Identity theft and identity protection are major issues and define a significant goals for the computer industry. One issue in identity protection and theft is protecting biometric and bio-behavioral data and verifying received biometric and/or bio-behavioral data in a manner that ensures the integrity and trustworthiness of the data. As processing speeds have increased, brute force attacks represent a significant and growing threat. Developments such as general-purpose computing on graphics processing units (GPGPU) password cracking and rainbow tables (precomputed tables for reversing cryptographic hash functions, usually for cracking password hashes) may be used advantageously to crack passwords and gain unauthorized access to a target. GPGPU cracking may produce upwards of half a billion (500,000,000) passwords per second even on lower end graphical processing hardware. Rainbow tables may be used to crack 14 character alphanumeric passwords in less than three minutes. Purpose built field-programmable gate arrays (FPGAs) may reduce the time needed to crack passwords even further.
Multifactor authentication (MFA) employs a layered defense to increase the difficulty and reduce the likelihood of unauthorized access to a target such as a physical location, computing device, network, or database. MFA typically combines two or more independent credentials such that if one credential is compromised or broken, the attacker must still overcome one additional credential before access to the target is provided. Example MFAs include swiping a card or other object and entering a personal identification number, logging into a Website and being requested to enter a one-time code delivered using an out-of-band (i.e., cell phone) device, and similar.
Authentication factors are a category of credential used for identity verification. In MFA applications, each additional authentication factor increases the assurance that an entity requesting access to a resource is who they actually purport to be. The three most common categories of authentication factors include something that you know (the knowledge factor), something that you have in your possession (the possession factor), and something that you are (the inherence factor).
Although the following Detailed Description will proceed with reference being made to illustrative embodiments, many alternatives, modifications and variations thereof will be apparent to those skilled in the art.