SureID will follow up with you within the next 48 hours.
MFA is a method of user access control where access to a digital system is granted after presenting several individual pieces of evidence to an authentication mechanism. At a minimum, at least two of the following items need to be met in order for access to be granted:
Minimum MFA is sometimes called two-factor authentication (2FA) and, though 2FA is a type of multifactor authentication, current identity assurance solutions rely on all three dimensions of identity before granting user access.
One of the biggest benefits of multifactor authentication is its ability to use advanced security options like single sign-on – a process that is easy for users yet difficult to hack. With single sign-on, the user performs an initial multifactor authentication process that, when successfully executed, the user is pushed to their single sign-on software to gain access to their digital ecosystem of apps and data. It removes the need to enter passwords or credentials each time and, by only requiring amount of upfront time every day, users avoid entering passwords or credentials over and over.
As an answer to the benefits presented by MFA systems, the U.S. Federal Government created the Personal Identity Verification-Interoperable (PIV-I) in 2004 via the Homeland Security Presidential Directive 12 (HSPD-12). This directive required that a federal governmental standard be established for secure and reliable forms of identification based on multifactor authentication.
PIV-I cards provide both federal and non-federal organizations with a way to comply with these federal security standards. The PIV-I standard currently serves as the federal government’s most rigorous protocol for commercial high-assurance, mutlifactor authenticated credentials, and allows a single credential to be interoperable across multiple federal government agencies.
Cyber threats and security breaches have progressed to the point where passwords are no longer secure enough to adequately protect organizations. As a result, government agencies are requiring contractors to comply with personal identity verification standards specified by NIST SP 800-171 to begin December 31, 2017 or risk losing their contracts.
Multifactor authentication will be mandated.