Other Authentication Tech. (Biometrics (Problems (False readings, Can’t be…
Other Authentication Tech.
of identity through the measurement of
Physical attributes or Static biometric
EX: face, hand geometry, fingerprint, Iris, and retinal pattern.
(something the person does, his/her behaviour)
fingerwriting, gesture, handwriting ,heartbeat, keystroke (Typing style), signature and voice recognition.
Can’t be modified when compromised
:no_entry: In terms of accuracy, iris can achieve the better result with a low
false accept rate
false reject rate
Portable devices with a CPU, I/O ports, and some nonvolatile memory
Can carry out computation required by public key algorithms and transmit directly to the host
Some use biometrics data about the user instead of the PIN
device or password generator is usually a hand-held device that generates a password.
The device and the server synchronize their time. Based on the time, a password is generated.
The devices (usually) re-synch on a successful authentication.
Drawback: if a user does not authenticate for a long time (usually months), the synchronization may be lost and require manual (admin) action.
Use a challenge-response method
Server send a message
User enter a pin or password
Token calculates a password and display it
User enter displayed password to server
Non-repeating challenges from the host is used
:star:Problems with challenge/response schemes
Key database is extremely sensitive
This can be avoided if public key algorithms are used