Basically, there are three ways to authenticate an individual:
All these ways have been used from prehistory until the present day, and they all have different security properties and trade-offs.
| Authentication | Identification Type | Why |
|---|---|---|
| something_the_person_knows | Group identification | because knowledge can be shared |
| something_the_person_has | Group identification | because something can be copied (a key for instance) |
| something_the_person_is | Person Identification |
something the person knows is known as the authentication code.
The something might be:
Like the something the person knows method, anyone can give this to anyone else.
This is a group identification because something can be copied (a key for instance).
Something the person has that’s a physical part of their body. This is what we normally think of as identification.
When we recognize people, we recognize their physical features.
More modern versions of this mechanism, called “biometrics,” include:
Biometrics has advantages over passwords and tokens in that they:
The problem is, while a biometric might be a unique identifier, it is not a secret. You leave a fingerprint on everything you touch, and someone can easily photograph your eye.