China
Africa
Explore chapters and articles related to this topic
Identification and Entity Authentication
Published in Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone, Handbook of Applied Cryptography, 2018
Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone
10.2 Remark (identification terminology)The terms identification and entity authentication are used synonymously throughout this book. Distinction is made between weak, strong, and zero-knowledge based authentication. Elsewhere in the literature, sometimes identification implies only a claimed or stated identity whereas entity authentication suggests a corroborated identity.
Privacy, Security, and Trust
Published in Julie A. Jacko, The Human–Computer Interaction Handbook, 2012
John Karat, Clare-Marie Karat, Carolyn Brodie
Whatever methods are used, at each stage of an authentication process, we can ask “is it secure?” The real areas of vulnerability are the input mechanism and the user. In the case of knowledge-based authentication, the user must be able to keep the secret and the secret must be hard to discover.
Rain Drop Service and Biometric Verification Based Blockchain Technology for Securing the Bank Transactions from Cyber Crimes Using Weighted Fair Blockchain (WFB) Algorithm
Published in Cybernetics and Systems, 2023
The top part of Cybercrime consists of hacking and data fraud. Banks are becoming recognized as all the customer’s cash is held with banks. The customers’ safety is an ample opportunity because it has grown to be something but hard to hack the very own database. The preferred methods and tools may be used to identify a customer who carries out an online (remote/distant) transaction. It includes Authentication by using login ID, password, passphrase, security code, knowledge-based authentication (security questions in both shared secret or dynamic); something the user has, such as a security token, smart card, key fob, etc. One-time password delivered by SMS (Hazari and Mahmoud 2020), Electronic/digital signature. The connection of a financial system to the Internet for providing remote (online/distant) services to customers enable cybercriminals to interfere with the operation of banking and other payment systems. The most serious threats posed by cybercriminals to remote banking systems include theft or alteration (deletion) of banking information or personal data; malware infection of banking systems; disabling remote banking systems by sending bulk messages through botnets (networks of infected computers). There are many cybercrime-related vulnerabilities, including, among other things, the use of malware for stealing customer information stored with credit institutions, intellectual property, technologies, etc.
PushPIN: A Pressure-Based Behavioral Biometric Authentication System for Smartwatches
Published in International Journal of Human–Computer Interaction, 2023
Smartwatches log, store, and provide access to various private user information. This makes the use of lock systems capable of limiting an attacker’s access to devices imperative. The dominant approach to this problem involves knowledge based authentication: users verify their identity by entering “something they know,” typically a secret code or password. Common smartwatch techniques are adapted from smartphones in the form of PIN and APL. While they are convenient and familiar, these techniques are widely reported to be susceptible to guessing and video observation attacks (Nguyen & Memon, 2018). Furthermore, the small screens of smartwatches may lead to fat-finger problems Siek et al. (2005), which may result in compromised security by reducing the adoption rates of lock systems (Oakley et al., 2018).
On improving the memorability of system-assigned recognition-based passwords
Published in Behaviour & Information Technology, 2022
Mahdi Nasrullah Al-Ameen, Sonali T. Marne, Kanis Fatema, Matthew Wright, Shannon Scielzo
In our literature review, we focused on knowledge-based authentication. We note that prior work (Mishra et al. 2015) has also proposed alternatives to such schemes, like using physical tokens (e.g. smart cards) for authentication. The extra hardware requirement adds costs, however, and is hard to extend to multiple accounts without creating a ‘necklace effect’, where the user must carry an unwieldy number of tokens. Biometrics like fingerprints (Roy, Memon, and Ross 2017) can be useful for authenticating to devices, but they have the downside of not being easily updated if stolen or damaged. For these reasons, as well as cost and ease of deployment, knowledge-based authentication remains the dominant authentication technique for online accounts. For a more extensive survey of the field of password replacement schemes, we suggest the work of Bonneau et al. (2012).