Deepnet Security Logo
Mobile OOBA

What is Push Authentication?

Push Authentication, also known as Out of Band Authentication (OOBA), is one of the most secure and easy to use forms of two-factor authentication (2FA). When a user attempts to login to a service secured by push authentication 2FA, the service provider sends a login request notification to the user over a seperate communication channel. The user can respond to the notification by simply accepting or denying the login request. For addtional security, the user can also be asked to enter their PIN or scan their fingerprint in order to accept the login request.

Push notifications can be sent over a number of communications channels, such as mobile push, sms push, call push. Currently, the most popular channel being used for push authentication is mobile push.

Pros of Push Authenticaiton

Push Authentication is one of the most friendly user authentication methods. The user only has to tap allow or deny when they receive the push notification on their phone - much easier than typing in a one-time password (OTP).

Push Authentication is also one of the most secure user authentication methods. The network or channel used for user authentication is out of band - it is completely separated from the network or channel used for user login. Therefore, the possibility that both networks and channels are compromised by an intruder at the same time in a short period of time while a user is attempting to login is far less than that in a single band system.

Cons of Push Authenticaiton

Push Authentication requires users to install an authentication app on their smart phones. Also, it requires internet connection on the user's phone in the authentication process.