Authentication Factors

There are three categories of authentication methods and a variety of credentials available for each method:

• - Something you know (username/password, PIN, knowledge/shared secret)
• - Something you have (machine, phone, card, token, certificate)
• - something you are (fingerprint, voiceprint, iris scan)

The better known credentials are shown here.

These various credentials vary widely in cost, ease of use, and ease of administration. Because of these considerations, some credentials, like biometrics and hard OTP tokens, are often eliminated for wide deployments. Credential selection should be based on a balanced assessment of the application or asset being protected and the user profile, including: user sophistication, distribution, overall quantity, and the ability to directly reach, touch and support those users.

IdMlogic’s Service Oriented Authentication Architecture - SOA² supports a wide range of authentication credentials. And by combining methods as “layers,” we are able to dynamically vary access controls and us alternative methods to address those “what if” scenarios that can otherwise impact user satisfaction.