Skip to content

Authentication

links: SPA TOC - Identification Authentication - Index


Authentication

  • It's the proof of an asserted property
  • If someone claims to be the owner of an email address then authentication is making sure this person actually owns this email address.
  • Can rely on third part

Authentication factors

  • Knowledge factor: Something the user knows (password, PIN, ...)
  • Ownership factor: Something the user has (Security token, smart card, ...)
  • Inherence factor: Something the user is or does (fingerprint, retinal pattern, ...)

Types of authentication

  • Single-factor auth: Weakest level, only single factor is used
  • Two-factor auth(2FA): Using 2 factors
  • Multi-factor auth: Using two or more authentication factors
  • Strong auth:
    • Multi-factor auth
    • Factors must be mutually independent (compromise of one factor does not lead to compromise of other factors)
    • At least one factor must be "non-reusable and non-replicable" (exception: inherence factor \(\rightarrow\) fingerprint etc.)
    • Can't be stolen off the internet

Dynamic Linking

Security requirement under EU law for electronic payments that ties the authentication code to the transaction amount and the payee's identity to prevent replay attack


links: SPA TOC - Identification Authentication - Index