Various user authentication technologies are in high demand for both online and desktop software and services. Healthcare practices must recognise that passwords are not the only way of authenticating users. There are various authentication mechanisms available to enhance security when users access information in the practice.

The traditional username and password authentication method is a single security layer. However, usernames are often easy to discover, as users often utilise readily available information, like email addresses or birthdays, as their passwords. Furthermore, passwords are often difficult to remember, so people choose easy ones or use the same password across many platforms.

That is why almost all service providers like banks, social media platforms and medical software providers have added additional security layers to accounts. Users could access their software or account settings and activate multi-factor authentication.

Table of Contents 

What is an Authentication Method? 

Quite simply, authentication is the process of confirming the identity of someone (a person, device, or entity) attempting to access data, resources, or applications. Validating that identification establishes a trust relationship for further interactions. 

There are various types of authentication methods where a user is granted access only after successfully presenting two or more pieces of evidence (factors) to an authentication mechanism. In this blog, however, we’re going to focus on a method called multi-factor authentication. 

What is Multi-Factor Authentication? 

Authentication is the process of confirming the identity of a person, device, or entity attempting to access data, resources or applications. Validating identity establishes a trust relationship for further interactions and access. 

There are various authentication methods whereby a user is granted access only after successfully presenting one or more pieces of evidence (factors) to an authentication mechanism. However, this article focuses on multi-factor authentication. 

Multi-factor authentication (MFA) is a security mechanism that requires more than one verification method to validate a user’s identity. MFA thus creates a few layers of defence that makes it more difficult for an unauthorised person to access a location, device, network or database.

Three categories of factors

The most commonly used factors fall into one of these three categories:

  • Knowledge is something the user knows, like a personal identification number (PIN), a password or the answer to a secret question.
  • Possession is something the user has, like a security USB key fob or a mobile phone used to accept a text message or run an authentication app that can generate a one-time password (OTP).
  • Inherence is something the user is, which can be any form of biometric identification, like fingerprints and facial recognition.

It is essential to make use of factors from different categories. For example, thieves may steal a password, but they cannot easily steal a fingerprint.

Infographic of multi-factor authentication’s 3 primary categories.
Multi-factor authentication 3 primary categories

Benefits of Multi-Factor Authentication 

  • Multi-factor authentication increases security with third parties and organisations. Adding another form of authentication — mobile, biometric, or physical — creates a layered defence. 
  • MFA controls who has access to files. Instead of using just passwords, which can be passed around or duplicated, multi-factor authentication restricts access to authorised users only.
  • It eliminates password risks. As long as passwords have been in existence, they have been cracked or guessed. Over 65% of accounts use duplicated passwords, so if an unauthorised person finds the password for an employee’s email account, there is a 65% chance they have access to other sensitive information deeper in the network. Best practice requires the use of unique and complex passwords, used with multi-factor authentication. 

Important Things to Know

First, it’s important that the factors be different kinds of factors. Having two passwords, or a password and a memorised PIN, is just two of the same kind of factor – things you know – and if somebody compromises one password, they could compromise both. It should be a combination of at least two of the three different kinds of factors to be secure. 

Almost every online service from your bank, to your personal email, to your social media accounts supports adding the second step of authentication and you should go into the account settings for those services and turn that on. 

Multi-Factor Authentication within GoodX Web

The following outline presents the factors by category that GoodX Web utilises to enhance security and access control:

  • Knowledge (something the user knows): 
    • Passwords: a password is required to log into the software, which password should be changed regularly.
    • Pin: a pin is required to populate the practitioner’s signature on clinical events.
  • Possession (something the user has): 
    • Pushnotify: send a notification to a device, such as a computer or a smartphone, asking it to accept a login request.
    • Userfob and Stationfob: a USB key must be presented before attempting to log in.
  • Inherence (something the user is): 
    • Facial recognition: an image is saved to the user’s profile and compared to the current facial structure to accept a login request. Facial recognition technology is used in conjunction with a Stationfob to verify a station in a secured location, reducing the risk of using a social media image. It is typically used at a nurses station or similar setting where only authorised personnel are allowed.

Please refer to our user manual about the different types of login methods on GoodX Web, as well as our user manual about the set-up of different authorisation factors in GoodX Web.

Final Thoughts  

Authentication technology is constantly evolving. As a result, businesses must look beyond passwords and consider authentication to improve security and user experience. Using multi-factor authentication is one of the easiest ways to prevent unauthorised users from accessing confidential information and therefore protecting the business against legal claims and fines.