Authentication: Concerns and Mechanisms

There are three categories of privacy concerns in regards to Authentication:

  • Unintended functional scope: The authentication does more than authenticate, for example finding a tumor in the eye from a scan or detecting arthritis from a hand reading.

  • Unintended application scope: The authentication routine identifies the subject, for example if a subject enrolls under a false name but is identified by a match with an existing biometric record in another database.

  • Covert Identification: The subject is identified without seeking identification or authentication, for example, if the subject is identified as a face in a crowd.

Authentication mechanisms use any of three qualities to confirm a user’s identity.

  • Something the user knows. Passwords, PIN numbers, passphrases, a secret handshake, and mother’s maiden name are examples of what a user may know.

  • Something the user has: Identity badges, physical keys, a driver’s license, or a uniform are common examples of things people have that make them recognizable.

  • Something the user is: These authenticators, called biometrics, are based on a physical characteristic of the user, such as a fingerprint, the pattern of a person’s voice, or a face (picture). These authentication methods are old but are just starting to be used in computer authentications.


Leave a Reply