A number of financial and non-financial institutions have implemented various “online financial transaction” capabilities. Most such services require clients to register a debit/credit card or bank account before sending or receiving funds. As an example, recipients of payments may receive email notifications with a specially coded link to register and authenticate before receiving several payment options, such as depositing or withdrawing funds into a bank or credit card account.
However, authentication in a communication network normally includes confirming a client attempting to access a system or a network. The authentication process is the most basic and essential process of protecting principal assets. Currently, there are three authentication schemes which are primarily used in a communication network.
A first authentication scheme is to confirm something you know, a second authentication scheme is to confirm something you have, and a third authentication scheme is to confirm you yourself. Among the three authentication schemes, the authentication scheme of confirming something the client knows, e.g., a log-on password, is most widely used on computer networks. In this scheme, when a client-input password is correct, the client is authorized. However, in the scheme of confirming the log-on password, a password may be stolen or robbed, exposed due to carelessness, or lost. Furthermore, many users or clients are suffering from password fatigue, and many are looking to simplify the manner in which day-to-day transactions and activities are conducted, including transactions for larger funds. To solve this problem, a more powerful authentication scheme is necessary.
As more powerful authentication, Two-Factor Authentication using a combination of two of the three methods, as mentioned earlier, has been proposed. The two-factor authentication is widely used for applications necessitating powerful client authentication. The two-factor authentication is commonly based on both ‘Something you know’ and ‘Something you have’. Representative examples of the two-factor authentication include a credit card, a cash card, and Internet banking service. The card itself is what a client has physically (“What you have”), and a password corresponding to this card is what the client knows (“What you know”). The two factors are required for successful authentication.
The two-factor authentication greatly reduces losses or damage due to on-line fraudulent use of an ID. This is because one cannot access desired information or system through fraudulent use of a password without holding a card. Accordingly, the two-factor authentication provides much higher security than typical single factor authentication schemes.
However, there are some constraints obstructing spreading of the two-factor authentication. That is, clients tend to dislike carrying something new. Furthermore, enterprises have adopted different two-factor authentications, resulting in low compatibility. Further, the information contained in either three authentication schemes contain static information, that is information that can be “hijacked” if the client's identity is stolen via malicious software and hacking techniques designed to infiltrate personal accounts and personal information. Thus, an authentication scheme capable of providing both powerful security and client-friendliness is urgently needed.
With the recent rapid development of communication network technology, and where rapid acquisition of a substantial amount of information is of importance, and where clients are exponentially more mobile and not bound to a single office in a specific city, clients are demanding advanced solutions utilizing multimedia information including sound, image, and moving picture, in addition to existing telephone and data transmission service, more suited to their needs. Video conference as a representative application using multimedia transmission service has been studied, and developed and implemented in a variety of environments.