inWebo Multi-Factor Authentication Scenarios
Which Multi-Factor Authentication Do You Need?
Below are the various flavors of strong or multi-factor authentication supported by inWebo. They all have in common that inWebo verifies a dynamic & cryptographic “password” to validate the user and/or device identity. Ask us if you’re unsure which ones are relevant for you.
- 2-factor authentication (2FA): inWebo verifies in real time that the person trying to login as a user has something belonging to that user (an authenticator app or client or device registered in the user profile – see the authenticators we support) and knows something specific to that user (a PIN). The PIN can be replaced by a biometric test on the authenticator.
- Step-up (or 2nd factor) authentication: inWebo only verifies that the person trying to access a user account has an authenticator belonging to that user. That verification takes place as an additional step after the person has authenticated with the account password. Step-up authentication is used to strengthen an existing authentication process. Most MFA use cases implement 2FA or step-up.
- Passwordless authentication: inWebo verifies that the person has an authenticator belonging to the user. This replaces an authentication with the account password.
- Browser or App authentication: inWebo silently verifies that the access request is initiated from a registered browser or app. This is a simple way for administrators to define from which devices applications can be accessed, without the need for an MDM solution.
- Transaction sealing: this is a special case of 2FA or step-up where a data related to a transaction (amount, beneficiary, terms…) is sealed in a cryptographic manner. The purpose is to link a verified user identity with a proof of consent on the terms of a transaction, making it non-disputable. As an example, transaction sealing is mandated for online payments in Europe (PSD2 SCA).