Mobile Multi-Factor Authentication

The IBM Security Verify Access Advanced Access Control component supports authenticator applications. Such support is built around the OAuth 2.0 protocol.

Authenticator applications are mobile-based applications that enable users to authenticate with minimal reliance on passwords. Mobile devices and biometric characteristics are used to support authentication and reduce the threat of unauthorized access to sensitive resources.

The IBM Verify application, which is available for download in major mobile application stores, is natively supported by the Advanced Access Control component. The authenticator application is built on the Mobile Access SDK, which is available for download from the IBM Security App Exchange website. The Mobile Access SDK can also be used to create custom applications.

For instructions on configuring and using the IBM Verify application, see the IBM Verify User Guide.

The authenticators framework can be integrated with context-based access and authentication policies. ISAM provides several pre-defined authentication policies to enable combinations of mobile and biometric mechanisms.

The authenticator application registration is built around an OAuth grant that is issued to the mobile device. The grant is used to identify the authenticator in future requests.

• Authenticator registration
  
• Authentication method enrollment
  
• Configure Mobile Multi-Factor Authentication
  
• Configure a Mobile Multi-Factor Authentication (MMFA) Authenticator Mechanism
  
• MMFA mapping rule methods
  

Parent topic: Advanced Access Control configuration