Frequently Asked Question

Why is Plurilock’s MFA solution better a phone-based MFA solution like SMS OTP codes?

Plurilock authentication is invisible to users, more cost-effective, and more secure than MFA that is achieved using one-time codes delivered via SMS or authenticator apps.

Most of our customers have found the use of phone-based MFA to be a challenging strategy, for a variety of reasons.

In bring-your-own-device (BYOD) situations, the number and variety of phones to support is often daunting, and the security soundness of any particular user’s phone may be in question without the use of corporate device management systems—at which users often balk. On the other hand, moving beyond BYOD implies the purchase and distribution of a fleet of phone devices, which is often cost-prohibitive.

Even when a fleet of phones can be deployed and managed appropriately, the provision of one-time codes via phone tends to frustrate users and to negatively impact productivity.

Perhaps the largest problem with phone-based MFA is that it is often insecure. The global SMS system was designed decades before security became the concern that it is today, with SMS data often being sent and stored in cleartext and phone identities like SIMs often being easy to steal through social engineering attacks. Phones themsleves are often easy to steal and compromise, even when protected by fingerprint scanners, which can be defeated using methods demonstrated in a large number of YouTube videos.

Plurilock ADAPT, on the other hand, uses behavioral-biometric, environmental, and contextual data in the background to confirm identity in ways that are nearly impossible to steal or impersonate, enabling users to log in with only their username and password in most cases, without the need to perform additional steps. The total solution cost of Plurilock ADAPT is often orders of magnitude lower than phone-based solutions in the final analysis.

2FA/MFA Rapid Reference

Authentication at a glance

Download the 2FA/MFA Rapid Reference now:

  • 2FA and MFA basics and common solutions
  • The benefits and drawbacks of each
  • Glossary of authentication terms

 

2FA/MFA Rapid Reference

  • 2FA and MFA basics and common solutions
  • The benefits and drawbacks of each
  • Glossary of authentication terms
Save PDF  

MORE DOWNLOADABLE REFERENCEs

PDF

2020 Authentication Guide

Summary of authentication recommendations from major standards bodies, plus Plurilock’s own recommendations.
PDF

White Paper: Advanced Authentication

The state of authentication today—and why you need Plurilock products.
PDF

Understanding MFA vs. Privacy

Is multi-factor authentication always good for privacy? See why it isn't, and which strategies make the grade.
PDF

Behavioral Biometrics Guide

The definitive guide to behavioral biometrics, a core Plurilock technology.

Stay informed. Join our low-volume mailing list for Plurilock and cybersecurity news and updates.

PLURILOCK IS THE LEADER IN ADVANCED AUTHENTICATION

Plurilock is the leader in advanced, risk-based authentication. We provide invisible, device-free MFA for corporate endpoints, Citrix sessions, cloud applications, and their users in finance, healthcare, education, and SaaS.

Follow

        

Contact Plurilock

Have a question or comment? 

Plurilock Lead Capture Block

Show Q1

Show Q2

Show Q3

Welcome to Plurilock!

We’d love to hear about your interest in our products.

May want to buy

Evaluating options

Just looking, thanks

Let's chat  

Great!

Okay, cool.

We'd like to provide you with more info. How can we reach you?

Enter your email above to agree to receive commercial electronic communication from Plurilock via email.

Thanks!

Someone from Plurilock will get in touch with you soon.
 
In the meantime, learn more about our ADAPT and DEFEND products—and be sure to check out our Blog for in-depth cybersecurity coverage.