Multi-factor authentication is becoming more common in the modern security environment. For sensitive keys, it makes a lot of sense to require more than one piece of identification before access is granted to increase the probability of a positive match.
How does two-factor authentication on CIC Technology’s electronic key cabinets work and why is it so important?
What factors are used for identification?
Two-factor authentication simply means that for the user to access the key cabinet, they must provide two different pieces of identification. Ideally, the two factors use a different method of identifying the correct user. For CIC’s electronic key cabinets, those methods fall into three categories:
Entering information only the correct user knows (a PIN)
The most basic but also one of the most effective methods is entering a PIN that only the user knows. The advantages are clear – it can’t easily be stolen and there’s nothing to misplace. The downside, of course, is that a PIN can be forgotten or it can be wilfully shared with other personnel. If the user has written it down, the risk of theft is greatly increased.
Presentation of something in the user’s possession (a Prox card)
Proximity or prox cards are small cards that are badged in front of a sensor to unlock a cabinet. The upside of a prox card is its simplicity – just wave it in front of the sensor and away you go. The downside of a card compared with a PIN is that it can be lost, stolen or shared much more easily.
Reading identifying markers on the user’s body (biometric data)
Using a unique characteristic of a person’s body like their fingerprint or face is known as biometric identification. Arguably, these methods are some of the most secure, because it’s very difficult to replicate them to the point where the readers can be fooled.
Fingerprint readers and facial recognition scanners work on similar principles – the unique characteristics of a user’s face or finger are captured and used to build a profile within the system. When a user scans themselves at the cabinet, their biometric profile is compared to those profiles that have been previously enrolled. If a match is found, then there is a high degree of certainty that the user presenting at the cabinet is the same user whose biometric profile was enrolled
Why is two factor authentication so important?
All of these identification methods can be effective on their own, but they become a great deal stronger when implemented together. When two of these methods are required for a key cabinet to unlock, the chances of an unauthorised user being able to steal or replicate both becomes increasingly slim. It’s essentially about making the system more robust. If an unauthorised person discovers a PIN or steals a prox card, they still won’t be able to get into the cabinet because they won’t have the other identification factor.
In CIC’s cabinets, the combination of authentication methods is generally a proxy card or fingerprint followed by a PIN. In places where security is of incredibly high importance, two-factor authentication adds a further layer of protection to the keys you’re guarding.
Interested in using electronic key cabinets in your organisation? Contact a member of the CIC Technology team today to request a free demo.