526:
called Proof of
Possession (PoP). Many PoP protocols are designed so that a verifier, with no knowledge of the token before the authentication protocol run, learns nothing about the token from the run. The verifier and CSP may be the same entity, the verifier and relying party may be the same entity or they may all three be separate entities. It is undesirable for verifiers to learn shared secrets unless they are a part of the same entity as the CSP that registered the tokens. Where the verifier and the relying party are separate entities, the verifier must convey the result of the authentication protocol to the relying party. The object created by the verifier to convey this result is called an assertion.
82:
498:, driver's licenses, and employee identity cards. The credentials themselves are authenticated in a variety of ways: traditionally perhaps by a signature or a seal, special papers and inks, high quality engraving, and today by more complex mechanisms, such as holograms, that make the credentials recognizable and difficult to copy or forge. In some cases, simple possession of the credentials is sufficient to establish that the physical holder of the credentials is indeed the subject of the credentials.
407:, and iris scans because all of these are unique to every individual. Traditionally, biometric authentication based on token-based identification systems, such as passport, and nowadays becomes one of the most secure identification systems to user protections. A new technological innovation which provides a wide variety of either behavioral or physical characteristics which are defining the proper concept of biometric authentication.
717:
necessary for the user to log into the issuer's site to obtain the authentication credentials. Those credentials or e-authentication ID are then transferred the supporting government web site causing authentication. The system was created in response a
December 16, 2003 memorandum was issued through the Office of Management and Budget. Memorandum M04-04 Whitehouse. That memorandum updates the guidance issued in the
379:
331:
434:
270:
123:
793:(EDI) systems was implemented, which was considered as an early representative of E-commerce. But ensuring its security is not a significant issue since the systems are all constructed around closed networks. However, more recently, business-to-consumer transactions have transformed. Remote transacting parties have forced the implementation of E-commerce authentication systems.
1622:"Постановление Правительства РФ от 28 ноября 2011 г. N 977 "О федеральной государственной информационной системе "Единая система идентификации и аутентификации в инфраструктуре, обеспечивающей информационно-технологическое взаимодействие информационных систем, используемых для предоставления государственных и муниципальных услуг в электронной форме""
597:'s (OMB's) E-Authentication Guidance for Federal Agencies (M-04-04) as a guideline, which is published to help federal agencies provide secure electronic services that protect individual privacy. It asks agencies to check whether their transactions require e-authentication, and determine a proper level of assurance.
781:
relatively easy to process. Firstly, users send a one-time password (OTP) through offline channels. Then, a server identifies the information and makes adjustment in the database. Since only the user has the access to a PIN code and can send information through their mobile devices, there is a low risk of attacks.
109:. If he or she attempts to access their bank account from another computer, the authenticator will not be present. In order to gain access, the subscriber would need to verify their identity to the CSP, which might be in the form of answering a challenge question successfully before being given access.
741:
provides guidelines to be used for electronic authentication in regards to electronic signatures and certificate services for website authentication. Once confirmed by the issuing Member State, other participating States are required to accept the user's electronic signature as valid for cross border
537:
When using a local authentication scheme, the application retains the data that pertains to the user's credentials. This information is not usually shared with other applications. The onus is on the user to maintain and remember the types and number of credentials that are associated with the service
696:
In several countries there has been established nationwide common e-authentication schemes to ease the reuse of digital identities in different electronic services. Other policy initiatives have included the creation of frameworks for electronic authentication, in order to establish common levels of
548:
The most secure scheme is the global centralized authentication and web application (portal). It is ideal for E-Government use because it allows a wide range of services. It uses a single authentication mechanism involving a minimum of two factors to allow access to required services and the ability
347:
Passwords and PINs are categorized as "something you know" method. A combination of numbers, symbols, and mixed cases are considered to be stronger than all-letter password. Also, the adoption of
Transport Layer Security (TLS) or Secure Socket Layer (SSL) features during the information transmission
183:
Well-maintained health records can help doctors and hospitals know the targeted patient's important medical conditions before conducting any therapy. Therefore, to safely establish and manage personal health records for each individual during his/her lifetime within the electronic form has gradually
692:
Governments use e-authentication systems to offer services and reduce time people traveling to a government office. Services ranging from applying for visas to renewing driver's licenses can all be achieved in a more efficient and flexible way. Infrastructure to support e-authentication is regarded
688:
Triggered by the growth of new cloud solutions and online transactions, person-to-machine and machine-to-machine identities play a significant role in identifying individuals and accessing information. According to the Office of
Management and Budget in the U.S., more than $ 70 million was spent on
365:
The user shares a unique key with an authentication server. When the user sends a randomly generated message (the challenge) encrypted by the secret key to the authentication server, if the message can be matched by the server using its shared secret key, the user is authenticated. When implemented
541:
Using the central authentication scheme allows for each user to use the same credentials to access various services. Each application is different and must be designed with interfaces and the ability to interact with a central system to successfully provide authentication for the user. This allows
767:
Apart from government services, e-authentication is also widely used in other technology and industries. These new applications combine the features of authorizing identities in traditional database and new technology to provide a more secure and diverse use of e-authentication. Some examples are
