Authentication is the act of confirming the truth of an attribute of a single piece of data claimed to be true by an entity. User authentication is the act of confirming the truth of a user identity asserted in a computer transmission. In contrast to user identification, which refers to the act of stating or otherwise indicating a claim attesting to a user's identity, authentication is the process of actually confirming that asserted identity. The process may involve confirming the identity of a person by validating their identity documents, verifying the authenticity of a website with a digital certificate, determining the age of an artifact by carbon dating, or ensuring that a product is what its packaging and labeling claim to be. In other words, authentication often involves verifying the validity of at least one form of identification.
The authentication of user identities can pose special problems with electronic communications, such as vulnerability to man-in-the-middle attacks, where a third party taps into a communication session, and poses as one or more of the communicating parties to intercept information. Therefore, user authentication may include the verification of an active human-to-machine transfer of credentials required for confirmation of a user's identity. The term “digital authentication” refers to a group of processes where confidence for user identities is established using electronic methods and systems. The digital authentication process creates technical challenges because of the need to authenticate individuals or entities remotely over a network with limited subset of information.
User authentication may authorize human-to-machine interactions on both wired and wireless networks to enable access to network-connected systems and resources. Traditionally, user authentication has typically consisted of a simple identifier (ID) and password combination. More secure systems may include additional authentication factors to improve the security of communications. In general terms, the main authentication factors include knowledge, possession and inherence. Knowledge factors include all things a user must know in order to access a resource, including user names or IDs, passwords or personal identification numbers (PINs), and secret questions. Possession factors include anything a user must have in their possession in order to log in, including one-time password tokens, key fobs, smartphone apps, employee ID cards, subscriber identity module (SIM) card-based mobile phones, and so forth. Inherence factors include any inherent traits the user has that may be confirmed by a computer system, including retina scans, iris scans, fingerprint scans, finger vein scans, facial recognition, voice recognition, hand geometry, earlobe geometry, and so forth.