Out-of-band authentication uses two separate networks or channels to communicate between two parties or devices. For example, a user can access a site through a network connection, and a one-time password can be sent through a cellular network to that user's mobile device. This reduces the probability of the authentication process being compromised.
This type of authentication can be employed by organizations to mitigate actual or suspected man-in the-middle attacks. The conditions for activation can include, for example, suspicious activities, new threat indicators or elevated threat levels, or the impact level or classification level of information in requested transactions.
Out-of-band authentication (OOBA) refers to the use of two separate communication paths to identify and authenticate users or devices to an information system. |