It has been almost three decades and we still continue to use the same way of authorizing users. The only noteworthy advancement is that we also have the option of using a virtual keyboard or to some extent biometrics like finger print or retina scan.
The current known and prevalent ways of validating the users are:
- Information attributed to a user: A password, personal identification number (PIN) or answers to an approved set of security questions.
- Tokens: Smart cards, Electronic key cards, physical keys, etc.
- Static biometrics or physical attributes of an individual: Face Recognition, Retina scan, Fingerprint matching.
- Dynamic Biometrics: Voice based recognition, Handwriting based authentication, Typing rhythm.
With the rising security concerns coupled with the advent of multiple ‘things’ interacting with each other and the world moving towards the internet of everything, managing multiple passwords could be a challenge and the humans interacting with machines without these credentials has a high possibility to increase the consumer engagement experience. Could we design a system that goes beyond the basic combination of username and password? Is it time to move to a solution that identifies people based on behavioral parameters and means?
Some new workarounds that seems to be gradually taking shape are:
- Authorizing users based on their behavior of using the mouse and keyboard
- An authentication system that identifies users based on their pattern of clicking various tabs
- The pattern of mouse motion to detect the disappeared cursor
It will definitely be a welcome change to decrease the navigation through multiple screens especially if they are just to ensure that you are who you claim to be. But their viability and effectiveness still remains to be judged. Maybe we will have to wait for some more time to conclude. Till then, I will just Log Out.
We can definately/should design a system that goes beyond the basic combination of username and password.
ReplyDeleteChange & Customization is necessary.