To achieve security, enterprises work with IAM systems that deploy multi-factor authentication (MFA). Mfa allows businesses to verify their employees’ identities when they login to corporate apps.
While MFA is key to security, companies should avoid using methods that require employees to use their phones.
Below, we focus on why phone-based MFA is burdensome and costly for companies and employees. And we highlight typing biometrics as a seamless and privacy-focused alternative for workforce authentication that doesn’t require using personal phones to work.
Why is workforce MFA the new normal?
With increased cybersecurity threats and more people working remotely, enterprises rely on identity and access management (IAM) providers to secure their workforce access to corporate data and apps.
IAM providers, such as Okta, ForgeRock, or WSO2, offer services that enforce security within a company’s network and include solutions for employee authentication and network access control. IAM providers help companies develop robust security flows that don’t affect employees’ productivity.
To keep data safe, enterprises use 2FA to verify the identity of users attempting to log into the corporate network. And although most 2FA methods increase security and help companies protect their networks, some are better at doing the job than others.
Before we explore why behavioral biometrics authentication is the better choice, let’s find out why phone-based authentication methods are becoming a thing of the past.
Why using personal phones for MFA is a thing of the past?
Let’s say that employee Jane is trying to log in to the corporate network to access the data she needs to do her job. To start her 2FA authentication process, most IAM systems would have Jane enter her username and password (her credentials). To finalize 2FA, Jane would have to input an SMS one-time passcode sent to her phone.
The same example works for most of the traditional phone-based 2FA methods. Companies that don’t use SMS OTP, like in Jane’s case, still require employees to carry around tokens or use their cell phones for authentication methods, such as:
- TOTP apps,
- VoIP apps,
- Voice calls,
- Push notifications.
Phone-based authentication is burdensome and costly for the employee and the employer. Privacy concerns come from many employees who disagree with being required to use their phones for work. For employers, the costs associated with phone-based authentication and employee concerns and negative feedback can be challenging.
Regarding phone-based workforce MFA, traveling abroad worries employees the most because of the costs associated with receiving SMS OTPs through roaming. And, while an organization can’t legally force employees to use their cell phones for work, the same organization might be liable to pay any additional fees incurred by employees when performing MFA for work purposes. In other words, unless employees have a business cell plan, it’s wrong to ask them to use personal phones to achieve an expected work function.
Behavioral biometrics: 2FA methods that don’t require a phone
Behavioral biometrics include typing biometrics, voice recognition, gait analysis, mouse movements, and other behavioral characteristics. However, not all behavioral biometrics work without a phone. For example, voice recognition most commonly works by calling on the user’s personal phone.
However, typing biometrics works with only a keyboard and can be deployed for MFA that doesn’t require phones. Typing biometrics is a form of behavioral biometrics that analyzes a user’s typing patterns to authenticate them. Typing biometrics is an excellent fit for MFA because it works on any keyboard and takes place in the background when users type their credentials.
MFA with typing biometrics explained
For workforce authentication, MFA with typing biometrics occurs behind the scenes when employees type their username and password through the IAM login portal. The technology looks only at how the user types and never at what they type. By analyzing a user’s unique typing patterns, typing biometrics can learn that user’s typing behavior and authenticate them seamlessly anytime they type.
So, let’s go back to Jane from our previous example. If your company’s IAM system uses TypingDNA typing biometrics as 2FA, whenever Jane wants to access corporate resources, she simply has to type her username and password to be securely authenticated. With TypingDNA, the second authentication factor is represented by Jane’s typing biometrics while typing her credentials.
Another option with TypingDNA is to verify Jane’s identity by how she types a short phrase. Short phrase 2FA works like this: Firstly, Jane either types her username and password or uses a password manager to log in, as she usually would. Then, a 2FA pop-up appears on her desktop, asking her to type a few words or a short phrase. In this case, TypingDNA assured Jane’s 2FA while she typed a short phrase.
Benefits of typing biometrics for workforce authentication
Because of its ability to passively authenticate users while they type, typing biometrics is a good fit for workforce authentication, and it:
✅ Works with the existing keyboard,
✅ Reduces the need for personal phones,
✅ Allows users to enroll quickly.
Ready to improve your workforce 2FA experience with typing biometrics?
Learn more, or simply contact us: