Multi-factor authentication mechanisms using a mobile device |
|
With the wide use of mobile devices, the number of business transactions carried out through these devices is dramatically increasing. However, there are many weaknesses to single-factor authentication when used in the mobile context requiring strong authentication mechanisms to meet requirements for security and convenience. As such, there is a strong need to develop multi-factor authentication mechanisms that are applicable to the mobile context.
Recommendation ITU-T X.1158 provides multi-factor authentication mechanisms using a mobile device. This Recommendation describes the weaknesses of single-factor authentication mechanisms, the need for multi-factor authentication mechanisms, the various combinations of multi-factor authentication mechanisms using a mobile device and the threats for two-factor authentication mechanisms. In addition, security requirements to reduce the threats of single-factor authentication are provided, including potential typical multi-factor authentication mechanisms. This Recommendation assumes the use of a mobile device with subscriber identity module (SIM) card capability, but should not exclude the use of virtual SIM cards. Specifically, this Recommendation is applicable to all applications using mobile devices. This Recommendation is based on the framework described in Recommendation ITU-T X.1154. |
|
Citation: |
https://handle.itu.int/11.1002/1000/12341 |
Series title: |
X series: Data networks, open system communications and security X.1100-X.1199: Secure applications and services (I) X.1150-X.1159: Application Security (I) |
Approval date: |
2014-11-13 |
Provisional name: | X.sap-8 |
Approval process: | AAP |
Status: |
In force |
Maintenance responsibility: |
ITU-T Study Group 17 |
Further details: |
Patent statement(s)
Development history
|
|
|
Ed. |
ITU-T Recommendation |
Status |
Summary |
Table of Contents |
Download |
1
|
X.1158 (11/2014)
|
In force
|
here
|
here
|
here
|
Title |
Approved on |
Download |
Guidelines for identity-based cryptosystems used for cross-domain secure communications
|
2023
|
here
|
Overview of hybrid approaches for key exchange with quantum key distribution
|
2022
|
here
|
Guidelines for security management of using artificial intelligence technology
|
2022
|
here
|
Successful use of security standards (2nd edition)
|
2020
|
here
|
Description of the incubation mechanism and ways to improve it
|
2020
|
here
|
Strategic approaches to the transformation of security studies
|
2020
|
here
|
|