716:
E-authentication is a government-wide partnership that is supported by the agencies that comprise the
Federal CIO Council. The United States General Services Administration (GSA) is the lead agency partner. E-authentication works through an association with a trusted credential issuer, making it
338:
Tokens generically are something the claimant possesses and controls that may be used to authenticate the claimant's identity. In e-authentication, the claimant authenticates to a system or application over a network. Therefore, a token used for e-authentication is a secret and the token must be
821:
To keep up with the evolution of services in the digital world, there is continued need for security mechanisms. While passwords will continue to be used, it is important to rely on authentication mechanisms, most importantly multifactor authentication. As the usage of e-signatures continues to
780:
For mobile authentication, there are five levels of application sensitivity from Level 0 to Level 4. Level 0 is for public use over a mobile device and requires no identity authentications, while level 4 has the most multi-procedures to identify users. For either level, mobile authentication is
525:
In any authenticated on-line transaction, the verifier is the party that verifies that the claimant has possession and control of the token that verifies his or her identity. A claimant authenticates his or her identity to a verifier by the use of a token and an authentication protocol. This is
239:
Out of the three factors, the biometric factor is the most convenient and convincing to prove an individual's identity, but it is the most expensive to implement. Each factor has its weaknesses; hence, reliable and strong authentication depends on combining two or more factors. This is known as
796:
Generally speaking, the approaches adopted in E-commerce authentication are basically the same as e-authentication. The difference is E-commerce authentication is a more narrow field that focuses on the transactions between customers and suppliers. A simple example of E-commerce authentication
745:
Under eIDAS, electronic identification refers to a material/immaterial unit that contains personal identification data to be used for authentication for an online service. Authentication is referred to as an electronic process that allows for the electronic identification of a natural or legal
758:
E-authentication is a centerpiece of the Russia government's effort to expand e-government, as a way of making government more effective and efficient and easier for the
Russian people to access. The e-authentication service enables users to access government services online using log-in IDs
501:
More commonly, the credentials contain biometric information such as the subject's description, a picture of the subject or the handwritten signature of the subject that can be used to authenticate that the holder of the credentials is indeed the subject of the credentials. When these paper
93:(NIST) has developed a generic electronic authentication model that provides a basic framework on how the authentication process is accomplished regardless of jurisdiction or geographic region. According to this model, the enrollment process begins with an individual applying to a
724:
NIST provides guidelines for digital authentication standards and does away with most knowledge-based authentication methods. A stricter standard has been drafted on more complicated passwords that at least 8 characters long or passphrases that are at least 64 characters long.
749:
Article 8 of eIDAS allows for the authentication mechanism that is used by a natural or legal person to use electronic identification methods in confirming their identity to a relying party. Annex IV provides requirements for qualified certificates for website authentication.
104:
The CSP is responsible for managing the credential along with the subscriber's enrollment data for the life of the credential. The subscriber will be tasked with maintaining the authenticators. An example of this is when a user normally uses a specific computer to do their
713:, as a way of making government more effective and efficient and easier to access. The e-authentication service enables users to access government services online using log-in IDs (identity credentials) from other web sites that both the user and the government trust.
415:
Digital identity authentication refers to the combined use of device, behavior, location and other data, including email address, account and credit card information, to authenticate online users in real time. For example, recent work have explored how to exploit
577:
of origin. The protection of the message on the network-level is called non-repudiation of emission. The authenticated sender and the message content are linked to each other. If a 3rd party tries to change the message content, the signature loses validity.
1207:
669:
Tokens are used for proving identity. Passwords and symmetric cryptographic keys are private information that the verifier needs to protect. Asymmetric cryptographic keys have a private key (which only the subscriber knows) and a related public
776:
Mobile authentication is the verification of a user's identity through the use a mobile device. It can be treated as an independent field or it can also be applied with other multifactor authentication schemes in the e-authentication field.
398:
Biometric authentication is the use of unique physical attributes and body measurements as the intermediate for better identification and access control. Physical characteristics that are often used for authentication include fingerprints,
517:, biometric passports, bank cards, etc.) At a minimum, credentials include identifying information that permits recovery of the records of the registration associated with the credentials and a name that is associated with the subscriber.
797:
includes a client communicating with a merchant server via the
Internet. The merchant server usually utilizes a web server to accept client requests, a database management system to manage data and a payment gateway to provide
1596:"Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC"
356:
This type of authentication has two parts. One is a public key, the other is a private key. A public key is issued by a
Certification Authority and is available to any user or server. A private key is known by the user only.
97:(CSP). The CSP will need to prove the applicant's identity before proceeding with the transaction. Once the applicant's identity has been confirmed by the CSP, he or she receives the status of "subscriber", is given an
184:
become an interesting topic for individual citizens and social welfare departments. As this data is private by nature, electronic authorization helps to ensure that only permitted parties can access the medical data.
