Use of user names and passwords for years has been the most common authentication method for accessing online and mobile commerce channels, but their misuse makes them highly vulnerable to fraud via identity theft. Two-factor authentication is an alternative designed to bolster security, but it too can be vulnerable to sophisticated attacks.