Authentication Methods

Preventing unauthorized access to an organization’s data and networks is imperative in protecting a company’s information systems. It is important to note that regulations, standards, and laws may necessitate the confidentiality of certain information, such as health records. Neglecting to maintain the confidentiality of specific types of data could lead to reputational harm, customer attrition, liability lawsuits, financial losses, penalty fines, criminal charges, and additional consequences. It is vital for IT support specialists to take all measures possible to protect confidential information.

There are three types of authentication methods:

• Something you know: password or PIN number

• Something you have: bank card, USB device, key fob, or OTP (one-time password)

• Something you are: biometric data, like a fingerprint, voice signature, facial recognition, or retinal scan

You will know more about biometrics in this reading, along with two additional categories of authentication methods:

• Somewhere you are: geofencing, GPS, Indoor Positioning Systems (IPS)

• Something you do: gestures, swipe patterns, CAPTCHA, or patterns of behavior

Some authentication technologies inherently require two factors:

Somewhere you are + Something you have - Near Field Communication (NFC) uses both proximity to an NFC scanner and a device like an NFC-enabled smartphone or an RFID chip on an employee ID or bank card.

Something you are: Biometrics

The biometric authentication process, which consists of two distinct steps: enrollment and authentication. The enrollment phase occurs when the user submits their biometric data for the first time via a hardware scanner. During this phase, specific characteristics of the biometric data are extracted, encrypted, and subsequently stored, typically in a database or on a personal mobile device. The second step, authentication, takes place when the user presents their biometric data once more to the scanner to gain access to the secured item. This new scan is then compared against the originally stored biometric data to verify the individual’s identity.

Fingerprint scanning.

Fingerprint scanners utilize small capacitive cells that are designed to detect the ridges of fingerprints. It is important to note that dirt and moisture can hinder the scanner's functionality. As an IT support specialist, it may be necessary for you to replace any damaged fingerprint scanners on customer devices.

Facial recognition.

The use of facial recognition as a biometric authentication method in various smartphone models. Many smartphones are equipped with both the necessary hardware and software to implement this technology. Typically, this process involves the utilization of two cameras. The first camera captures images using standard color photography, while the second camera employs infrared technology to assess depth, thereby confirming that your face is three-dimensional. This dual-camera system serves to thwart potential hackers from unlocking mobile devices using mere photographs of authorized users.

Iris and retinal scanning

Iris scanning is not considered a secure method of biometric authentication, as a photograph of an individual's iris may be utilized to gain unauthorized access. In contrast, retinal scanning is regarded as one of the more secure forms of biometric authentication. The complexity and uniqueness of the retinal features in a person's eye make it exceedingly challenging to impersonate. Our retinas exhibit distinctive and intricate patterns in the arrangement of blood vessels, which can be captured by directing a beam of infrared light into the eye. It is important to note that eye injuries and medical conditions affecting the eyes may alter the patterns of retinal blood vessels, potentially resulting in users being denied access to their devices. While retinal scanning is indeed secure, it is worth mentioning that the technology can be costly and may present challenges in implementation.

Somewhere you are: Geolocation

The geographical location of a user can serve as one part of a multi-factor authentication policy or to deny access to users based on their locations. Geolocation services can use GPS, IP ranges, WiFi access points, cell phone towers, and/or Bluetooth beacons to estimate a mobile user’s location.

Geofencing

Geofencing is employed to verify the identity of users who are physically present within a designated radius of a specific location. For instance, when placing an order through the McDonald’s mobile application, the restaurant will refrain from processing your order until your smartphone is located within a specified distance from the restaurant. Additionally, it is not permissible to send another individual to collect your order, as that person would be unable to authenticate without your smartphone being within the geofencing radius.

Global Positioning Systems (GPS)

Global Positioning Systems (GPS) utilize satellites that orbit the Earth to determine a device's longitude and latitude. It is essential for the mobile device to be equipped with GPS sensors and to have GPS services activated in order to utilize GPS-based authentication technologies effectively. Furthermore, GPS can be employed to authenticate a device by assessing the user's physical location. Additionally, insurance companies leverage GPS data to validate the authenticity of disaster claims submitted via mobile applications.

Indoor Positioning Systems (IPS)

Indoor Positioning Systems (IPS) determine a device's location through the utilization of WiFi access points, cellular towers, and/or Bluetooth beacons. It is essential for users to provide consent for applications to utilize this technology. Furthermore, IPS locations may be employed to restrict network access when an individual has entered a designated restricted area.

Near-field communication (NFC) and scanners

You may have interacted with a near-field communication (NFC) scanner by using contactless payments with a credit card, bank card, or smartphone. NFC technology can also be used for authentication and access to physical buildings through school or employment ID cards.

NFC transmits on the same frequency as high-frequency RFID (13.56 MHz) and has a short distance range of 10 centimeters. The short distance range provides some protection from hackers attempting to intercept the connection to obtain your credit card information. However, NFC is not fully secure. An innocuous-looking NFC scanner sitting next to an NFC-enabled payment device could record all NFC transactions that occur within 10 cm of the device in a “man in the middle” security breach.

Something you do: Gestures and Behaviors

You may already be acquainted with the use of gestures, such as swipe patterns, for unlocking a smartphone. Another method of gesture-based authentication is the picture password, which necessitates that the user touches specific, confidential points on an image to gain access to the device. Furthermore, patterns in individuals' behaviors can be utilized to verify identity. For instance, an organization might track the login and logout times of employees within a computer system. These patterns could be observed for any unusual deviations in employee behavior, which may suggest that the individual in question is, in fact, an imposter.

Turing tests serve the purpose of ascertaining whether an unidentified entity is a human or a machine. It is likely that you have encountered a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) to verify your identity as a human rather than a bot. This verification process is achieved by requesting the user to recognize specific items within a collection of photographs. The utilization of images for this test is because visual content poses a greater challenge for bots to interpret compared to text.