Two Factor Authentication

What is two-factor authentication?

Twofactor authentication (2FA), is a security process in which users\patients provide two different authentication factors to verify themselves safely.

How two-factor authentication works

Two-Factor authentication consists in associating two different devices (two factors) to verify a person identity.

A first factor should be, for example, login credentials required at login time.

The second factor adds an extra level of security: it consists in an additional access key aimed to confirm the identity of the person accessing the service.

This second factor is often a secret key received on your mobile device (the most used device is smartphone), while more rarely it takes the form of a dedicated physical device (such as a USB flash drive).

This two factors combined together guarantee that only the user access his personal informations since the user have to know his access credentials but also have to be in possession of a second factor in order to confirm the access.

How two-factor authentication works

Two-Factor authentication consists in associating two different devices (two factors) to verify a person identity.

A first factor should be, for example, login credentials required at login time.

The second factor adds an extra level of security: it consists in an additional access key aimed to confirm the identity of the person accessing the service.

This second factor is often a secret key received on your mobile device (the most used device is smartphone), while more rarely it takes the form of a dedicated physical device (such as a USB flash drive).

This two factors combined together guarantee that only the user access his personal informations since the user have to know his access credentials but also have to be in possession of a second factor in order to confirm the access.

Strong Authentication in Docurity

We have chosen two-factor authentication for its high efficiency and because it complies with the guidelines of the Italian Data Protection Authority Garante Privacy regarding online reports.

The two different factors we choose to make the patient authenticate are: the e-mail account and the smartphone

We can divide the authentication process in two step:

  • Email
  • Sms

Once the professional has sent the document, a notification email is sent to the patient mail box, inside this email there's a link to click.

When the recipient patient clicks on the link a web page opens. In this web page is requested the insertion of a secret code.

This secret code is sent to the patient by sms automatically and will be valid for 60 minutes. Once the patient inserts the secret code in the web page, he will be able to download the document.

Why two factor authentication is so secure?

If an unwanted user tries to have to view the document, he should steal the email account of the patient and also violate the second security level by stealing the patient’s smarphone within 60 minutes, i.e. the validity time of the secret code.

It is almost impossibile violating these two security level combined together.

The Two-Factor authentication solves the problem of exposure of documents to thefts, losses, all too common in areas where huge amounts of sensitive data circulate, where privacy and the widest respect for the fundamental rights of the individual must be guaranteed in the strongest terms.

Why two factor authentication is so secure?

If an unwanted user tries to have to view the document, he should steal the email account of the patient and also violate the second security level by stealing the patient’s smarphone within 60 minutes, i.e. the validity time of the secret code.

It is almost impossibile violating these two security level combined together.

The Two-Factor authentication solves the problem of exposure of documents to thefts, losses, all too common in areas where huge amounts of sensitive data circulate, where privacy and the widest respect for the fundamental rights of the individual must be guaranteed in the strongest terms.

Sign in and become part of the many doctors who use Docurity to optimize the management of their medical reports

Sign in and become part of the many doctors who use Docurity to optimize the management of their medical reports

© Copyright 2020, by Deasoft Srl
PI 03339021200 - Via Vittoria, 23/G San Lazzaro di Savena, Bologna