Authentication: The identification check
Authentication refers to the identity verification of a person, a machine or a device. In this process, the user authenticates himself and is authenticated by the recipient or server through appropriate proof.
Authentication methods
There are three different ways of authentication: by knowledge, by possession, or by physical characteristics or biometric data capture. Authentication by knowledge is given, for example, when a password or PIN must be requested. Authentication is only possible with this knowledge. The disadvantage of this method is that a password can be forgotten or passed on. In addition, insecure and overly simple passwords pose a security risk. Authentication by possession requires a physical object, such as a key or magnetic card. Again, there is a risk that the key could be passed on. In addition, loss or the possibility of duplication represent security vulnerabilities. When querying biometric or physical characteristics, the main risk is that characteristics are not recognized accurately and therefore unauthorized persons with similar characteristics gain access, or that correct characteristics are not recognized. Examples of biometric, or physical features are fingerprints or iris scans.
Use of authentication methods
The choice of authentication method depends primarily on the technical circumstances and the potential security risk. The most common use of authentication by knowledge is on the Internet, where people have to prove their identity, for example in forums and mail programs, by entering an individual user name and a password. Only if both parameters are correct, access to personal data and settings is granted. Authentication by means of a possession such as a key card or TANs are used in various areas. On the one hand, to actually be used physically, for example to gain entry to restricted areas, but also on the Internet, where changing TANs are necessary for online banking. The use of biometric authentication queries is not yet as widespread as the other two methods, but is becoming increasingly important. Computers that allow users to log in using fingerprints have been around for a long time. The storage of fingerprints in the new ID documents means that at least this method will also be used more and more.
Minimizing security risks
There are several ways to minimize the security risks associated with all authentication methods. Setting up strong passwords is one simple way that even end users can use to minimize their personal risk. Other options include one-time authentication methods such as TAN numbers that change with each use. A combination of methods can also increase protection, a typical example being ATMs where you can only withdraw money if you have a card and know your PIN.