746:
person. A trust service is an electronic service that is used to create, verify and validate electronic signatures, in addition to creating, verifying and validating certificates for website authentication.
592:
When developing electronic systems, there are some industry standards requiring United States agencies to ensure the transactions provide an appropriate level of assurance. Generally, servers adopt the US'
545:
Using a third party through a global centralized authentication scheme allows the user direct access to authentication services. This then allows the user to access the particular services they need.
200:
attested to the authenticity of their writings by using seals embellished with identifying symbols. As time moved on, the most common way to provide authentication would be the handwritten signature.
339:
protected. The token may, for example, be a cryptographic key, that is protected by encrypting it under a password. An impostor must steal the encrypted key and learn the password to use the token.
494:
Paper credentials are documents that attest to the identity or other attributes of an individual or entity called the subject of the credentials. Some common paper credentials include passports,
348:
process will as well create an encrypted channel for data exchange and to further protect information delivered. Currently, most security attacks target on password-based authentication systems.
534:
There are four types of authentication schemes: local authentication, centralized authentication, global centralized authentication, global authentication and web application (portal).
390:(SMS) is very effective when cell phones are commonly adopted. SMS is also suitable against man-in-the-middle (MITM) attacks, since the use of SMS does not involve the Internet.
813:(SSI) the individual identity holders fully create and control their credentials. Whereas the verifiers can authenticate the provided identities on a decentralized network.
1828:
679:
An assertion mechanism that involves either a digital signature of the claimant or is acquired directly by a trusted third party through a secure authentication protocol.
192:
The need for authentication has been prevalent throughout history. In ancient times, people would identify each other through eye contact and physical appearance. The
662:
90:
1735:
Sawma, Victor. "A New
Methodology for Deriving Effective Countermeasures Design Models". School of Information Technology and Engineering, University of Ottawa.
42:
may be used synonymously when referring to the authentication process that confirms or certifies a person's identity and works. When used in conjunction with an
1838:
1687:
455:
291:
144:
1301:
693:
as an important component in successful e-government. Poor coordination and poor technical design might be major barriers to electronic authentication.
1499:
1323:
673:
Identity proofing, registration, and the delivery of credentials that bind an identity to a token. This process can involve a far distance operation.
538:
in which they need to access. This is a high risk scheme because of the possibility that the storage area for passwords might become compromised.
1518:
1529:
1176:
1052:
1230:
1114:
1083:
542:
the user to access important information and be able to access private keys that will allow him or her to electronically sign documents.
1145:
73:, challenge questions, or being in possession of a certificate from a third-party certificate authority that attests to their identity.
1441:
676:
Credentials, tokens, and authentication protocols can also be combined to identify that a claimant is in fact the claimed subscriber.
481:
317:
170:
214:
There are three generally accepted factors that are used to establish a digital identity for electronic authentication, including:
81:
881:
843:
822:
significantly expand throughout the United States, the EU and throughout the world, there is expectation that regulations such as
1875:
386:
The user receives password by reading the message in the cell phone, and types back the password to complete the authentication.
1833:
1661:
Government of India
Department of Electronics and Information Technology Ministry of Communications and Information Technology.
1414:
1356:
1208:"BrFAST: A Tool to Select Browser Fingerprinting Attributes for Web Authentication According to a Usability-Security Trade-off"
594:
573:. This linking of signature and authentication firstly supports the probative value of the signature – commonly referred to as
1815:– a common, digital identity implementedthe Dutch tax administration and 'GBO.Overheid' (Gemeenschappelijke Beheerorganisatie)
1885:
1880:
562:
459:
295:
223:
148:
85:
Digital enrollment and authentication reference process by the American National Institute of Standards and Technology (NIST)
50:
received has been tampered with after being signed by its original sender. Electronic authentication can reduce the risk of
1802:
1595:
558:
1388:
1870:
1890:
790:
241:
209:
94:
444:
280:
133:
506:
contained in those credentials can be checked to confirm that the physical holder of the credential is the subject.
69:(MFA). Depending on the level of security used, the user might need to prove his or her identity through the use of
66:
933:
463:
448:
299:
284:
152:
137:
510:
367:
665:(NIST) guidance defines technical requirements for each of the four levels of assurance in the following areas:
1825:
document that enables its holder to securely identify him/herself both in the physical and in the digital world
706:
248:
1496:
1330:
810:
509:
Electronic identity credentials bind a name and perhaps other attributes to a token. There are a variety of
1736:
617:
The OMB proposes a five-step process to determine the appropriate assurance level for their applications:
570:
417:
1778:
955:
Burr, W. E.; Dodson, D. F.; Newton, E. M.; Perlner, R. A.; Polk, W. T.; Gupta, S.; Nabbus, E. A. (2011).
1851:
1750:
1636:
1273:
974:
387:
826:
will eventually be amended to reflect changing conditions along with regulations in the United States.
