One-time passwords (OTP) remain one of the most widely used forms of two-factor authentication, despite their well-documented vulnerabilities. Earlier this year, a major UK bank was hit by an attack in which fraudsters diverted text messages from legitimate customers’ phones in order to bypass two-factor authentication and access accounts.
The paradigm for identity risk management and authentication is changing. In the new paradigm, context and data available for a specific type of interaction must drive analytics. Instead of just looking for commonality, we need to make better use of data that is unique.