A tradeoff exists between providing secure authentication of an individual's identity while not over-burdening the individual with daunting authentication requirements. Identity authentication should be secure so that the individual is not susceptible to identity theft during identity authentication. The identity authentication should also be convenient for the individual so that the individual can easily participate in identity authentication and engage in the activities protected by the authentication.
Conventional identity authentication techniques include conventional authentication of a personal identification number (PIN) and/or a password provided by the individual seeking authentication. Conventional authentication of a PIN and/or a password includes an inherent tradeoff between security and convenience for the individual. There is a significant threat of identity theft from hackers attempting to steal the individual's PIN and/or password to gain access to the individual's activities associated with the entity. For example, hackers may attempt to steal an individual's password to the individual's online banking account provided by the individual's bank. In order to increase the difficulty of the hacker from gaining access to an individual's PIN and/or password, the individual should generate a complicated PIN and/or password that differs for each entity that the individual is engaged with that requires identity authentication. The complicated PIN and/or password should also be unrelated to personal aspects of the individual, such as the individual's birth date.
However, having a complicated PIN and/or password that differs for each entity and is unrelated to the personal aspects of the individual increases the difficulty of the individual to easily recall the appropriate PIN and/or password for each entity. This increased difficulty adds an inconvenience to the individual because the individual may not be able to recall the appropriate PIN and/or password when attempting to engage the entity. For example, the individual may not recall their PIN when attempting to access money from an automatic teller machine (ATM). Without the proper PIN, the individual cannot obtain the requested funds from the ATM and would have to take additional measures to determine the proper PIN.
In order to increase the ease of the individual to remember the appropriate PIN and/or password for each entity, the individual may select the same PIN and/or password for each entity that the individual is engaged with and/or also associate the PIN and/or password to a personal aspect of the individual. For example, the individual may select the individual's birth date as the PIN and/or password for every entity the individual is engaged. Although this increases the convenience of the individual to easily recall the appropriate PIN and/or password, this increases the susceptibility of the individual to identity theft. A hacker simply needs to obtain the PIN and/or password for the individual for a single entity and then can have access to every other entity the individual is engaged with that uses the stolen PIN and/or password for identity authentication.
Conventional identity authentication techniques also include conventional hardware and/or software tokens required by an entity to authenticate the individual's identity. Conventional hardware and/or software tokens also include an inherent tradeoff between security and convenience for the individual. Conventional hardware and/or software tokens are more difficult to obtain via hacking into an entity's system to obtain the individual's PIN and/or password. Conventional hardware and/or software tokens are also more difficult to duplicate via computation than the individual's PIN and/or password. However, conventional hardware and/or software tokens can physically be stolen. Once stolen, the individual's activities associated with the entity that requires the conventional hardware and/or software token for identity authentication are compromised and can be accessed.
For example, once the conventional hardware token is physically stolen, the individual's bank accounts associated with the bank that requires the conventional hardware token to authenticate the individual's identity are now accessible to the possessor of the conventional hardware token. The individual also has the added inconvenience of not being able to access the bank accounts when the individual forgets to bring the conventional hardware token to the bank. The individual would have to take additional measures to obtain the conventional hardware token before being able to access the bank accounts.
Conventional identity authentication techniques also include conventional biometric imprints. A conventional biometric imprint is a digital scan of a physical aspect of the individual. For example, a conventional biometric imprint includes a digital scan of an individual's fingerprint. The conventional biometric imprint is unique to the individual in that no other individual can have a substantially identical biometric imprint. Each individual has fingerprints unique to themselves. The conventional biometric imprint is also convenient for the individual because the individual always has their fingers available to be digitally scanned when engaged in an identity authentication session. However, the individual also leaves their fingerprints on physical objects that can easily be digitally scanned and replicated. Once an individual's fingerprint has been digitally scanned, replicated and essentially stolen, the individual's activities are now susceptible with every entity that presently require the individual's fingerprint and any entity in the future that requires the individual's fingerprint. Unlike a PIN and/or password, the individual cannot change their fingerprint.
For example, an individual's fingerprint is digitally scanned by a third party unknown to the individual from a touch screen at a gas pump after the individual operated the gas pump leaving their fingerprints at the gas pump. The individual's fingerprint has now been stolen and can be used to fraudulently access the individual's bank accounts associated with a bank that requires the digital scanning of the individual's fingerprint to authenticate the individual's identity. Digitally scanned fingerprints are also stored as electronic data, thereby exposing the individual's fingerprint data to hackers. The individual cannot change their fingerprint so now the individual's activities associated with the bank or any future entity that requires digital scanning of the individual's fingerprint for identity authentication are now accessible to others in possession of the digital scan of the individual's fingerprint.