235:
factor, which is something that the user is, such as his or her fingerprints, eye scan or voice pattern
1843:
1515:
1812:
1807:
1537:
1026:
43:
1741:
1822:
1573:
1526:
1184:
1060:
1710:
1236:
31:
721:
of 1998, 44 U.S.C. § 3504 and implements section 203 of the E-Government Act, 44 U.S.C. ch. 36.
1181:
The Government of the Hong Kong Special Administrative Region of the People's Republic of China
1150:
The Government of the Hong Kong Special Administrative Region of the People's Republic of China
1119:
The Government of the Hong Kong Special Administrative Region of the People's Republic of China
1088:
The Government of the Hong Kong Special Administrative Region of the People's Republic of China
1057:
The Government of the Hong Kong Special Administrative Region of the People's Republic of China
848:
The Government of the Hong Kong Special Administrative Region of the People's Republic of China
1226:
1122:
1091:
495:
400:
61:
Various e-authentication methods can be used to authenticate a user's identify ranging from a
1153:
366:
together with the password authentication, this method also provides a possible solution for
1259:
1218:
960:
759:(identity credentials) they already have from web sites that they and the government trust.
404:
30:
is the process of establishing confidence in user identities electronically presented to an
1662:
1449:
1855:
1763:
1533:
1522:
1503:
1286:
987:
587:
574:
229:
Possession factor, which is something that the user has, such as mobile phone, PC or token
1324:"E-Authentication Risk Assessment for Electronic Prescriptions for Controlled Substances"
58:
by verifying that a person is who they say they are when performing transactions online.
1621:
1471:
904:
851:
798:
637:
The required level of authentication assurance are assessed through the factors below:
561:, the signatory has authenticated and uniquely linked to a signature. In the case of a
106:
70:
55:
1839:
Nascio Who are you? I really wanna know: E-authentication and its privacy implications
1864:
1418:
1360:
1240:
514:
98:
513:
types in use today, and new types of credentials are constantly being created (eID,
710:
1818:
1550:
1497:
An overview of International Initiatives in the field of Electronic Authentication
1484:
330:
1264:
1255:
1001:
1442:"E-authentication: What IT managers will be focusing on over the next 18 months"
433:
269:
197:
122:
603:
Assurance Level 1: Little or no confidence in the asserted identity's validity.
17:
1844:
Electronic Authentication Guideline(Special Publication 800-63-2), August 2013
697:
trust and possibly interoperability between different authentication schemes.
503:
965:
956:
609:
Assurance Level 4: Very high confidence in the asserted identity's validity.
244:, of which two-factor authentication and two-step verification are subtypes.
1829:
Electronic Authentication Animations –Common Authentication Methods (Script)
1222:
624:
Compare with the five assurance levels and decide which one suits this case.
378:
232:
101:, such as a token and a credential, which may be in the form of a username.
1551:"Draft NIST Special Publication 800-63-3: Digital Authentication Guideline"
1394:. Executive Office of the President, Office of Management and Budget (OMB)
247:
Multi-factor authentication can still be vulnerable to attacks, including
1302:"Understanding Non-Repudiation of Origin and Non-Repudiation of Emission"
557:
Often, authentication and digital signing are applied in conjunction. In
219:
62:
607:
Assurance Level 3: High confidence in the asserted identity's validity.
605:
Assurance Level 2: Some confidence in the asserted identity's validity.
1415:"ELECTRONIC AUTHENTICATION: GUIDANCE FOR SELECTING SECURE TECHNIQUES"
1357:"ELECTRONIC AUTHENTICATION: GUIDANCE FOR SELECTING SECURE TECHNIQUES"
734:
627:
Select technology according to the technical guidance issued by NIST.
621:
Conduct a risk assessment, which measures possible negative impacts.
569:-regulation, the signer's identity is even certified by a qualified
218:
Knowledge factor, which is something that the user knows, such as a
1834:
Electronic Authentication: Guidance for Selecting Secure Techniques
630:
Confirm the selected authentication process satisfies requirements.
1688:"How to Increase App Security Through Mobile Phone Authentication"
823:
738:
566:
377:
329:
193:
80:
51:
1487:, eGovernment unit, European Commission, August 2006. See table 1
1417:. National Institute of Standards and Technology. Archived from
875:
873:
871:
869:
47:
1602:. The European Parliament and the Council of the European Union
1472:"Whole of Government Information and Communications Technology"
1849:
National Strategy for Trusted Identities in Cyberspace (NSTIC)
1848:
427:
263:
116:
1389:"Memorandum: E-Authentication Guideline for Federal Agencies"
927:
925:
641:
Inconvenience, distress, or damage to standing or reputation;
882:"Digital Authentication - Factors, Mechanisms and Schemes"
633:
Reassess the system regularly and adjust it with changes.
842:
The Office of the Government Chief Information Officer.
1485:
Breaking Barriers to eGovernment (Draft Deliverable 1b)
1553:. National Institute of Standards and Technology, USA
689:
identity management solutions in both 2013 and 2014.
