Delfigo Security - Strong Authentication

  • Increase font size
  • Default font size
  • Decrease font size

Multi Factor Authentication

Multi Factor Authentication, also called strong authentication, involves the use of two or more authentication factors. The generally accepted rule1 is that multi factor authentication requires the use of identity factors from at least two of the three factor categories:

  1. personal - something you know
  2. technical - something you have
  3. human - something you are.  

The 14 identity attributes captured and consumed by Delfigo's DSGateway's decision engine cover authentication factors from each of the three factor categories:

Personal:Login Credentials in the form of  username/password
Technical:Device ID (agent, operating system, monitor resolution, browser type, browsers size, timestamp, IP address, location, hostname, proxy IP)    
Human:Keystroke Biometric (flight time, dwell time, key-to-key, reflective time)

Additional Resources:

  1. How To Choose Multifactor Authentication
  2. Gartner Warns of Two Factor Vulnerabilities
  3. Kuppinger/Cole- Strong Authentication
  4. Computer Dictionary Definition
  5. IAMBlog - Strong Authentication

1. Authentication in an Internet Banking Environment, Federal Financial Institutions Examination Council, August 15, 2006. "By definition true multifactor authentication requires the use of solutions from two or more of the three categories of factors. Using multiple solutions from the same category would not constitute multifactor authentication."


“Delfigo’s work has produced a groundbreaking approach to a very real problem that is at least two generations beyond the security technology currently regarded as cutting edge. Their research and development mark a milestone in the field, and illustrate the extraordinary value that can be derived from applied innovation and managerial acumen.”

Richard C. Putz, PhD.
Managing Director & Senior Fellow
Cambridge Institute of
Applied Management.