A new Cybersecurity Practice Guide, NIST Special Publication (SP) 1800-17—Multifactor Authentication for E-Commerce: Risk-Based, FIDO Universal Second Factor Implementations for Purchasers—demonstrates how online retailers can implement open, standards-based technologies to enable Universal Second Factor (U2F) authentication by consumers at the time of purchase when risk thresholds are exceeded. The example implementations outlined in the guide encourage online retailers to adopt effective MFA implementations by using standard components and custom applications that are composed of open‑source and commercially available components.
The full Publication is available here: https://www.mysecuritymarketplace.com/product/multifactor-authentication-for-e-commerce/
