Usually basic access authentication requires user name and password that are inputted via web browser or other client program. This method is very popular and it is supported by many applications, though users tend to forget their logins and passwords, and thus block access to their accounts.
The alternative to login and password authorization can be authorization based on biometric identifiers. It is rather complicated to stole and use biometrics to access personal information. So biometrics can be effectively used as physical access granting systems, also biometrics data can serve as a permission or restriction for some group or individuals to get some services or rights.
Fingerprint recognition includes recording fingertips characteristics like whorls, arches, loops, pattern of ridges, furrows that captured with optical CCD or CMOS image sensor. Though fingerprints can be obtained from latent prints occasionally left on objects and majority of readers do not check for the “live” finger.
Face recognition supposes that face images are recorded and analyzed. Measurements are broken into facial planes and kept in database, so to be further used for comparison. However the face proportions change as people grow old so the data should be constantly updated, besides the video equipment for that recognition can be rather costly.
Speech authentication includes fundamental frequency, nasal tone, cadence, inflection, but it is hard to get accurate results when there is environmental background noise.
Iris recognition analyzes features like rings, furrows, freckles of the colored tissue around the pupil and use regular video camera. Though effectiveness of the results significantly depends on the lighting and user positioning.
While applying hand recognition technology the image of the hand or two fingers of the hand are captured by camera, the silhouette is extracted and characteristics are stored. But the authentication can fail if by chance people would have the same geometry of the hand.
Retina recognition uses infrared scanning; it compares images of the blood vessels in the back of the eye. Now it is used in high-end security applications like military installations and power plants. The big drawback is that it requires expensive equipment and harmful for human eye.
Signature recognition is widely used now and is based on features like number of interior contours and number of vertical slope components. The disadvantage is that it can change with the time or be reproduced by professional forgers.
As a result authentication through biometrics though being highly secure method also provides room for falsification and requires expensive equipment.
As another option for authentication there can be considered radio-frequency identification (RFID). Here the data are transferred by electromagnetic fields which make possible automatic identification and tracking tags attached to objects. The tags contain electronically stored information. Devices with such tags can be powered by electromagnetic induction from magnetic fields produced near the reader, or collect energy from the interrogating radio waves and act as a passive transponder. Or have a local power source such as a battery and may operate at hundreds of meters from the reader. Since RFID tags can be attached to any possessions, or implanted in animals and people, there is high risk that personal information may be read without aware of the owner. So the usage of such method may jeopardize the sensitive data that can be captured by malicious third parties.
One more authentication method is the near field communication technology (NFC), used in various devices (like smartphones) to establish radio communication with each other by touching the devices together or bringing them into close distance. Each NFC device can work as NFC Card Emulation, as NFC Reader/Writer and as NFC peer-to-peer (P2P mode). In the mode of NFC Card emulation such devices as smartphones are able to act like smart cards, allowing users to perform transactions like payment or ticketing. NFC tags typically contain data placed in secure personal data storage, e.g. debit or credit card information, loyalty program data, Personal Identification Numbers (PINs), contacts.
There can be provided authentication via smart card, a pocket-sized card with embedded integrated circuits. It is effectively used for single sign-on (SSO) within large organizations. Also having card reader installed it can be used as authorization facility for access to some sensitive information stored on local computer, in local network or Internet.
One more variant for authentication is to compose unique image from various segments, and then use predetermined “correct” image as a basis for security functions for device. Accordingly to Tobias Marciszko et al, image, serving as a code, is divided into segments. A user may construct a unified image based on the selected segments. For example, a user may change the top portion of the image (woman's head wearing a baseball cap) to another image (e.g., a man's head wearing a fireman's helmet), such as those shown in US 20110096997A1.
The major disadvantage of this approach is that another person that happens to be nearby would be able to oversee and remember the unique picture.
Thus, there is a need for new method of authorization dialog organizing that would be enough safe, quick and comfortable for user and that could be adjusted accordingly to user's needs.