Physical and digital security systems rely on technologies and techniques that are antiquated in today's world. In the digital world, passwords only prove that an individual knows a password. In the physical world, access cards only prove that an individual has an access card or was able to make a copy of the access card. Despite their widespread implementation, such techniques represent a security hole in the modern world. Whether physical or digital, these constructs have been put in place to make access control decisions by confirming a person's identity at a given time. However, these systems create several security problems. First, while a password or a security card function as a proxy for a user's identity, neither validates that the person using the password (and/or card) is in fact the user to whom the identity belongs. Second, passwords or security cards can be easily compromised. For example, a user may guess another user's password or duplicate or steal another user's security card. Additionally, once access has been granted based on receipt of a password or security card, access is often granted for a longer period of time than is appropriate for an average user.
Although security techniques have been developed to address these problems, existing techniques are still unable to address the problems described above. Multi-Factor Authentication techniques may increase the difficulty required to impersonate another user, but they are still unable to validate a user's identity. Smart Cards may replace a username or password with a physical card and a PIN, but a user impersonating another user need only have their card and know their PIN to be granted access. Moreover, these techniques add additional implementation challenges, for example requiring users to carry additional security cards that are not practical for mobile users and requiring that physical access points be outfitted with compatible card reading technologies. Conventional biometric systems are very expensive and difficult to implement and are not designed to improve the convenience with which a user may be granted access. Moreover, these systems still often rely on a back-up password which can be stolen or guessed by another user.