Generally, security systems employ an identity-based authentication scheme to verify the identity of an entity before granting access to a computer system or a computerized resource. One goal of such security systems is to accurately determine identity so that an unauthorized party cannot gain access. Security systems can use one or more of several factors, alone or in combination, to authenticate entities. For example, security systems can be based on something that the entity knows, something the entity is or something that the entity has.
Examples of something an entity knows are a code word, password, personal identification number (“PIN”) and the like. Examples of something the entity is include a distinct characteristic or attribute known as a biometric. An example of something an entity possesses is a physical or digital object, referred to generally as a token, that is unique, or relatively unique, to the user.
However, it will be appreciated that the threat in connection with security systems is increasing. For example, a password or token may easily be compromised. Indeed, even though it is a little more difficult, it is possible to fraudulently create a copy of a biometric. For example, for voice authentication a user's voice may be recorded and later used to initiate authentication. Therefore, there is a need for further security measures when verifying the identity of an entity before granting access to a computer system or a computerized resource.