User Device

From MgmtWiki
Jump to: navigation, search

Full Title or Meme

A portable User held computer with capability acting as or including a User Authenticator.


  • While it is possible to program a User Device to function with more than one user, this page will focus on a purely personal device.
  • Both separate user held devices, like FIDO U2F late binding tokens, or user credential held securely in a Trusted Execution Environment on a User Device like a Smart Phone are considered.
  • Biometric Attributes are taken to be exclusively the measure of human characteristics like fingerprint, facial and behavior patterns.
  • The human characteristics are another factor that can be a part of Multi-factor Authentication.
  • So the human characteristics can be considered to be a Credential.
  • The measurements of the characteristic are compared against a template of the characteristics using some Assurance level to produce a Validated claim.


  • False positives
  • False negatives
  • Attacks against the sensor capabilities. Various movie and television plots have shown the attacks like taking someone's eyeball, or using a thin-film replica of a finger print to complete an Authentication which Authorizes access.