In this special review, we round up the various authentication devices on the market. From fingerprint scanners, to single sign-on software and biometric technology -- we have the authentication market covered.
Authentication vs authorisation
Passwords and token devices
Notebook with fingerprint scanner
Organised crime syndicates would love to get their hands on some smart programmer who could make this dream a reality and capture all that juicy data. And what information would they steal -- credit card information? Bank account details and passwords? Username and password lists for multinational organisations? Potentially yes, but all that is really passÃƒÂ© these days and the syndicates have moved on.
These days it is all about personal information, most of which is already publicly available on the Internet or in our garbage bins for those who are happy to search enough for it. If someone with malicious intentions can make enough of a personal profile about someone then they have effectively stolen that person's identity, commonly known as identity theft, which when used by unauthorised individuals becomes identity fraud.
Identity theft is nothing new, in fact it has been going on for years. Traditionally, not even associated with electronic crime it was used by people avoiding the law and tax, and claiming benefits they may not necessarily be entitled too. There are fraud taskforces setup by the Federal Police and ATO who investigate identity fraud full time. It is just that now with technology as an enabler it is easier, faster and able to be performed on a much larger and more anonymous scale.
And to complicate matters even more, in the ICT arena, it is not only humans that have an identity but pretty much any object on your network. Therefore there are a whole lot more identities to manage and decide who or which can or can't be authorised access to resources. This is commonly called IAM (identity and access management). The basic premise which must be understood is that authentication is actually quite different from authorisation.