The Internet is having an identity crisis. Long regarded as a powerful tool for cost reduction and service enhancement, the Internet is falling short of its promise because of the real and perceived threat of identity theft. Financial losses and insurance costs are mounting, as organizations struggle to protect their information perimeters and improve the strength of their authentication systems to ensure that the authorized user is present during the sign-in process. The widespread use and misuse of passwords as authentication tokens is generally cited as a cause of the accelerating erosion of user confidence and the increasing incidence of identity theft. It is generally agreed that passwords are not enough. Much has been lost, however, in the race toward person-present authentication systems. While the application of passwords is fraught with risk, the introduction of complex authentication infrastructures and cumbersome end user technology has eroded usability and increased the cost of security dramatically. This paper describes a new authentication approach that retains the simplicity and low cost of passwords, while gracefully introducing as much person-present assurance as is required by the application.
is derived from the Greek words bios for life and metron for degree. Typically, biometrics implementations incorporate technologies for measuring static physiological characteristics like fingerprints, eye retinas and irises, voice patterns, facial patterns, and hand measurements or dynamic, behavioural characteristics like signature, gait, voice or typing. Static biometrics are relatively easy to measure, and the technology comparatively mature, with many competitive suppliers in the market.