Universal Second Factor (U2F) Technology

Universal Second Factor (U2F)

–hassle free dual authentication security token to strengthen online protection

Securely log into your account in a matter of few seconds with U2F supported USB stick

 

Online security is becoming a major concern due to frequent hi-tech hacks & online scamming .We are living in a digital world where everyone prefer hassle free online services but every technology has pros & cons where it’s pretty effective & convenient to use, it can be very dangerous too once your credentials get laid in a wrong hand. There are enough malware companies & online frauds to trick costumers into revealing their login credential to access bank accounts, demat accounts online payment services & other social media accounts. As hackers are getting smarter we got to think ahead of them to secure ourselves from online frauds. We want to have both hassle free & secure access to our account though it was not easy to carry out both.

To protect our accounts from password cracking hacks like brute force attack we need to have a strong password which will have numerics & combination of weird alphabets throwing in some capitalization spiced up with some symbols which almost sounds & look like gibberish to sign in our head then we give up & compound our folly with same weak & easy to remember passwords like our pets name D.O.B “password1” & so which can be hacked through social engineering like a child’s play. Unfortunately even strong passwords aren’t enough to secure from ever increasing cyber crime

In an attempt to overcome the risk of password cracking universal two way authentication came into existence. Let me explain you what does universal authentication mean-we secure our accounts with username/email ID & passwords these credentials are stored within the database & whenever we require to login to our account we are asked to enter our credentials which the system will verify checking into the database once it’s found it’ll be universally authenticated & you will be logged in, well this is one way authentication which requires only password to login. So whoever gets hold of your password can easily bypass this system. Two way authentication eliminate this vulnerability of accessing account with just the password as it require two things-1) something you know that’s password  2) something you have like verification code send to your mobile device or email and you prove it that you have access to your verified device. Smart cards & bank cards like debit or credit cards is currently using same technology as it requires both a physical card which you will have & pin number which you know ,without either of these missing you cannot do a transaction. Google is already using this technology for a long time but it has now improved by bringing in the concept of universal second factor

Although dual authentication provide us with double layer of  protection  it is also kind of clumsy to use as we’ll need to check out our phone or email ID for the verification code & then get back to the login process, so it’s like a headache when we are in a hurry. However hackers can set up a look alike site that ask you to provide your verification code hence we can be tricked in that case too.U2F technology spare us with this burden as it provides super easy way to login to our any numbers of online accounts securely with two ways authentication by just inserting a USB device having the security key pre installed in it, which will be automatically identified by the browser & voila you are done without even needing client software or driver so say goodbye to looking up into verification code then jumbling with it to login. Google U2F provides protection against phishing scams as it uses cryptography instead of verification codes & automatically works with only the website it is supposed to work. Hope you all have understood the basic of U2F let’s move on to its technicalities & working.

U2F was made by Google with Yubiko working in partnership with contribution from NXP. This standard is in use by FIDO alliance which includes Google, Microsoft, PayPal, American Express, Visa, Intel, Qualcomm, ARM, Bank of America & many other massive companies .Soon this technology will be all over the web. To use U2F you need to buy to buy a small security key USB device with the FIDO U2F logo that you insert into your computer’s USB port. U2F currently only works with Google chrome browser version 40 or newer, although it is compatible with all OS like Mac Microsoft or Linux. When you insert the USB device, the chrome browser on your computer can communicate with the USB security key through secure encryption & provide the correct response that lets you log into a website. It provides protection from man in the middle attack also as the verification is directly send to the USB that too securely encrypted so there is no chance of  data leak over a vulnerable network.

This U2F security key is linked with your Google account & you can use it with all your devices to securely log into your various online accounts. So you can carry this little USB device as a car key with you always & use it to get into your accounts easily on the go. It has some inconvenience too as it requires a USB port to connect to so it is not compatible with a mobile-only users but in near future it will with paired Bluetooth device to enable mobile phone U2F application. You have to be extra careful not to lose it because once it gets into the hand of someone who knows your password then it’ll serve as a full plate meal to snob off your account.

So overall it’s a smart technology to strengthen online security covering all possible loopholes in internet. It provides both quick & secure access to our accounts so we can easily do online transaction on the go without worrying about risking our confidentiality. Soon all type of  business will be backed by U2F technology to offer simple & protected two way authentication. As hackers are getting more sophisticated strong password are no longer secure to protect us so we need to upgrade our arsenal with smart technologies to step up our defence.