Jessica Cafferata, JD, CFP®, CDFA®

At Callan Capital, we are committed to cybersecurity awareness, education, and training. It is our hope that the following is helpful for you, your family, and friends as a resource for cybercrime prevention, knowledge, and mitigation. This is part of a monthly cyber awareness series aimed at helping our clients avoid cybercrime.

Multimodal Biometric Authentication and Multi-Factor Authentication

  1. Strongly consider multimodal biometric authentication as your first line of defense.
  2. Always use multi-factor authentication

Ideally, you want to protect your devices threefold – who you are (biometrics), what you know (passwords, pins) and what you have (tokens). Two-factor authentication, whereby the same device authenticates you, is not ideal. Strongly consider multimodal biometric authentication as your first line of defense which uses multiple biometric indicators simultaneously to identify you. For example, using your face and voice print (i.e., speaking a passcode) for identification. Multimodal biometric authentication is not as easily stolen as password and usernames (text strings). Using multimodal biometrics simultaneously makes it more difficult for a hacker to spoof (i.e., take your image from online) since it pairs several biometric features at once. Pairing multi-factor authentication with multimodal biometric authentication creates even more layers for a fraudster.

To gain access to your online account, application, or virtual private network, you should always use multi-factor authentication, a method that requires you to provide two or more verification factors.

Examples of multi-factor authentication include text messages with a code, security badges, and Google authenticator, for example. You may want to consider software or hardware tokens when available. Hardware tokens are portable, physical devices that authenticate identity and help prevent unauthorized access. Key fobs and USB tokens are examples of hardware tokens. Be sure you know how to unlink the hardware device if it is stolen or lost. Contactless token examples are Bluetooth tokens and wireless keychains. These devices connect wirelessly to your system. Software tokens are software-based security tokens that generate single-use logins/pins.

Multi-factor authentication is important because usernames and passwords are easily stolen. By requiring multiple methods of identification, cybercriminals are forced to breach multiple layers of security in order to gain access.

Disclaimer: Callan Capital does not provide individual tax or legal advice, nor does it provide financing services. Clients should review planned financial transactions and wealth transfer strategies with their own tax and legal advisors. Callan Capital outsources to lending and financial institutions that directly provide our clients with, securities-based financing, residential and commercial financing and cash management services. For more information, please refer to our most recent Form ADV Part 2A which may be found at