Microsoft is making a new move in the security and authentication space. Today, the company announced it has acquired Overland Park, Kansas-based PhoneFactor, which will now be a part of the Windows Azure division. The company was founded in 2001 and has already had partnerships with Microsoft. The specific financial terms of the deal were not disclosed.
In a post on the Windows Azure blog, Microsoft states that single-factor authentication for online services used on PCs and smartphones can often be risky. However, it also feels that typical multi-factor services can also be too difficult for the average user. The blog states:
Typical MFA solutions require the user to have something they know (like their password) and something they physically possess (a device of some kind like a smartcard) – and the result is often too complex or hard to use. MFA is meant to provide enhanced security, but for it to be effective it must also be convenient. PhoneFactor is popular because its solutions interoperate well with Active Directory so users don’t have to learn new passwords and IT administrators and application developers can use infrastructure and services they already know. Also, perhaps most importantly, PhoneFactor is popular because it conveniently relies on a device that most users already have with them – their phone.
The blog says that PhoneFactor's technology and services will be integrated into many of Microsoft's products, including Windows Azure Active Directory and Office 365.