In-band authentication factors are identity signals that rely for their identity check on the same system that is requesting user authentication.
For example, a mobile SMS code sent to a user to enable a mobile app login is likely an in-band code, as the user will receive the SMS code on the same device on which they are authenticating. Proof of identity is being requested in order to use phone features, yet the "proof" of identity is being delivered to the very same phone. A similar situation may occur for one-time codes sent via email for desktop application logins, if the email message is being sent to an account commonly used with a desktop email client as is the case in many enterprise environments.
In-band authentication factors are generally regarded as inferior to out-of-band authentication factors, which are proofs of identity that do not arrive on or depend on the very same system that is requesting authentication.
2FA/MFA Rapid Reference
Authentication at a glance
Download the 2FA/MFA Rapid Reference now:
- 2FA and MFA basics and common solutions
- The benefits and drawbacks of each
- Glossary of authentication terms
MORE DOWNLOADABLE REFERENCES
There are no resources to display.