653:
Personal safety; and/or civil or criminal violations.
1175:
Office of the Government Chief Information Officer.
1144:
Office of the Government Chief Information Officer.
1113:
Office of the Government Chief Information Officer.
1082:
Office of the Government Chief Information Officer.
1051:
Office of the Government Chief Information Officer.
502:
credentials are presented in-person, authentication
1715:
Warwick, Journal of Information Law &Technology
553:
Authentication and digital signing working together
222:, answers to challenge questions, ID numbers or a
1206:Andriamilanto, Nampoina; Allard, Tristan (2021).
420:as part of a multi-factor authentication scheme.
1808:E-authentication Directive Memo by randum M04-04
1254:Burr, W. E.; Dodson, D. F.; Polk, W. T. (2006).
1215:Companion Proceedings of the Web Conference 2021
113:Use of electronic authorization in medical field
709:'s effort to expand electronic government, or
663:National Institute of Standards and Technology
650:Unauthorized release of sensitive information;
91:National Institute of Standards and Technology
8:
647:Harm to agency programs or public interests;
1663:"e-Pramaan: Framework for e-Authentication"
462:. Unsourced material may be challenged and
298:. Unsourced material may be challenged and
151:. Unsourced material may be challenged and
1711:"Identity Authentication and 'E-Commerce'"
1027:"The Failure of Two-Factor Authentication"
65:to higher levels of security that utilize
1740:
1263:
1053:"Passwords and PINs based Authentication"
964:
705:E-authentication is a centerpiece of the
600:It established four levels of assurance:
482:Learn how and when to remove this message
318:Learn how and when to remove this message
171:Learn how and when to remove this message
834:
1803:US government E-authentication website
1759:
1748:
1382:
1380:
1378:
1282:
1271:
983:
972:
343:Passwords and PIN-based authentication
1256:"Electronic authentication guideline"
957:"Electronic authentication guideline"
934:"Digital Authentication - the Basics"
46:, it can provide evidence of whether
7:
460:adding citations to reliable sources
296:adding citations to reliable sources
149:adding citations to reliable sources
644:Financial loss or agency liability;
1686:Tolentino, Jamie (16 March 2015).
1637:"mobile authentication definition"
1002:"NIST Special Publication 800-63A"
658:Determining technical requirements
25:
1506:, Japan PKI Forum, June 2, 2005.
432:
268:
121:
595:Office of Management and Budget
411:Digital identity authentication
1115:"Symmetric-key Authentication"
563:qualified electronic signature
559:advanced electronic signatures
1:
1709:Ford, Matthew (23 Feb 2005).
1265:10.6028/NIST.SP.800-63v1.0.2
613:Determining assurance levels
361:Symmetric-key authentication
1779:"How eIDAS affects the USA"
1084:"Public-Key Authentication"
905:"What is E-Authentication?"
844:"What is e-Authentication?"
791:electronic data interchange
242:multi-factor authentication
210:Multi-factor authentication
95:Credential Service Provider
1907:
1177:"Biometric Authentication"
1146:"SMS based Authentication"
684:Guidelines and regulations
585:
207:
67:multifactor authentication
785:E-commerce authentication
719:Paperwork Elimination Act
368:two-factor authentication
352:Public-key authentication
249:man-in-the-middle attacks
28:Electronic authentication
966:10.6028/NIST.SP.800-63-1
707:United States government
515:electronic voter ID card
394:Biometric authentication
382:Biometric authentication
374:SMS-based authentication
1876:Politics and technology
1223:10.1145/3442442.3458610
811:self-sovereign identity
805:Self-sovereign identity
36:Digital authentication,
1758:Cite journal requires
1281:Cite journal requires
982:Cite journal requires
571:trust service provider
530:Authentication schemes
424:Electronic credentials
418:browser fingerprinting
383:
335:
204:Authentication factors
86:
1886:Public administration
1881:Technology in society
1574:"Understanding eIDAS"
1421:on September 15, 2015
1363:on September 15, 2015
772:Mobile authentication
511:electronic credential
388:Short Message Service
381:
333:
208:Further information:
84:
1217:. pp. 701–704.
1031:Schneier on Security
789:In the early 1980s,
456:improve this section
292:improve this section
251:and Trojan attacks.
145:improve this section
44:electronic signature
1871:Identity management
1452:on 20 December 2014
854:on 22 December 2015
549:to sign documents.
1891:Federated identity
1854:2016-08-15 at the
1641:SearchSecurity.com
1532:2008-03-05 at the
1521:2012-02-12 at the
1502:2011-07-22 at the
1187:on January 8, 2015
1156:on August 27, 2015
763:Other applications
565:as defined in the
496:birth certificates
384:
336:
87:
32:information system
1819:Cartão do Cidadão
1777:Walker, Heather.
1635:Margaret, Rouse.
1440:McCarthy, Shawn.
1413:Radack, Shirley.
1355:Radack, Shirley.
1232:978-1-4503-8313-4
1025:Schneier, Bruce.
768:described below.
