Usage of Multifactor Authentication within Social Media Platforms by Philippine Users

Bea Shaneal Francesca, F., Franco

Mapua University, 333 Sen. Gil J. Puyat Ave, Makati, 1200 Metro Manila, xxxx@gmail.com

Hassan Edridge, C., Madjalis

Mapua University, 333 Sen. Gil J. Puyat Ave, Makati, 1200 Metro Manila, hassan.edridge.madjalis@gmail.com

Aaron John, S., Marquez

Mapua University, 333 Sen. Gil J. Puyat Ave, Makati, 1200 Metro Manila, ajsmarquez00@gmail.com

Sean Mikael, G., Rances

Mapua University, 333 Sen. Gil J. Puyat Ave, Makati, 1200 Metro Manila, seanmikaelrances@gmail.com

INTRODUCTION A step further into secure measures, companies

have also begun to adopt MFA or Multi Factor
The Philippines has been deemed the “Social
Authentication methods which makes it so that
Media Capital of the World” due to the high
an additional factor is added to authenticate
average usage time of four hours per day and the
company employees and/or their clients. This
number of users reaching 81 million by the end
additional factor is known as a biometric factor
2021[1]. With so many users logging into their
that uses something that a user is to verify that
accounts to access different social media sites
they are in fact the ones requesting access to
such as Facebook, Twitter, TikTok, Instagram,
their account [3]. Biometrics are the physical
Twitter, and etc., it begs the question “How
and behavioral characteristics used to digitally
many of these accounts are truly safe from being
grant access to systems or data [4]. Examples of
hacked?” The term “hacking” means gaining
physical biometrics are finger print, facial
unauthorized access to a computer system, or, in
recognition, voice recognition, and retina scans
the case of social media, access to an account
while examples of behavioral biometrics are
[2]. Social Media accounts to this day are
typing patterns and signature dynamics [4].
protected by a security system called 2FA or
Two-Factor Authentication. 2FA requires two With the numerous methods for MFA, this study
factors with the first factor being a password and aims to analyze the following Multi Factor
the second factor being text message with a code Authentication Methods and assess whether or
to authenticate a user [3]. not they are applicable to be used in Social
Media as an extra layer of security:

 Email Token Authentication

Figure 1. Number of Social Media Users in the
Philippines by year
 Security Questions Authentication
 Biometric Authentication
 Hardware Token Authentication
Passwords have been with us for years to protect
people and information [2]. They appeared to be
the ideal answer for controlling access to
systems with sensitive data in the early days of
technology. Password and password encryption
technologies have been more complicated.
When a password is compromised, computers
have no idea, they just allow the access to the duration of the token’s validity, but once the
whoever uses it. The lack of verification of user logs out, the token is immediately revoked
identification is a common issue. Multi-Factor and invalidated until another authentication is
Authentication (MFA) is a set of three or more requested. Email token authentication, similar to
authentication factors such as something you other token-based authentications, starts when
know, something you have, and something you users request access when providing credentials
are. MFA is a security mechanism that requires such as username and passwords, when it is
more than just a username and password to log verified, the system issues a token [?]. In this
in to a website or app. After entering the case, after the verification process, the token is
username and password to log in to a website or sent to the email of the user which they will
app. After entering the username and password, utilize in order to gain access with just a single
the account must be accessed with a second click of the link, pressing the button provided by
piece of information, such as a code, a the email, or typing the numbers provided by the
temporary password, or a swipe of the finger. email.
The account will stay locked if the correct
information is not given.
The continuous evolution of the internet and
social media opens up to a boundless number of
attacks carried out by hackers to exploit and
steal personal information. The method used by
manufacturers to protect their users from those
attacks is with the use of multi factor
authentications, a technology that requires users
multiple authentication methods from different
categories to verify user identity [?]. The goal of
multi authentication is to provide a layer of
defense for users which makes unauthorized
access to accounts tedious and difficult.
However, additional security means additional
steps when users log into their accounts which Figure 1. Email Token Authentication by Ride
makes the process tedious for the users. Finder

DISCUSSION Figure is an example of an email token

The discussion section is the body of your paper.
The discussion section contains information that
develops and supports your research. While
there is no form that a discussion section must
take there are several considerations that a writer
must follow when building a discussion.
Email Token Authentication
Email token authentication is a form of an
authentication protocol which implements
unique access tokens to emails that are used to
verify the identity of the user. Access tokens are
similar to tickets; the user retains access during
authentication, ride finder made use of a button
and a link that the users can click to login to the
application. There are several types of email
authentication:
Authentication using magic link
The user is requested to input their email address
with this type of authentication. A unique token
or code is produced and kept after the user
provides their email address. The user will
receive an email containing a URL that contains
the unique token.
Authentication with a one-time code
The user is requested to input their email address
with this type of authentication. The user
receives an email containing a one-time code.
Feasibility
In this case, a magic link is used as a way of
authentication for the application. With that
being said, email token authentication is an
efficient type of two-factor authentication due to
it being flexible. Every user of social media
must have an email address in order to create an
account, which is why it is extremely feasible to
use. It is easy to use, with just a single click to a
link or a button sent through your email, you can
login to your account.