2 Factor Authentication


Multi-factor authentication is an electronic authentication method that grants access to a service or a platform only after the requesting user successfully completes multiple identification procedures. The requestor has to submit pieces of evidence for identification, and only after successful verification of the evidence is the user granted access.

Multi-factor authentication methods help ensure the authenticity of transactions, protect cardholder data and the integrity of the payment system as a whole. AEON supports multi-factor authentication methods for online payments.

Two-Factor Authentication (2FA), which is a subset of multi-factor authentication, requires at least two out of the three authentication factors below be in place:

  1. Something you know, such as a password or passphrase. This method involves verification of information that a user provides, such as a password/passphrase, PIN, or the answers to secret questions (challenge-response).

  2. Something you have, such as a token device or smartcard. This method involves verification of a specific item a user has in their possession, such as a physical or logical security token, a one-time password (OTP) token, a key fob, an employee access card, or a phone’s SIM card. For mobile authentication, a smartphone often provides the possession factor in conjunction with an OTP app or a cryptographic material (i.e., certificate or a key) residing on the device.

  3. Something you are, such as a biometric. This method involves verification of characteristics inherent to the individual, such as via retina scans, iris scans, fingerprint scans, finger vein scans, facial recognition, voice recognition, hand geometry, and even earlobe geometry.


2FA is the industry standard for authenticating remote payments.