There are many ways to secure your online accounts. You may have heard of two-factor and multi-factor authentication, both of which are common. But ensuring out-of-band authentication is another important way to secure your accounts and personal information.
What is Out-of-Band Authentication?
When using social media or online banking, your identity must be authenticated before you can access your accounts or funds.
OOBA is an authentication process where a channel other than the communication medium between you and the service provider is used to establish an authenticated connection. This way, fraudsters or hackers have a hard time accessing your account.
An example is when a one-time password (OTP) is sent to your mobile phone when you try to complete an online transaction. That way, separate channels are used to ensure the security of your account.
Note that OOBA can occur concurrently with other user authentication systems, such as two-factor and multi-factor authentication.
How Out-of-Band authentication works
Instead of a direct link between you and the service provider, OOBA is an intermediary, ensuring that no hackers gain access to your passwords during the verification exchange.
When two communication channels are used for verification, it is significantly more difficult, if not impossible, to intercept the exchange. With two-factor authentication (2FA), a password and an email can be used together as a security layer. This means that the same device may be used to establish the authentication process, leaving room for compromise.
Multi-factor authentication (MFA) is where two or more different methods, such as PIN codes, passwords, QR codes and biometric screening, are used. Authentication (2FA, MFA, etc.) goes out of band when it spans two different devices or communication channels, such as the Internet and wireless cellular channels.
The probability of a hacker gaining access to both separate channels at the same time is significantly lower. This makes out-of-band authentication an effective countermeasure against what is referred to as MITM (man-in-the-middle) attacks.
Man-in-the-Middle (MITM) attacks
Imagine sending a letter to a pen pal through the post, only to have a random person hold the postman. This unknown person reads your letter, sends you a reply and writes to your pen pal pretending to be you. That’s exactly what happens in a MITM attack.
MITM is also known as an adversary-in-the-middle attack (AiTM). Here, the communication between you and your service provider, be it your bank or social media app, is intercepted by a malicious third party. Your data can be siphoned, funds drained and sensitive information made public.
Out-of-band authentication improves your security when performing online activities. When setting up your accounts, make sure you choose a security measure that doesn’t just require PINs and passwords.
Try to choose measures that also ask for OTPs or tokens, as these add extra layers of security. Bonus points if the OTP is sent to a different gadget than the one you’re trying to log in to. Out-of-band authentication is also possible when using one device, but via two different apps independently of each other.
Using mobile phones for out-of-band authentication
Mobile phones serve as the venue for most of our communication and online transactions. So it’s no wonder that cyber fraudsters and hackers so easily target them.
You can easily implement OOBA on several of your accounts using a mobile phone. This is because you can receive confirmation codes offline as SMS or push notifications when you try to process an online transaction, for example.
Myriads of apps available can help with out-of-band authentication, further ensuring that no one but you can access your accounts, even if they gain access to or unlock your phone. OOBA uses a mobile phone is hinged on the three sources of information on which authentication factors are based.
These include things you are expected to know (eg PINs, usernames and passwords), something you are expected to own (such as a debit or credit card, an email address or phone number), and a part of you. Not your literal finger, of course, but a fingerprint or facial recognition should suffice.
What you know
One of the three most likely sets of fields you’ll need to fill out will involve something you’re expected to know. To access your account secured with out-of-band authentication, especially with a mobile phone, you must provide a pre-defined username, PIN or password.
It can also answer a secret question you’ve set up before. If you forget one of these, an external account, such as your email address, can be used to retrieve it.
What you own
Another field will involve information obtained from or sent to something you own. This can be any or all of the information imprinted on your bank cards (credit or debit cards).
It can also be in the form of OTPs, tokens codes, push notifications or QR codes, all sent to your mobile phone. Your phone number in question is a separate, unconnected channel from the website or app you use to perform this operation.
Who you are
Finally, to determine if you are really trying to gain access, a site or account with out-of-band authentication enabled may have some form of biometric screening. It could be on another device, such as a biometric reader on a laptop when you try to log in with a mobile phone or on the same device.
Fingerprint, voice (phone calls, not recording) and facial recognition features are readily available on phones these days. These functions are typically used in performing out-of-band authentication.
Who uses out-of-band authentication?
Out-of-band authentication is worth its weight in cybersecurity gold, which is evident in the various applications. It is often used to secure online transactions and access to social media.
Organizations that handle large amounts of sensitive data, such as insurance companies and healthcare professionals, often use this authentication system. Small, retail and medium to large businesses are also looking into the security benefits of OOBA offer.
Safe and secure online operation in a simple way
Take control of your data and strengthen your cyber security by using OOBA whenever and wherever you can. This technology has now advanced enough to give you an edge over malicious intermediaries eavesdropping on your private online transactions.
Hackers will find your account harder to infiltrate, thanks to out-of-band authentication.
