It’s a user friendly way to use public key cryptography for signing in. You’ve probably heard the term “multi factor authentication”. A factor is just a thing that helps prove your authenticity.

The various factors for MFA include:

1. **Knowledge Factor (Something you know)**:
– Passwords
– PINs
– Security questions

2. **Possession Factor (Something you have)**:
– Mobile device (e.g., smartphone)
– Smart cards
– Security tokens

3. **Inherence Factor (Something you are)**:
– Biometrics (e.g., fingerprints, facial recognition, iris scans)
– Voice recognition

MFA combines at least two of these factors.

Public key cryptography is a way to keep information secure by using two keys: a public key and a private key. The magic is that what one key encrypts only the only key can decrypt.

The is called asymmetrical encryption.

If I know your public key, I can give you some text to encrypt and you can use your private key to encrypt it and send it to me. With the public key I can decrypt it and check the result. This proves you are the controller of that key pair.

It also works in reverse where I can encrypt a message for you using your public key and only you can decrypt with it with the private key.

Lots of things you do everyday like secure websites and biometric authorization of mobile payments leverages these ideas.