2FA solutions have existed for many years. Traditionally, they involved the use of hardware tokens to generate unique login codes to access critical services and sensitive applications. These login codes, a.k.a. one-time passwords, replaced the user’s static password or could be used in addition to it in order to add another layer of security.
Over time, software tokens progressively replaced hardware tokens, but the user still had to manually type in login codes. Software tokens were introduced in the form of smartphone applications, for example the Google and Microsoft Authenticator apps, which use the Time-Based One-Time Password algorithm (TOTP) to generate one-time passwords.
An alternative to hardware tokens is SMS authentication, a method which provides login codes by sending a text message to a user’s phone. Despite being convenient and simple to use, organizations quickly questioned its cost-effectiveness, as many SMS attacks and security flaws were discovered.
The solutions presented above cannot really be considered user-friendly, as they require users to manually type in a code. Many recent surveys have shown that user experience and security are both essential for any system. In fact, 2 out of 3 users will abandon a purchase using their mobile phone because of a bad user experience or security concerns.
Afrilas combines the best of both worlds. It is highly secure and user-friendly; users don’t have to copy or remember anything, not even their own username or mobile number! They simply log in by scanning a QR code or by confirming a push notification on their phone.
"Not having to type in credentials at all is not only user-friendly, but also eliminates human error, especially in a world where users are swarmed with a plethora of online services and use different browsers and devices to log in."
After installing the app, the user simply scans a QR code to enroll. From then on, the user will only have to confirm push notifications to securely log in. The Afrilas app itself is protected by the user's fingerprint, Face ID or a PIN.