Abstract
In today’s highly wired, mobile, and multitasking information society, the problems of verifying, identifying, and authenticating an individual continue to pose a great challenge. To see how complex this problem is we will take a look at all current technologies used in personal identification and authentication. All these technologies need you to present something that you have that uniquely identifies you or something you know that nobody else knows. Something you have can be a key or a token, like a card or drivers license, and something you know could be your password, your Social Security number, or personal identification number (PIN). The danger with all these approaches and the technology associated with them is that they all can be spoofed easily. For example, something you know can be forgotten and access then will be denied. Something you know can be given away to somebody hostile to you under duress; and something you have may be taken away under similar circumstances or it can be lost. Because we naturally forget, we lose things we are not supposed to lose; we can be forced to surrender things we hold dear. In other words, we are human. The current technologies for personal identification, verification, and authentication, as we discussed them in Chapter 10, cannot be relied on anymore in this new information society.