Distracters in Digital Identity
‘Password-less Authentication’ and ‘Biometrics as a Password-Killer’ – We have been repeatedly taking them up as two of the major distracters in digital identity. These two unfounded allegations have been absorbing the people’s attention and deflecting them from focusing on the truly valid digital identity solutions.
Something detrimental should be removed, whereas something insufficient could be supplemented and enhanced. Mixing up the former and the latter, we would witness a very queer situation in which something detrimental is enhanced and something insufficient is removed.
In physical space, nobody dare to allege that a lock/key system used for our homes is insufficient and therefore should be removed altogether for higher home security. Every one of us agrees that the weak lock/key system should be supplemented and enhanced by adding something else.
In cyberspace, however, there are people who allege that something insufficient should be removed for achieving higher security. That is “Password-less authentication”. With the password removed, the identity authentication would become much more convenient indeed. Sadly, not just for us but also for criminals.
“Password-less authentication” has an even more grave problem; it could mean “Will/Volition-less” authentication, which is not consistent with the values of democracy. We would see a 1984-like dystopia where our identity authentication is completed without our knowledge or against our will.
The myth of ‘Biometrics as Password-Killer’ would be killed in 2 minutes with this video (*1)
We have recently come to notice a wrong interpretation (*2) of Risk Based Authentication (RBA) as another distracter in digital identity, though not as bad as the two hypes abovementioned.
There is nothing wrong with the RBA itself. The distracter is a ‘misunderstood RBA’. A correctly understood RBA could be effectively deployed with Expanded Password System (*3), which is in the stage of Draft Proposal at OASIS Open Projects, where the sort of balance between security and convenience is preferred. Just in case we offer a caveat on the ‘misunderstood RBA’ here (*4)
< Related Articles >
Intriguing Evolution from One to Two and Back to One
< Hyperlink >
*1 Biometrics in Cyber Space - "below-one" factor authentication https://youtu.be/wuhB5vxKYlg
*2 How risk-based authentication has become an essential security tool https://www.csoonline.com/article/3271134/how-risk-based-authentication-has-become-an-essential-security-tool.html
*3 Departure from Text Passwords https://www.paymentsjournal.com/departure-from-text-passwords/
*4 Caveat on Risk Based Authentication https://www.slideshare.net/secret/iOUZflQp5l6A8r
Hitoshi Kokumaiの記事
ブログを見るI take up this report today - “Facebook's metaverse plans labelled as 'dystopian' and 'a bad idea'” ...
I today take up this The Register report - “Client-side content scanning as an unworkable, insecure ...
Biometrics is 'probabilistic' by nature since it measures unpredictably variable body features of li ...
この職種に興味がある方はこちら
-
プログラマー
次の場所にあります: Whatjobs JP C2 - 5時間前
株式会社ITS 台東区, 日本【職種名】 · 【正社員求人/未経験者OK】ゲームAIプログラマー · **仕事内容**: · お仕事内容 · ・AI戦略の開発業務 · - ゲーム内のNPCが現実的かつ挑戦的な行動を取れるように、戦略や決定プロセスを設計します。これには敵の攻撃パターン、味方の支援行動、キャラクター間のインタラクションなどが含まれます。 · ・行動木の設計 · - NPCの行動選択を管理するための行動木(Behavior Trees)や状態マシンを作成し、キャラクターがさまざまな状況に応じて適切に反応するようにします。 · ・パスファインディング業務 · - キャラクタ ...
-
輸送機器の検査スタッフ
次の場所にあります: Whatjobs JP C2 - 6日前
ルフレ合同会社 茨木市, 日本**輸送機器の検査スタッフ**: · **〈20代〜30代の方が多い職場未経験者でも安心の研修制度完備〉** · - 深夜手当や残業手当でガッツリ稼げます。 · - スピード面接&スピード入社で最短でお仕事始めませんか? · **募集要項**: · **仕事内容** · - 〈工場勤務未経験の方歓迎輸送機器の検査スタッフ〉 · - 簡単作業で未経験の方でもすぐにお仕事スタート可能です · - 製品の組み立てや検査が主なお仕事内容です。 · - ——————————————— · クリーンルーム内での作業です · - 冷暖房が完備されているので1年中快適な ...
-
データ入力/契約内容の変更受付
次の場所にあります: Whatjobs JP C2 - 13時間前
スタートミー_採用窓口 渋谷区, 日本**採用詳細**: · **データ入力/契約内容の変更受付**: · **募集項目**: · **勤務先**: · STARTME,inc · **職種**: · データ入力/契約内容の変更受付 · **雇用形態**: · 派遣社員 · **仕事内容**: · - \未経験OK大手企業勤務&大人気のオフィスワーク/週払いOK服装・髪色・ネイル自由簡単なデータ入力/事務やコールセンターのお仕事 · - (仕事内容) · - 【時給MAX320円UP】第一生命*氏名変更してほしいなど|駅2分 · - \採用予定人数4名/ · - 大手保険会社にて 問い合わせ ...
コメント