- From: John Foliot <john.foliot@deque.com>
- Date: Fri, 22 Jul 2016 11:55:30 -0400
- To: "White, Jason J" <jjwhite@ets.org>
- Cc: "tink@tink.uk" <tink@tink.uk>, David MacDonald <david100@sympatico.ca>, Katie Haritos-Shea GMAIL <ryladog@gmail.com>, Patrick Lauke <redux@splintered.co.uk>, WCAG <w3c-wai-gl@w3.org>
- Message-ID: <CAKdCpxzHF01PmB8VTOssnamsOz7EfmFOiy8_V=cEojUpBr=XpA@mail.gmail.com>
I think (as others have suggested) that this is likely a WCAG 3.0/Silver discussion, as it also seems to involve hardware and platform specific variables likely outside of the "content" authors control. About 2 or 3 years ago, I recall having an exploratory discussion around the use of biometrics and authentication (while I was at JPMC), and during those chats we absolutely understood that biometrics could augment (but not replace) other forms of input/authentication, and I actually saw a proof of concept authentication platform that allowed for multiple forms of biometrics to authenticate: eye-scan/gaze, fingerprints, voice recognition, etc. Thoughtfully applied, this could actually benefit some users (I'm thinking mobility impaired as an easy example). The PoC platform I saw could also leveraged other variables, such as GPS-aware sensors (i.e. you could set a profile that your cell phone or other type of dongle ( https://shop.smartthings.com/#!/products/samsung-smartthings-arrival-sensor) had to be in physical proximity to an ATM that was attempting to withdraw money from your account) and/or you could require any 2 of 5 or 6 different authentication "triggers" (e.g. voice and eye-scan). It strikes me that this may be fertile ground for the newly formed Research Questions TF that Jason is heading up to further explore (with a plug for that TF: https://www.w3.org/WAI/APA/task-forces/research-questions/). We may also want to monitor the Web Payments Working Group as they work on authentication APIs (etc.), as I suspect there will be some valuable cross-over between those efforts and personalization of web content and secure, personalized "user profiles". JF On Fri, Jul 22, 2016 at 9:14 AM, White, Jason J <jjwhite@ets.org> wrote: > > > > -----Original Message----- > > From: LĂ©onie Watson [mailto:tink@tink.uk] > > On 22/07/2016 00:21, David MacDonald wrote: > > > yup... we currently require any input including Bio-metric,to be > > > keyboard accessible, but perhaps there is room for more. > > > > Requiring a non-keyboard input device to be keyboard accessible seems > > counter-intuitive. > > [Jason] Yes, and this isn't what WCAG 2.0 requires. All functionality of > the Web content (be it a document or application) must be keyboard > operable. This doesn't exclude biometrics, audio or video input, for > example, as long as the application is keyboard-accessible as specified in > 2.1.1. > However, suppose we set up an authentication scheme whereby the user has > to supply a finger print. If this is part of the Web content rather than of > the user agent, then I suspect it's inconsistent with 2.1.1; it's certainly > an insurmountable accessibility barrier to anyone who can't make use of a > fingerprint scanner (for any number of disability-related reasons), thus it > arguably shouldn't conform to WCAG. > If we had an API that allowed the user agent to choose a means of > biometric authentication appropriate to the user's needs and abilities, > then I would maintain that the content should then conform to WCAG. > > > > Agree this is an important conversation. It's a broad ranging discussion > though, > > and one I think might be better suited to whatever comes after 2.1. > > > [Jason] I also look forward to contributing to that discussion, which is > undoubtedly necessary. > > > ________________________________ > > This e-mail and any files transmitted with it may contain privileged or > confidential information. It is solely for use by the individual for whom > it is intended, even if addressed incorrectly. If you received this e-mail > in error, please notify the sender; do not disclose, copy, distribute, or > take any action in reliance on the contents of this information; and delete > it from your system. Any other use of this e-mail is prohibited. > > > Thank you for your compliance. > > ________________________________ > -- John Foliot Principal Accessibility Strategist Deque Systems Inc. john.foliot@deque.com Advancing the mission of digital accessibility and inclusion
Received on Friday, 22 July 2016 15:56:02 UTC