Out-of-band authentication, or OOB authentication, is a type of two-factor authentication that requires a secondary verification method through a separate communication channel with a unique ID and password. It is an authentication process that channels communication between enterprises, using one of the types of two-factor authentication. Out-of-band authentication is often used by financial institutions, online banking websites, and other organizations, where there is a requirement of high security.
One
of the common examples of OOB authentication is in banking transactions.
Typically, a customer wishing to do an online bank transaction will be sent an
SMS message by cell phone with a password. For example, to complete the login
process in online banking, an authentication code is sent to the account
holder's mobile device through SMS. The practice makes hacking more difficult as
two separate authentication channels would have to be compromised for a hacker
or attacker to gain access.
Out-of-band
authentication provides additional protection against unauthorized access and help
prevent fraud and hacking. The OOB authentication system prevents many types of
hacking and help organizations identity theft. Multifactor authentication
systems often use credentials such as security tokens, passwords, smart cards
PINs, and cellphones for authentication. Out-of-band authentication use mobile
phone-based authentication tokens, such as SMS and backup call, and hardware-based
OOB authentication tokens. The
exponential rise in the volume of online transactions as well as rise in
compliance requirements are one of the major drivers contributing to growth of
the global out-of-band
(OOB) authentication market.
The
system offers better security to the organization, making it significantly more
difficult for hackers to corrupt and intercept the authentication process as it
requires them to compromise two separate communications channels. Thus, there
is an increasing demand for out-of-band authentication around the world. For
example, in May 2020, OneSpan announced that Turkish bank, DenizBank, is using its
Mobile Security Suite to protect 2.6 million mobile customers across the bank’s
mobile banking app MobilDeniz.
Moreover,
in October 2021, Wibmo Inc. announced the launch of Tridentity, an out-of-band
multi-factor authentication solution which integrates with mobile banking
apps.