Risk Based Authentication

The technique that uses both contextual and historical user information along with data supplied during an internet transaction to assess the probability of whether a user interaction is authentic or not is called risk based authentication.

Traditional username and password along with information such as who the user is, from where the user is logging in (IP address and information of the location from where the user is actually in at the time of transaction), velocity of the transaction (the process of verifying if its possible for a person who recently logged in from location 1 could login from location 2) and the type of device the user is using are considered as contextual information.

Continue reading “Risk Based Authentication”

Biometrics Authentication

Passwords and personal identification numbers (PIN) are information that we need to remember since the day we started interacting with digital systems. Do we know the count of passwords we need to remember? Do we know if we forgot a password already? Some of these passwords also known as passphrase are long to remember that we need to come up with a pattern to create such passwords. We sometimes rely on tools such as a sticky, PDA or text file to store these lists of passwords.

Would it be easy to identify yourself as if you are been seen by another individual acknowledging their acquaintance with you? That’s exactly what a biometric authentication technology does. It uses a physical or psychological trait that the individual always has with him or her for identification and/or authentication.

In this system, the physical or psychological trait of an individual is measured, recorded and quantified to obtain a biometric enrollment. The system can be sure to a degree of certainty that a person is who he/she claims to be based on this initial enrollment. A template, which is a long string of alphanumeric characters that describes the characteristics or features of the person, is created at each enrollment based on a biometric algorithm. The algorithm that translates physical traits to a digital representation is called the biometric algorithm. The algorithm also allows matching of a newly created template (live template) with that of the initially created one. If the matching is not closed enough, the person will not be verified.

Continue reading “Biometrics Authentication”

Vulnerability During City Strike

My home town, Toronto, is going through a strike by city workers. It’s all over the news with CNN interviewing the Mayor and governments issuing travel advisories. There is no garbage collection at most of the town and many services run by the city workers are closed. Parents are forced to look for day care alternatives while some of the parks are now garbage dump sites.

I am not going to political aspects of whether it’s good or bad. However, I would recommend everyone not to throw out your bills and other unwanted documents to such garbage without properly shredding them. Dumpster divers may have access to such sites and could easily get hold of your personal information that includes credit card and other financial account numbers. Your address is more than enough for an identity theft.