492:
491:
484:
401:voice recognition
334:A sample of token
328:
327:
320:
181:
180:
173:
40:e-authentication,
16:(Redirected from
1898:
1791:
1790:
1788:
1786:
1774:
1768:
1767:
1761:
1756:
1754:
1746:
1744:
1732:
1726:
1725:
1723:
1721:
1706:
1700:
1699:
1697:
1695:
1683:
1677:
1676:
1674:
1672:
1667:
1658:
1652:
1651:
1649:
1647:
1632:
1626:
1625:
1618:
1612:
1611:
1609:
1607:
1592:
1586:
1585:
1583:
1581:
1569:
1563:
1562:
1560:
1558:
1547:
1541:
1513:
1507:
1494:
1488:
1482:
1476:
1475:
1468:
1462:
1461:
1459:
1457:
1448:. Archived from
1437:
1431:
1430:
1428:
1426:
1410:
1404:
1403:
1401:
1399:
1393:
1387:Bolten, Joshua.
1384:
1373:
1372:
1370:
1368:
1359:. Archived from
1352:
1346:
1345:
1343:
1341:
1336:on 27 April 2017
1335:
1329:. Archived from
1328:
1320:
1314:
1313:
1311:
1309:
1300:Turner, Dawn M.
1297:
1291:
1290:
1284:
1279:
1277:
1269:
1267:
1251:
1245:
1244:
1212:
1203:
1197:
1196:
1194:
1192:
1183:. Archived from
1172:
1166:
1165:
1163:
1161:
1152:. Archived from
1141:
1135:
1134:
1132:
1130:
1121:. Archived from
1110:
1104:
1103:
1101:
1099:
1090:. Archived from
1079:
1073:
1072:
1070:
1068:
1059:. Archived from
1048:
1042:
1041:
1039:
1037:
1022:
1016:
1015:
1013:
1012:
998:
992:
991:
985:
980:
978:
970:
968:
952:
946:
945:
943:
941:
932:Turner, Dawn M.
929:
920:
919:
917:
915:
900:
894:
893:
891:
889:
877:
864:
863:
861:
859:
850:. Archived from
839:
487:
480:
476:
473:
467:
436:
428:
405:face recognition
323:
316:
312:
309:
303:
272:
264:
176:
169:
165:
162:
156:
125:
117:
21:
1906:
1905:
1901:
1900:
1899:
1897:
1896:
1895:
1861:
1860:
1856:Wayback Machine
1799:
1794:
1784:
1782:
1776:
1775:
1771:
1757:
1747:
1742:10.1.1.100.1216
1734:
1733:
1729:
1719:
1717:
1708:
1707:
1703:
1693:
1691:
1685:
1684:
1680:
1670:
1668:
1665:
1660:
1659:
1655:
1645:
1643:
1634:
1633:
1629:
1620:
1619:
1615:
1605:
1603:
1594:
1593:
1589:
1579:
1577:
1571:
1570:
1566:
1556:
1554:
1549:
1548:
1544:
1534:Wayback Machine
1523:Wayback Machine
1514:
1510:
1504:Wayback Machine
1495:
1491:
1483:
1479:
1470:
1469:
1465:
1455:
1453:
1439:
1438:
1434:
1424:
1422:
1412:
1411:
1407:
1397:
1395:
1391:
1386:
1385:
1376:
1366:
1364:
1354:
1353:
1349:
1339:
1337:
1333:
1326:
1322:
1321:
1317:
1307:
1305:
1299:
1298:
1294:
1280:
1270:
1253:
1252:
1248:
1233:
1210:
1205:
1204:
1200:
1190:
1188:
1174:
1173:
1169:
1159:
1157:
1143:
1142:
1138:
1128:
1126:
1125:on July 9, 2015
1112:
1111:
1107:
1097:
1095:
1094:on May 31, 2015
1081:
1080:
1076:
1066:
1064:
1063:on May 31, 2015
1050:
1049:
1045:
1035:
1033:
1024:
1023:
1019:
1010:
1008:
1000:
999:
995:
981:
971:
954:
953:
949:
939:
937:
931:
930:
923:
913:
911:
903:McMahon, Mary.
902:
901:
897:
887:
885:
879:
878:
867:
857:
855:
841:
840:
836:
832:
819:
807:
787:
774:
765:
756:
731:
703:
686:
660:
615:
608:
606:
604:
590:
588:Risk assessment
584:
582:Risk assessment
575:non-repudiation
555:
532:
523:
488:
477:
471:
468:
453:
437:
426:
413:
396:
376:
363:
354:
345:
324:
313:
307:
304:
289:
273:
262:
257:
212:
206:
190:
177:
166:
160:
157:
142:
126:
115:
79:
71:security tokens
23:
22:
18:EAuthentication
15:
12:
11:
5:
1904:
1902:
1894:
1893:
1888:
1883:
1878:
1873:
1863:
1862:
1859:
1858:
1846:
1841:
1836:
1831:
1826:
1816:
1810:
1805:
1798:
1797:External links
1795:
1793:
1792:
1781:. Cryptomathic
1769:
1760:|journal=
1727:
1701:
1678:
1653:
1627:
1613:
1587:
1576:. Cryptomathic
1572:Turner, Dawn.
