Does Haventec Authenticate qualify as multi-factor authentication?
Yes. But some would argue otherwise, and here is why they are wrong.
Multi-factor authentication technically means the use of multiple factors in an authentication. A factor can be “something you know", “something you have" or “something you are".
Even in its most basic configuration Haventec Authentication uses two factors. “Something you know" ie a PIN or password and “something you have" ie a one time private key remnant stored on your device. Two factors. No question.
Detractors argue that most people expect THE USER to interact with the two factors for it to be truly two factor. To them two factor must be a password AND a sms message or password and a keyring dongle or password and a phone app swipe.
All this work is just making life harder for users. What they are really asking for is “out of band" authentication steps. This means a secondary factor that is not delivered in the same “band" as the initial factor ie the password. I agree this has its advantages technically but to ask a user to undergo more rigmarole for limited advantage over using Haventec is draconian.
Haventec Authentication can be expanded to use many more factors with adding to the users logon burden. These include device or browser fingerprinting. Contextual profiling which is where and how the user is using their device when they are logging on. Of course we can also amplify authentication ease of use by incorporating device based biometrics. So yes. We do multi-factor elegantly and brilliantly.
We are also exploring out of band solutions but with the goal of not asking the user to do more work.
FYI browser fingerprinting is quite effective for example my phone is unique to 4 million users as tested by the EFF test engine. To test your device for uniqueness click here: