Describe a scenario where relying solely on biometric authentication would be insufficient and require an additional authentication factor. Explain why and propose a suitable second factor.
Android interview question for Advanced practice.
Answer
A scenario where solely relying on biometric authentication is insufficient is when authorizing a very high-value financial transaction in a banking app. While biometric authentication provides a convenient and relatively secure method of user verification, it's vulnerable to sophisticated spoofing attacks (e.g., high-resolution fingerprint replicas or 3D masks for facial recognition). For a transaction involving a large sum of money, the risk of a successful spoof is unacceptable. To mitigate this risk, an additional authentication factor is necessary (Multi-Factor Authentication). A suitable second factor could be a Time-based One-Time Password (TOTP) generated by an authenticator app, or a transaction-specific code sent via a secure push notification that the user must approve. This adds a layer of security that is independent of the biometric data, ensuring that even if the biometric authentication is compromised, the transaction cannot be completed without the second factor.
Explanation
Multi-factor authentication significantly enhances security.