Corporations and other entities that are concerned about the security of their assets have utilized various methods to authenticate users. Because it is prohibitively expensive to hire security guards to watch over every asset, electronic methods are most commonly used to authenticate users.
One conventional method for authenticating users is to require users to carry a card that stores information about the user. The authentication system can then identify the user from the information on the card, and then determine whether or not to allow the user to access certain target resources. One example of this type of card is a Smart Card. A contact card is one form of card that can communicate with an authentication system by being placed in physical contact with a contact card reader. One problem with using this type of card to permit access to resources only when it is present is that users may forget to remove their card from the reader when they are done using a target resource.
Another form of card used in a conventional authentication system is one that contains a radio frequency (RF) transceiver. These cards are contactless in that they don't need to be physically inserted into a card programmer. A contactless card communicates wirelessly with an authentication system through sensors that detect the presence of the contactless card or by the card actively signaling to sensors. One problem that could occur with an authentication system that utilizes contactless cards is a replay attack. A replay attack is when an unauthorized user utilizes a device to eavesdrop on the wireless communication of an authorized user's card with the authentication system. The unauthorized user's device may then be able to replay the communication to “trick” the authentication system into believing the unauthorized user is actually the authorized user.
In both cases, the possession of a physical identity (the card) provides only a single factor of authentication. Stronger authentication uses more than one factor, such as both a physical card and a password and/or a biometric reading. While presentation of the physical identity may be very easy and quick, typically the additional authentication factor involves significantly more inconvenience and delay.