A comprehensive guide to authentication technologies and methods
Processes and technologies for digital identity offer multiple opportunities for impersonation and other attacks.
Digital identity presents a technical challenge because this process often involves proofing individuals over an open network, and always involves the authentication of individual subjects over an open network to access digital services.
There is an increased interest on strong user authentication, as more and more regulations such as GDPR, and standards such as PCI DSS, require strict security compliance for protecting personal information, for electronic payments and the protection of consumers’ financial data.
A system can have strong security, but become self-defeating if user authentication jeopardizes user convenience. A good security strategy is one where there is the right tradeoff between security and user convenience, which can be achieved by adapting the level of authentication based on a continuous risk assessment.
The purpose of this whitepaper is to present the various authentication methods and how these methods mitigate various attack vectors and match with various levels of authentication assurance.