoto for Banking" (PDF). Retrieved 11 November 2017.
↑ Jon Oberheide (6 June 2014). "Duo Patches for the Latest OpenSSL Vulnerabilities". Retrieved 18 April 2016.
1 2 3 4 5 6 7 8 "Build in trust with the Transakt SDK" (PDF).
↑ "The secret keys are stored in the clear in the database".
1 2 3 4 5 6 "The Use of Secure Remote Password in LoginTC". 6 December 2013.
1 2 3 "Nexus Smart ID for physical and digital access". nexusgroup.com. Retrieved 7 June 2018.
1 2 3 "Olive Innovations - OASIS". www.oliveinnovations.com. Retrieved 7 June 2018.
1 2 3 "Two factor Authentication:Flexible Options" (PDF).
↑ "privacyIDEA:Features".
↑ "HSM Support in privacyIDEA".
1 2 "Rublon".
1 2 3 4 "SecSign".
1 2 3 4 "SecureAuth Adaptive Authentication".
↑ "SecureAuth Multi-Factor Authentication".
1 2 3 "Solid Pass".
↑ "GridGuard Overview".
1 2 3 4 "TeleSign_US_Datasheet_Push_Verify_20161" (PDF). 2016. Retrieved 27 April 2016.
↑ NEIL J. RUBENKING (20 May 2014). ""Hack-Proof" TextKey Turns SMS Authentication on Its Head". Retrieved 1 May 2016.
↑ "TextKey Scores Well in Network World Review of Authentication Solutions".
↑ "Multi-Factor Authentication | Identity Assurance | RSA". www.rsa.com. Retrieved 2018-01-29.
↑ "NIST explains proposed ban on SMS for 2FA".
1 2 "Two-Factor authentication is a mess".
↑ "Authenticator plus".
↑ "Authentify Two-Factor Authentication".
↑ "Authy: Two-Factor Authentication Made Easy".
1 2 3 Matthew Prince (28 November 2012). "Choosing a Two-Factor Authentication System". Retrieved 16 April 2016.
↑ "What is Azure Multi-Factor Authentication?".
↑ "Clef Two-Factor Authentication".
1 2 3 "LoginTC Two Factor Authentication".
↑ "AUTHY two factor authentication". Retrieved 27 April 2016.
↑ Dan Killmer. "AUTHY ONETOUCH: SIMPLY STRONG SECURITY". Retrieved 18 April 2016.
1 2 3 "Two Factor and Multifactor Authentication by CryptoPhoto". Retrieved 18 April 2016.
↑ "FreeOTP".
↑ "LoginTC Multi-Factor Flow". 13 December 2013.
1 2 "Two-Factor Authentication Worldwide using LoginTC". 2 April 2014.
↑ "Nexmo".
1 2 3 4 5 6 7 8 "Nexus Smart ID Authentication Methods".
↑ "PingID Multi-factor Authentication".
↑ "SecureAuth Behavioral Biometrics".
↑ "GET AN INDUSTRY LEADING MULTI-FACTOR AUTHENTICATION SOLUTION".
↑ "TOKEN2".

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.

[1] "Comparing the top multifactor authentication vendors". November 2014.

[2] "Side Channel Vulnerabilities on the Web - Detection and Prevention" (PDF).

[3] "Definition of Hardware Token".

[authy1-4] 1 2 "INTRODUCING AUTHY FOR YOUR PERSONAL COMPUTER".

[authy2-5] 1 2 "SECURITY NOTICE: OPENSSH PASSWORDS VULNERABLE".

[6] Larry Seltzer (30 April 2014). "Microsoft Azure is phishing-friendly". Retrieved 27 April 2016.

[7] Yuri Diogenes (22 March 2016). "Microsoft Antimalware for Azure Cloud Services and Virtual Machines". Retrieved 27 April 2016.

[clef1-8] 1 2 3 "Clef".

[cryptophot-9] 1 2 3 "CryptoPhoto Features". Retrieved 18 April 2016.

[cryptophotb-10] 1 2 3 4 5 6 7 "CryptoPhoto for Banking" (PDF). Retrieved 11 November 2017.

[11] Jon Oberheide (6 June 2014). "Duo Patches for the Latest OpenSSL Vulnerabilities". Retrieved 18 April 2016.

[Transakt1-12] 1 2 3 4 5 6 7 8 "Build in trust with the Transakt SDK" (PDF).

[gadbplaintext-13] "The secret keys are stored in the clear in the database".

[logintcsrp-14] 1 2 3 4 5 6 "The Use of Secure Remote Password in LoginTC". 6 December 2013.

[nexusgroup.com-15] 1 2 3 "Nexus Smart ID for physical and digital access". nexusgroup.com. Retrieved 7 June 2018.

[oliveinnovations.com-16] 1 2 3 "Olive Innovations - OASIS". www.oliveinnovations.com. Retrieved 7 June 2018.

[portalguard1-17] 1 2 3 "Two factor Authentication:Flexible Options" (PDF).

[privacyideahome-18] "privacyIDEA:Features".

[privacyideaHSM-19] "HSM Support in privacyIDEA".

[rublon1-20] 1 2 "Rublon".

[secsign1-21] 1 2 3 4 "SecSign".

[secureauth1-22] 1 2 3 4 "SecureAuth Adaptive Authentication".

[secureauth2-23] "SecureAuth Multi-Factor Authentication".

[solidpass-24] 1 2 3 "Solid Pass".

[25] "GridGuard Overview".

[telesign1-26] 1 2 3 4 "TeleSign_US_Datasheet_Push_Verify_20161" (PDF). 2016. Retrieved 27 April 2016.

[27] NEIL J. RUBENKING (20 May 2014). ""Hack-Proof" TextKey Turns SMS Authentication on Its Head". Retrieved 1 May 2016.

[28] "TextKey Scores Well in Network World Review of Authentication Solutions".

[29] "Multi-Factor Authentication | Identity Assurance | RSA". www.rsa.com. Retrieved 2018-01-29.

[30] "NIST explains proposed ban on SMS for 2FA".

[2famess-31] 1 2 "Two-Factor authentication is a mess".

[32] "Authenticator plus".

[33] "Authentify Two-Factor Authentication".

[34] "Authy: Two-Factor Authentication Made Easy".

[cloudfare-35] 1 2 3 Matthew Prince (28 November 2012). "Choosing a Two-Factor Authentication System". Retrieved 16 April 2016.

[36] "What is Azure Multi-Factor Authentication?".

[37] "Clef Two-Factor Authentication".

[logintctotp-38] 1 2 3 "LoginTC Two Factor Authentication".

[39] "AUTHY two factor authentication". Retrieved 27 April 2016.

[40] Dan Killmer. "AUTHY ONETOUCH: SIMPLY STRONG SECURITY". Retrieved 18 April 2016.

[cryptophot1-41] 1 2 3 "Two Factor and Multifactor Authentication by CryptoPhoto". Retrieved 18 April 2016.

[42] "FreeOTP".

[logintcpin-43] "LoginTC Multi-Factor Flow". 13 December 2013.

[logintctscale-44] 1 2 "Two-Factor Authentication Worldwide using LoginTC". 2 April 2014.

[45] "Nexmo".

[smartidauthmethods-46] 1 2 3 4 5 6 7 8 "Nexus Smart ID Authentication Methods".

[47] "PingID Multi-factor Authentication".

[48] "SecureAuth Behavioral Biometrics".

[49] "GET AN INDUSTRY LEADING MULTI-FACTOR AUTHENTICATION SOLUTION".

[50] "TOKEN2".