Page Properties | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|
Quotes
Even if we put aside for a moment the problem of initial authentication, we also need to
consider the problem of continuous authentication: After one computer has authenticated
another and is ready to engage in some kind of data exchange, each computer has to
monitor for a wiretapping or hijacking attack by which a new computer would enter into
the communication, falsely alleging to be the authenticated one, as depicted in Figure 4-6.
...
A single authentication factor is generally not considered sufficiently trustworthy. An authentication process is usually considered more robust and reliable when it employs multiple types of authentication factors.21
(…)
21 As digital ID systems evolve this understanding is becoming more nuanced. Where authentication is active and continuous, authentication strength is sometimes assessed, not in terms of the number of different authentication factors and types, but in terms of overall robustness resulting from the use of multiple sources of dynamic, digital customer data, including expected log-in channels, geolocation, frequency of usage, type of usage, IP addresses and biomechanical metric behavioural patterns
(FATF, 2020, p. 22)
Bibliography
See Also
Filter by label (Content by label) | ||||||
---|---|---|---|---|---|---|
|
...