Users sometimes share their credentials with other users even when there is a prohibition against doing so. For example, a company may issue a badge to a first user to allow access to particular resources. The first user may then lend the badge to a second user who does not otherwise have access to those resources. In some cases, the sharing/loaning of credentials is relatively innocuous. For example, a worker who is otherwise unauthorized may obtain direct access to files/data to facilitate performance of his or her work duties. In such situations, sharing/loaning credentials may be seen as “cutting through red tape” and may be deemed relatively harmless by the participants. However, in other cases, the reason for using another's credentials may be more nefarious. For instance, an absent worker may have a coworker use the absent worker's badge or ID card to fraudulently record that the absent worker was at work.
Irrespective of the motivation for improperly using credentials of another, the result is almost always a breach in security since, by definition, the person that is using another's credentials is probably not authorized to do whatever they are doing with the wrong credentials. In some instances, co-workers may inhibit loaning credentials by, for example, visually confirming that a photograph on an identity badge matches a face of a person wearing the badge. However, in other cases, security badges are used for automated systems that, for example, open a door to grant access to a restricted area or allow the holder to access a restricted computer. In many of these cases, there may not be an opportunity for anyone to verify that the user is using his or her own credentials.
Accordingly, it would be desirable to automate security functions to inhibit a user from using a security badge or similar credentials of another user.