A variety of networks are used today. Computer networks include local area networks (LANs), metropolitan area networks (MANs), wide area networks (WANs), intranets, the Internet and other types of networks. Communication networks include those for conventional telephone service, cellular networks of different varieties, paging, services and others. Networks are used for many purposes, including, to communicate, to access data and to execute transactions. For many reasons, including security, it is often necessary to confirm or authenticate the identity of a user before permitting access to data or a transaction to occur on the network.
One known approach to computer network authentication is the use of user-specific passwords. Passwords provide some level of protection, but they are not fail-safe. One reason passwords are vulnerable is that users often share them. Even if they are kept private, someone who wants to obtain a password badly enough often can, using random generators, keyboard monitors or other techniques. Moreover, when dealing with unknown users such as, people who want to conduct an electronic transaction over the Internet, ad hoc passwords are not practical.
Various non-password schemes exist that perform some level of authentication before authorizing transactions or permitting access to data. These systems generally require a user to provide a sampling of basic identification information such as name, date of birth, social security number, address, telephone number and driver's license information. This sort of information, sometimes known as wallet-type information, is compared to known data such as a credit file to determine how well the user's input matches that source.
For various reasons, one-level authentication schemes are not totally reliable. In some instances, a user who provides accurate identification information may not be authenticated. This may occur, for example, because the user enters a nickname or a contraction rather than a proper name, and the authentication process does not check for a nickname or other variation. As a result, a user who should be entitled to access information or perform a transaction can not. Other inconsistencies may trigger a false negative, and often the false negative will terminate the transaction without further processing or corrective querying.
In other instances, a user who supplies fraudulent information may be authenticated. This may occur when lost or stolen wallet-type information is entered by an unauthorized user. Other situations may also lead to a false positive result. Both false positives and false negatives are undesirable.
Other reasons for unwarranted summary rejection, and other drawbacks, exist.