Personalized Authentication: When Will Demand Catch Up With Technology?
In an environment where our citizens are personally under the threat of ongoing digital attacks, the need for quick, reliable and accurate authentication to gain physical and electronic access to various elements of our lives has never been more important. Our adversaries are getting more creative in their attacks, and identity theft has become one of the fastest-growing crimes against Americans with consequences for both individuals and the nation. A key tool against these threats is convenient, widely-acceptable and affordable personal authentication devices.
To support more widespread development and acceptance of such devices, specific technologies are needed. These include device platforms, infrastructure interfaces, biometric recognition, cryptography, high-speed processing and robust communications. Fortunately, all of these are economical and readily-available. Device platforms include: smartcards, USB tokens, PCMCIA cards, mobile phones, and PDAs. Infrastructure interfaces to support all these devices are also readily available, and broadband connectivity is available to most homes and businesses. All new computers have USB ports, the majority of laptops have both PCMCIA and USB ports, most PDAs are USB-capable, and many mobile phones have full PDA capabilities. Cryptographic algorithms have been approved and several companies have developed high-speed crypto microchips. Iris and thumb recognition protocols have even been developed to authenticate users of thumb drives, mobile phones and laptops.
However, we do not yet have enough consumer awareness, nor do we have adequate usage of all these technologies to make a difference. For over three years, two major credit card companies have offered their customers smartcards and readers for free. Surprisingly, less than 1 percent of cardholders have adopted them. Lack of widespread consumer acceptance is the major barrier to the mass replacement of ordinary credit cards with the more secure smartcards — and it is a cultural issue, not a technological hurdle.
When this widespread acceptance does take place, we can imagine the day when an individual has one device on their person that will allow them to access their car, their home, their office, their financial resources, their communications technologies and much more. That day is very close, and the technologies are already here.
Since many companies have worked hard to bring the tools and solutions to market already, the big question concerns what forces will drive demand. Will it be primarily personal convenience, the need to prevent identity theft, government encouragement or far-sighted innovation and leadership?
James P. Litchko is a nationally recognized expert on information security and infrastructure assurance. Paul Byron Pattak has worked extensively on national security and homeland security issues. Both serve on the Advisory Board for GOVSEC — The Government Security Expo and Conference which will be held July 28-29, 2004 in Washington, D.C. — www.govsecinfo.com.