Some examples of ‘what you have’ are USB tokens [X.509 (PKI)], magnetic stripe cards, Dallas iButton, CASQUE, UniOTP, virtual tokens, audio port tokens, smartcards, ATM cards (swipe/PIN), mobile phones, SMSes, smartphone push, RFID, one-time pads and e-tokens (dongle with signature and RSA SecurID).
What you are
This type of authentication technique does not require a user to memorise a password because the password in this technique may be a finger, face, voice or eyes. However, these biometric properties alter over time. Applications used in this type of biometric authentication scan the face or finger first and then convert into text code or signature. This text code or signature is required to validate from an authorised system or server.
In the next article, we will see how various websites have implemented two-factor authentication.