A security system in which more than one form of authentication is implemented to verify the legitimacy of a transaction. In contrast, single factor authentication (SFA) involves only a user ID and password.

In two-factor authentication, the user provides dual means of identification, one of which is typically a physical token, such as a card, and the other of which is typically something memorized, such as a security code.

Additional authentication methods that can be used in MFA include biometric verification; such as, fingerscanning, iris recognition, facial recognition, and voice ID. In addition to these methods, smart cards and other electronic devices can be used along with the traditional user ID and password.