Hi Samrat,
the advantage of Donka's proposal is that you don't need to modify the logon application inside the ABAP stack. Instead, 2 factor authentication would be part of the authentication to the Secure Login Server, which provides X.509 certificates as part of the single sign-on product. From the ABAP system perspective this is then just standard single sign-on based on the certificate. However, to get the certificate the end user needs to perform 2 factor authentication as defined in the Secure Login Server profile for the given ABAP system or list of ABAP systems.
Best regards,
Christian