What is out-of-band authentication? - Definition from WhatIs.com

Definition

out-of-band authentication

Part of the Authentication glossary:

Out-of-band authentication is a type of two-factor authentication that requires a secondary verification method through a separate communication channel along with the typical ID and password.

Out-of-band authentication is often used in financial institutions and other organizations with high security requirements. The practice makes hacking an account more difficult because two separate and unconnected authentication channels would have to be compromised for an attacker to gain access.

One secondary method for out-of-band authentication is the practice of requiring the user to make a phone call from a registered number or respond to an automatically-generated phone call from the institution. For further security, voiceprint technology may be used to provide biometric verification. Another method is to require the user to text a code displayed after login from their registered smartphone to the institution.

Out-of-band authentication secures communications with only a slight increase in complexity for a user. The methods are also much cheaper to deploy than security key fobs or more complex biometric methods.

There are a number of ways that a determined criminal can find a way around out-of-band authentication. For example, a hacker may attempt to get the customer's phone number changed on the account, substituting his own phone number. In this case, the technology's effectiveness depends on the bank adhering strictly to policies against making changes to an account without phone confirmation, or transferring money without that extra authorization. 

Smartphones can also be a weak spot in out-of-band-authentication. If people use the same phone for Web banking that they use for SMS authentication, they’re nullifying the effectiveness of the secondary measure. In either case, the effectiveness of out-of-band authentication relies upon adherence to the proper procedures. 

This was last updated in December 2014
Contributor(s): Matthew Haughn
Posted by: Margaret Rouse

Related Terms

Definitions

  • universal authentication

    - Universal authentication is a network identity-verification method that allows users to move from site to site securely without having to enter identifying information multiple times. (WhatIs.com)

  • soft token

    - A soft token is a software-based security token that generates a single-use login PIN. Traditionally, a security token has been a hardware device that produces a new, secure and individual PIN for... (WhatIs.com)

  • signature analysis

    - Signature analysis has two meanings. It can involve scrutinizing human signatures in order to detect forgeries and it can be a troubleshooting technique in which an AC signal with a specific wavef... (WhatIs.com)

Glossaries

  • Authentication

    - Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About out-of-band authenticationPowered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.