1564:
1542:
1508:
1489:
1477:
1463:
1432:
1405:
1374:
1347:
1315:
1304:. Cryptomathic
1292:
1283:|journal=
1246:
1231:
1198:
1167:
1136:
1105:
1074:
1043:
1017:
1006:pages.nist.gov
993:
984:|journal=
947:
936:. Cryptomathic
921:
895:
884:. Cryptomathic
880:Balbas, Luis.
865:
833:
831:
828:
818:
815:
806:
803:
799:online payment
786:
783:
773:
770:
764:
761:
755:
752:
742:transactions.
730:
727:
702:
699:
685:
682:
681:
680:
677:
674:
671:
659:
656:
655:
654:
651:
648:
645:
642:
635:
634:
631:
628:
625:
622:
614:
611:
586:Main article:
583:
580:
554:
551:
531:
528:
522:
519:
490:
489:
440:
438:
431:
425:
422:
412:
409:
395:
392:
375:
372:
362:
359:
353:
350:
344:
341:
326:
325:
276:
274:
267:
261:
258:
256:
253:
237:
236:
230:
227:
205:
202:
189:
186:
179:
178:
129:
127:
120:
114:
111:
107:online banking
78:
75:
56:identity theft
24:
14:
13:
10:
9:
6:
4:
3:
2:
1903:
1892:
1889:
1887:
1884:
1882:
1879:
1877:
1874:
1872:
1869:
1868:
1866:
1857:
1853:
1850:
1847:
1845:
1842:
1840:
1837:
1835:
1832:
1830:
1827:
1824:
1820:
1817:
1814:
1811:
1809:
1806:
1804:
1801:
1800:
1796:
1780:
1773:
1770:
1765:
1752:
1743:
1738:
1731:
1728:
1716:
1712:
1705:
1702:
1689:
1682:
1679:
1664:
1657:
1654:
1642:
1638:
1631:
1628:
1623:
1617:
1614:
1601:
1597:
1591:
1588:
1575:
1568:
1565:
1552:
1546:
1543:
1539:
1535:
1531:
1528:
1524:
1520:
1517:
1512:
1509:
1505:
1501:
1498:
1493:
1490:
1486:
1481:
1478:
1473:
1467:
1464:
1451:
1447:
1443:
1436:
1433:
1420:
1416:
1409:
1406:
1390:
1383:
1381:
1379:
1375:
1362:
1358:
1351:
1348:
1332:
1325:
1319:
1316:
1303:
1296:
1293:
1288:
1275:
1266:
1261:
1257:
1250:
1247:
1242:
1238:
1234:
1228:
1224:
1220:
1216:
1209:
1202:
1199:
1186:
1182:
1178:
1171:
1168:
1155:
1151:
1147:
1140:
1137:
1124:
1120:
1116:
1109:
1106:
1093:
1089:
1085:
1078:
1075:
1062:
1058:
1054:
1047:
1044:
1032:
1028:
1021:
1018:
1007:
1003:
997:
994:
989:
976:
967:
962:
958:
951:
948:
935:
928:
926:
922:
910:
906:
899:
896:
883:
876:
874:
872:
870:
866:
853:
849:
845:
838:
835:
829:
827:
825:
816:
814:
812:
804:
802:
800:
794:
792:
784:
782:
778:
771:
769:
762:
760:
753:
751:
747:
743:
740:
736:
728:
726:
722:
720:
714:
712:
708:
701:United States
700:
698:
694:
690:
683:
678:
675:
672:
668:
667:
666:
664:
657:
652:
649:
646:
643:
640:
639:
638:
632:
629:
626:
623:
620:
619:
618:
612:
610:
601:
598:
596:
589:
581:
579:
576:
572:
568:
564:
560:
552:
550:
546:
543:
539:
535:
529:
527:
520:
518:
516:
512:
507:
505:
499:
497:
486:
483:
475:
472:February 2023
465:
461:
457:
451:
450:
446:
441:This section
439:
435:
430:
429:
423:
421:
419:
410:
408:
406:
402:
393:
391:
389:
380:
373:
371:
369:
360:
358:
351:
349:
342:
340:
332:
322:
319:
311:
308:February 2023
301:
297:
293:
287:
286:
282:
277:This section
275:
271:
266:
265:
259:
254:
252:
250:
245:
243:
234:
231:
228:
225:
221:
217:
216:
215:
211:
203:
201:
199:
195:
187:
185:
175:
172:
164:
161:February 2023
154:
150:
146:
140:
139:
135:
130:This section
128:
124:
119:
118:
112:
110:
108:
102:
100:
99:authenticator
96:
92:
89:The American
83:
76:
74:
72:
68:
64:
59:
57:
53:
49:
45:
41:
37:
33:
29:
19:
1783:. Retrieved
1772:
1751:cite journal
1730:
1718:. Retrieved
1714:
1704:
1692:. Retrieved
1681:
1669:. Retrieved
1656:
1644:. Retrieved
1640:
1630:
1616:
1604:. Retrieved
1599:
1590:
1578:. Retrieved
1567:
