Current Multi-factor of Authentication: Approaches, Requirements, Attacks and Challenges

Abstract

Now-a-days, with the rapid and broad emergence of local or remote access to services on the internet. Authentication represents an important security control requirement and the MFA is recommended to mitigate the weaknesses in the SFA. MFA techniques can be classified into two main approaches: based biometric and non-biometric approaches. However, there is a problem to maintain the tradeoff between security and accuracy. The studies that have been reviewed on both authentication mechanisms are found contradictory in the direction of others. In the direction of authentication-based biometrics the researchers tended to increase the recognition accuracy, while in the other direction, the researchers proposed to combine many authentication factors to increase the security layers. The main contribution of this survey is to review and spotlight on the current state of the arts in both authentication mechanisms to achieve a secure user identity. This paper provides a review of authentication protocols and security requirements. In addition to a detailed review with a comparison of secure one-time passcode generation and distribution. Furthermore, a comprehensive review of cancelable biometrics techniques, attacks, and requirements. Finally, providing a summary of key challenges and future research directions.