How secure is your second-factor authentication? If you are not using security keys and biometric technology, chances are you’re not protected at all. True, two-factor authentication (2FA) is better protection than using a complex password, but SMS-based and email verification protocols do not provide consumers a fail-safe method for information security.
Physical security keys keep your personal and business accounts and devices safe and are the most effective Universal 2nd Factor (U2F) authentication available. That is because it requires the use of biometric technologies. Developed by FIDO (Fast ID Online) Alliance, U2F sets the industry standards on how security keys and biometrics are supposed to work.
What are Security Keys and Why They Offer the Best Security
Biometric U2F authenticators, like the Kensington VeriMark™ Fingerprint Key, work by tapping a USB device plugged into your computer, laptop, tablet, or smartphone. You don’t have to be a tech guru to use this method.
There is no additional hardware, and system requirements are minimal. Some will even work with Windows 7. What entices consumers more is the fact that these devices are affordable. Most people expect to pay a lot for this level of security.
Top 4 Security Key Technologies and How They Work
Before you learn the different types of security keys, take a moment to understand how the technology works.
A security key randomly generates both a private and a public key pair. The private key does not leave the device while the public one goes to a server. Furthermore, a random number, known as a nonce, acts as your passkey. Likewise, an additional number, called the checksum, is how the server identifies your specific security key.
When you enter your username and password, the server sends back the nonce and the checksum to your device along with an entirely new randomized number. The physical security key will regenerate a private key by using the nonce and checksum. It "signs" that number which therefore verifies and unlocks your consumer or business account.
It is a complicated process, but luckily as the consumer, all you have to do is plug in the device and tell it how to secure your information. Hardware security devices are the most reliable against phishing attacks.
1. USB Type A
Universal Serial Bus (USB) Type-A was released in 1996 with version 1.0 but didn’t become common until 1998 when the USB 1.1 was released. Type-A is the most widely used for charging, data transfer, and dongle applications.
USB ports come standard in nearly every laptop and computer, tablet, and even some smartphones. It is the larger end of a charging cable.
2. USB Type C
Type-C adapters are a micro USB-C connection that has only been around since 2014. Android uses the USB-C at the smaller end of the charging and data transfer cables, an upgrade from the standard micro USB port. As new devices hit the market, Type-C ports are becoming the new standard and are replacing the standard micro-USB.
3. Near-Field Communication (NFC)
A set of communication protocols, an NFC communicates between electronic devices from no more than 4 cm away. There are several types of NFC tags with multiple applications. Here are a few:
- Sticker tags: Self-adhesive RFID tags
- Badges and ID cards: Plastic cards with RFID embedded chips
- PROX tags: Contactless smart car or key fob
- Livestock and pet tags: Ear tags or microchip injected between the animal’s shoulder blades
- Wristband tags: Two common types, single-use and reusable, made with numerous materials
These are only a few of the NFC tags available, and do not all rely on RFID capabilities. There are even NFC readers with fingerprint biometrics.
Google’s response to hardware security key protection was to develop the Google Titan – a Bluetooth connectivity security device. This system is available also in USC-A, USB-C, and NFC technologies. The Titan boasts special firmware engineered by Google to verify the key’s integrity and is compatible with their best security offered – the Advanced Protection Program.
Why Using a Security Key Offers the Best Protection
As technology advances, hacking techniques become more elaborate. It’s a cat and mouse game in which IT developers struggle to stay ahead. Data breaches occur at the rate of nearly 6 million records stolen per day. For that reason, you need to be protecting your information with the highest level of security available on the market. Security keys with biometrics are the best way to ensure your records a safe.
What is Kensington’s Biometrics Tap-and-Go?
Kensington’s Tap-and-Go technologies combine your login credentials with a 2FA device to enable added protection to non-FIDO2 services. So, if an application leverages the former FIDO-U2F standard, like Facebook, Spotify, Google Services, and OKTA, it can still use biometrics to authenticate the user by tapping the VeriMark™ device.
View the different VeriMark™ security keys offered by Kensington.
What Services Support Biometrics Best Versus Tap-and-Go with Kensington
One tap, you're logged in. That is what Kensington biometrics engineers had in mind when developing their Tap-and-Go technologies. IT specialists and hackers alike know that people will not use elaborate security measures.
FIDO2 currently sets the standards in comprehensive online security. Yet, with advances in the field occurring rapidly, not all services support these protocols. VeriMark™ is Kensington's solution to this growing problem.
Security keys are nothing new, but what they are capable of has grown exponentially. The services that fully support biometrics are still in development. Iris authentication that was once science-fiction has indeed become science-fact. Yet, there is a long way to go before this technology is available to the general public.
We know that you worry about password protection. Check out our list of services we offer that will take the stress out of protecting your information.