Factor Fight

From MgmtWiki
Jump to: navigation, search

Full Title or Meme

Which is the best Authentication Factor to use? "something you have" or "something you are"?

Context

Any Authentication Factor leads to the two primary problems.

  • Security, primarily the security of Access to some protected resource
  • Privacy, primarily the protection of a user's private data.

Problems

  • All Authentication factors release personally identifiable information (PII) in order to complete their work. The stronger the Authentication, the more information is released.
  • Biometrics, or "something your are" seems to be the best way to show Proof of Presence and is promoted by Brent Arsenault CISO at Microsoft. (2021-06-18)
  • A Wired article "Facial Verification Won't Fight Fraud"[1] encourages states in the US to switch to state issued IDs or "something you have".

References

  1. Albert Fox Cahn. Facial Verification Won't Fight Fraud Wired (2021-06-11) https://www.wired.com/story/opinion-facial-verification-wont-fight-fraud/?bxid=5c5b250d24c17c67f8640083&cndid=45183233&esrc=AUTO_PRINT&source=EDT_WIR_NEWSLETTER_0_TRANSPORTATION_ZZ&utm_brand=wired

Other material