Skip to main content
Image
purple hex pattern
Image
man wearing earbuds looking down at phone screen and laptop screen

Go Passwordless

Passwordless MFA options eliminate the use of passwords as one of the factors during login. Entrust offers unique MFA authenticators such as high assurance PKI-based mobile smart credential login, FIDO2 keys and passkeys (FIDO2 multi-device credentials), as well as the use of secure mobile push with optional mutual authentication, mobile OTP, and more to allow flexible MFA configuration based on individual use cases.

What is Multi-Factor Authentication?

MFA is an authentication mechanism that requires more than one distinct authentication factor for successful authentication. The 3 most common factors are knowledge (something you know), possession (something you have), and inherence (something you are). Multi-factor authentication can be performed using a multi-factor authenticator or by a combination of authenticators that provide different factors.

Image
light bulb on icon

Knowledge

Something you know (PIN, password, passphrase)

Image
mobile locked icon

Possession

Something you have (USB key, mobile device, grid card)

Image
fingerprint icon

Inherence

Something you are (Touch ID or Face ID)

How Does Adaptive Multi-Factor Authentication Work?

When a user attempts to log in to a resource, they are required to authenticate with a primary authenticator, which can be a single factor or multi-factor authenticator. Entrust IAM evaluates contextual information such as geo-location, behavioral biometrics, velocity, etc., to determine if a second factor or step-up authentication is required. If the risk level based on the user request, contextual information, and resource being accessed is low then the user is authenticated and granted access. If risk level is high, then the user can either be denied or required to use a second authenticator to verify their identity before access can be granted.

 

multi-factor authentication steps on mobile phone

Phishing-Resistant MFA

Not all MFA authenticators offer the same level of protection from cyberattacks such as SIM swap, MFA prompt bombing, and adversary-in-the-middle (AiTM). Passwordless MFA authenticators such as high assurance PKI-based mobile smart credentials, FIDO2 keys, and passkeys offer phishing-resistant MFA options for greater security.

Image
hands holding phone and tapping to accept or deny call on screen

Securing Your Largest Attack Vector: Identity

Learn more about identity-based cyberattacks and how to protect your organization against them.

Best-in-Class MFA

Entrust Identity is the unrivaled identity and access management (IAM) platform that keeps your business ahead of ever-changing security threats and supports an unparalleled number of MFA authenticators and use cases workforce, consumer, and citizen.

multi-factor authentication (MFA)

Image
mfa grid card authentication

Entrust MFA Grid Card Authentication

For users that are unable to use mobile devices in certain environments and user groups such as frontline/field and call center employees, Entrust offers an easy-to-use and cost-effective MFA solution with grid card authentication.

  • Unique to every user
  • Low support overhead
  • Proven in mass-market deployments

Risk-Based Adaptive Step-Up Authentication

Use configurable policies within the Entrust Identity platform to include risk-based step-up authentication to evaluate risk of a user based on contextual data such as location, time of day, etc., to ensure you are not adding friction unnecessarily in your user experience, and to achieve a balance between security and user experience based on your specific use case.

Image
risk-based adaptive authentication

The Numbers

said that MFA is a necessary capability for their IAM solution

use Entrust Certificate Services in addition to Entrust Identity

want a passwordless + single sign-on user experience that is frictionless

What the experts are saying...

Here's what customers are saying

Over 100 IT organizations were surveyed with TechValidate in spring 2022.

Image
quote marks left

Tommy L'Écuyer, an IT Manager at Corrections Canada

faded gray hex background
Image
quote marks left

Senior IT Architect at a state & local government

faded gray hex background
Image
quote marks left

By 81 Different Organizations

faded gray hex background

Want to Know More About Multi-Factor Authentication?

Request a demo for all your identity needs

An Entrust Identity MFA platform specialist will be in touch with options soon.

Cover all your organization's identity access use cases for employees, partners, contractors, and customers from one platform. The adaptive multi-factor authentication (MFA) solution suite from Entrust gives you the flexibility to address different use cases for your user base. The Entrust IAM solution can be used as a cloud-based service or deployed on-premises or in hybrid mode.