technology
Prove It: Authentication in a Digital World
The latest authentication technologies: iris scans, palm reading, and more.
By Adam Silver
As an increasing number of Americans embrace the Internet as a part of their daily lives, the demand for online security has skyrocketed. The average fraud per American due to identity theft has risen from $5,249 in 2003 to $6,383 in 2006. And it’s not just individuals who are being affected; a recent security breach at Los Alamos National Laboratory resulted in nuclear secrets being stolen and sent to third parties – all through unencrypted e-mail.
Effective security relies on accurate authentication, which can be typically achieved in one of three ways: something you have (such as an ID card), something you know (like a PIN number), or something you are (e.g. a biometric identifier). As stronger computing power makes simple passwords and PINs easier to defeat, more complex identifiers are emerging, like RFID and 3D biometrics, to discourage would-be thieves.
In the following article, we investigate a fresh batch of security tech aimed to keep our data, and our identities, safe.
|
Who: US Department of State US Passports issued after October 2006 now include radio frequency identification chips (RFIDs), which contain personal information and digital imagery of the document holder. The chips were also built with additional storage capacity, permitting the government to add biometric data if and when these identification technologies become standard. The UK and Germany have announced similar plans. |
 |
 |
Who: CLEAR Long security lines are becoming more common among the nation’s overburdened airports, worsened by tightening security restrictions. CLEAR recognized the market opportunity by offering to pre-screen travelers and provide them with a smartchip-enhanced card containing their biometric data. Travelers can present the card to move through security more quickly and with less hassle. |
|
Who: Bank of America It’s estimated that phishing – an Internet scam used to steal credit card and social security numbers from unsuspecting consumers – defrauded more than one million Americans of $929 million dollars in the period from May 2004 to May 2005. In response to this concern, Bank of America employed a novel and relatively low-tech measure: have every user select an arbitrary secret image along with their password. If the user doesn’t see the image when he logs in, he knows the website is fraudulent, and can exit the site without revealing any sensitive data. "We wanted to not only protect our customers, but give them a way to feel very safe that when they come to BankofAmerica.com, that it really is BankofAmerica.com" says Sanjay Gupta, an electronic commerce executive at Bank of America. |
 Click to Enlarge |
 Click to Enlarge |
Who: Hushmail Hushmail provides its users with free and secure email access. If both participants are using Hushmail, their message is fully encrypted from one computer to the other, offering the highest level of security. Otherwise, the message can be unlocked with a password by the recipient or sent via unencrypted methods. Hushmail also offers an encrypted IM client called Hush Messenger, bringing encryption to instant messaging. Servers are based in Canada, which currently provides greater legal safeguards for identity protection than the United States. |
