- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Mon, 30 Sep 2013 03:40:05 +0200
- To: eanders@pobox.com
- Cc: Web Payments <public-webpayments@w3.org>
- Message-ID: <CAKaEYhJNG+UvqsSv0gBB=iTxUyTpT86JAej4dZ-cFECZsGYeuA@mail.gmail.com>
On 30 September 2013 03:18, <eanders@pobox.com> wrote: > 2 very good articles in my weekly news post touch on why identity is SO > important. > > Identity needs at least 2-3 layers of authentication. > > 1) Username/Password > 2) 2 factor authentication like Google Authenticator, Symantec VIP > Authenticator, Yubikey, SMS text, Challenge/Response One-Time-Passwords, > etc. > 3) Biometric Fingerprint or eyeball scan. > > Here are the 2 articles quicker access. > http://www.washingtonpost.com/**blogs/the-switch/wp/2013/09/** > 26/how-security-breaches-at-**data-aggregators-make-more-**fraud-possible/<http://www.washingtonpost.com/blogs/the-switch/wp/2013/09/26/how-security-breaches-at-data-aggregators-make-more-fraud-possible/> > > http://www.cio-today.com/**story.xhtml?story_id=**12200BVX9Z3E<http://www.cio-today.com/story.xhtml?story_id=12200BVX9Z3E> > Nice links, thanks for sharing! There is a tendency on the web to closely couple identity and authentication together. I feel it's important to think about identity as a way to describe yourself, to link to various attributes, to link from, to make friends, and to grow a reputation. On the other hand the process of verifying identity, ie authentication, will be layered on top of this (hopefully with a clean separation). Payswarm does a great job of this already, but not all that many others do, due to the fact that they become one holistic system, rather than modular. On the topic of Authentication there's emerging, imho, a trend for 3 factor authentication. 1. Something you know 2. Something you have 3. Something you are Depending on the level of security you need, you can pick from these options.
Received on Monday, 30 September 2013 01:40:32 UTC