Table of Contents

About

When identifying, you are not always identifying that the individual is a particular person, you are identifying if the person is of a particular group.

Authentication Identification Type Why
something_the_person_knows Group identification because knowledge can be shared
something_the_person_has Group identification because something can be copied (a key for instance)
something_the_person_is Person Identification

To mitigate and identify the person further, you may implement - Multi-Factor Authentication (Mfa / 2fa)

Example

  • Knowing the secret handshake authenticates you as a member of the secret society.
  • Having a copy of a house key authenticates you as one of a group that has access to a given house.
  • I might give you enough information for you to call my bank and withdraw money from my account. When you do this, the bank thinks it is authenticating the account owner, when it is really just making sure that the person on the other end of the phone knows enough information about the account and account owner to be an authorized user of the account.