Electronic authentication, also referred to as e-authentication, is the process of establishing confidence in user identities electronically presented to an information system. Authentication is a process closely related to identification. In online environments, the username identifies the user, while the password authenticates that the user is whom the user claims to be. E-authentication presents a technical challenge when this process involves the remote authentication of individual people over a network.
In any authenticated on-line transaction, the verifier is the party that may verify that the claimant has possession and control of the token that verifies his or her identity. A claimant may authenticate his or her identity to a verifier by the use of a token and an authentication protocol. This is called Proof of Possession (PoP). Many PoP protocols are designed so that a verifier, with no knowledge of the token before the authentication protocol run, learns nothing about the token from the protocol run. The verifier and credential service provider (CSP) may be the same entity, the verifier and relying party may be the same entity, or they may all three be separate entities.