The Future of Authentication

For years, alternate authentication systems have failed to gain widespread use. Some of the alternate methods trying to replace passwords are:

Multi-Factor Authentication

Multi-factor authentication is far from new, but it is still the future. If any of your highest risk sites offer multi-factor authentication, get it. We have much more on multi-factor authentication here

Cypher-grids

Cypher grids are really a form of multi-factor authentication. Tradtional grids use a simple X / Y coordinate system where you have a printed piece of paper with a grid, the system asks you what value is at a position like B13 and you trace from row B over to column 13 and key in the value from that grid. The down side to this is having to keep the grid with you. MySyferLock™, takes this to a new level by offering on-screen grids and a third dimension which is only known by memory giving the user freedom from carrying the extra factor.

SyferLock Technology Corporation Releases MySyferLock™, an OpenID & Cloud Access Security Solution

Biometrics

Biometrics use hardware readers for authentication. The most common is a fingerprint reader. Many laptops now have finger print scanners built in. The problem with these systems is that they require a middle layer of software running on the device, which reads the fingerprint, looks up a password, and fills the form of the requesting website. If you use a single machine, this may be ok. If you roam between machines, you will still need to learn the passwords. Also, by keeping the passwords in a middle-layer, they leave breadcrumbs with the password information on the machine, which could be decoded.

Mobile Magazine - 2011-06-22 - Bio Trust uses people’s faces as passwords Bio Trust works uses facial recognition and password manager to use your face as one strong password to unlock the rest.

2011-05-05 - Forbes.com - The Glorious End Of User Names And Passwords

Network World Inventor of RSA token creates new Three Factor Authentication scheme using user password, one time password, and voice recognition.

Key Pattern Analysis

Key pattern analysis is a new form of multi-factor authentication which can take a simple password and make it complex by adding the way you type the password as an authentication factor. This is a new area of research so there is much speculation, but the obvious shortcomings are handheld devices and various keyboards. A persons pattern on a full keyboard will be very different than using a single finger on a mobile phone.

Touch Screen Signatures

This is a new category of authentication specific to touch screens. Considering the problems with skimming devices at automated teller machines, this technology could be a huge benefit in the fight against banking fraud

2011-05-17 - Jacksonville Daily News jdnews.com - Local innovator to demo his technology at expo

Near field communication (NFC)

This is new functionality included in smart phones promising unique, secure, touch-less authentication. See http://www.zdnet.com/news/near-field-communication-aims-to-simplify-our-lives/6275733.

What's in an Identity

This article from the Jericho Forum dissects identity into a 10 commandment format. If you're a student of authentication, this is good stuff.

Government Standardization

Citizens of the United States may some day have their own national online identity program. The web has no boundaries, so we question the likelihood of any single nations program succeeding. Nonetheless, the US has launched their "National Strategy for Trusted Identities in Cyberspace" program. According to a recent story at www.NetworkWorld.com , the program is off to a good start by pulling together industry leading experts.