1555:. Retrieved
1545:
1511:
1492:
1480:
1466:
1454:. Retrieved
1450:the original
1445:
1435:
1423:. Retrieved
1419:the original
1408:
1396:. Retrieved
1365:. Retrieved
1361:the original
1350:
1338:. Retrieved
1331:the original
1318:
1306:. Retrieved
1295:
1274:cite journal
1249:
1214:
1201:
1189:. Retrieved
1185:the original
1180:
1170:
1158:. Retrieved
1154:the original
1149:
1139:
1127:. Retrieved
1123:the original
1118:
1108:
1096:. Retrieved
1092:the original
1087:
1077:
1065:. Retrieved
1061:the original
1056:
1046:
1034:. Retrieved
1030:
1020:
1009:. Retrieved
1005:
996:
975:cite journal
950:
938:. Retrieved
912:. Retrieved
908:
898:
886:. Retrieved
856:. Retrieved
852:the original
847:
837:
820:
817:Perspectives
808:
795:
788:
779:
775:
766:
757:
748:
744:
732:
723:
718:
715:
711:e-government
704:
695:
691:
687:
661:
636:
616:
602:
599:
591:
556:
547:
544:
540:
536:
533:
524:
508:
500:
493:
478:
469:
454:Please help
442:
414:
397:
385:
364:
355:
346:
337:
314:
305:
290:Please help
278:
246:
238:
213:
191:
182:
167:
158:
143:Please help
131:
103:
88:
60:
39:
35:
27:
26:
198:Mesopotamia
196:in ancient
1865:Categories
1823:Portuguese
1720:3 November
1694:3 November
1690:. TNW news
1671:3 November
1646:3 November
1456:2 November
1425:3 November
1367:3 November
1340:3 November
1191:3 November
1160:3 November
1129:3 November
1098:3 November
1067:2 November
1036:2 November
1011:2023-09-19
914:2 November
858:1 November
830:References
801:services.
504:biometrics
1785:9 January
1737:CiteSeerX
1557:9 January
1540:(M04-04).
1516:Australia
1398:9 January
1308:9 January
1241:233296722
940:9 January
888:9 January
521:Verifiers
443:does not
370:systems.
279:does not
233:Biometric
194:Sumerians
132:does not
1852:Archived
1606:18 March
1580:12 April
1530:Archived
1519:Archived
1500:Archived
909:wiseGEEK
220:password
77:Overview
63:password
1600:EUR-Lex
464:removed
449:sources
300:removed
285:sources
255:Methods
188:History
153:removed
138:sources
1739:
1527:Canada
1239:
1229:
754:Russia
735:Europe
729:Europe
1813:DigiD
1666:(PDF)
1392:(PDF)
1334:(PDF)
1327:(PDF)
1237:S2CID
1211:(PDF)
824:eIDAS
809:With
739:eIDAS
567:eIDAS
260:Token
52:fraud
1821:– A
1787:2017
1764:help
1722:2015
1696:2015
1673:2015
1648:2015
1608:2016
1582:2016
1559:2017
1458:2015
1427:2015
1400:2017
1369:2015
1342:2015
1310:2017
1287:help
1227:ISBN
1193:2015
1162:2015
1131:2015
1100:2015
1069:2015
1038:2015
988:help
942:2017
916:2015
890:2017
860:2015
670:key.
447:any
445:cite
283:any
281:cite
136:any
134:cite
54:and
48:data
1446:GCN
1260:doi
1219:doi
961:doi
733:In
458:by
294:by
224:PIN
147:by
38:or
1867::
1755::
1753:}}
1749:{{
1713:.
1639:.
1598:.
1538:US
1536:,
1525:,
1444:.
1377:^
1278::
1276:}}
1272:{{
1258:.
1235:.
1225:.
1213:.
1179:.
1148:.
1117:.
1086:.
1055:.
1029:.
1004:.
979::
977:}}
973:{{
959:.
924:^
907:.
868:^
846:.
737:,
403:,
34:.
1789:.
1766:)
1762:(
1745:.
1724:.
1698:.
1675:.
1650:.
1624:.
1610:.
1584:.
1561:.
1474:.
1460:.
1429:.
1402:.
1371:.
1344:.
1312:.
1289:)
1285:(
1268:.
1262::
1243:.
1221::
1195:.
1164:.
1133:.
1102:.
1071:.
1040:.
1014:.
990:)
986:(
969:.
963::
944:.
918:.
892:.
862:.
485:)
479:(
474:)
470:(
466:.
452:.
321:)
315:(
310:)
306:(
302:.
288:.
226:.
174:)
168:(
163:)
159:(
155:.
141:.
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.