uthentication (from Greek: authentikos, "real, genuine," from authentes,

"author") is the act of confirming the truth of an attribute of a single piece of data (datum) or entity. In
contrast with identification which refers to the act of stating or otherwise indicating a claim
purportedly attesting to a person or thing's identity, authentication is the process of actually
confirming that identity. It might involve confirming the identity of a person by validating their identity
documents, verifying the validity of a Website with adigital certificate, tracing the age of an artifact
by carbon dating, or ensuring that a product is what its packaging and labeling claim to be. In other
words, authentication often involves verifying the validity of at least one form of identification.
Contents
[hide]

1 Methods

2 Factors and identity

o

2.1 Two-factor authentication

3 Product authentication

3.1 Packaging
4 Information content

4.1 Factual verification

4.2 Video authentication

4.3 Literacy & Literature authentication

5 History and state-of-the-art

o

5.1 Strong authentication

6 Authorization

7 Access control

8 See also

9 References

10 External links

Methods[edit]
Main article: Provenance
Authentication has relevance to multiple fields. In art, antiques, and anthropology, a common
problem is verifying that a given artifact was produced by a certain person or was produced in a
certain place or period of history. In computer science, verifying a person's identity is often required
to secure access to confidential data or systems.
Authentication can be considered to be of three types:
The first type of authentication is accepting proof of identity given by a credible person who has
first-hand evidence that the identity is genuine. When authentication is required of art or physical
objects, this proof could be a friend, family member or colleague attesting to the item's provenance,
perhaps by having witnessed the item in its creator's possession. With autographed sports
memorabilia, this could involve someone attesting that they witnessed the object being signed. A
vendor selling branded items implies authenticity, while he or she may not have evidence that every
step in the supply chain was authenticated. This hear-say authentication has no use case example in
the context of computer security.
The second type of authentication is comparing the attributes of the object itself to what is known
about objects of that origin. For example, an art expert might look for similarities in the style of
painting, check the location and form of a signature, or compare the object to an old photograph.
An archaeologist might use carbon dating to verify the age of an artifact, do a chemical analysis of
the materials used, or compare the style of construction or decoration to other artifacts of similar
origin. The physics of sound and light, and comparison with a known physical environment, can be
used to examine the authenticity of audio recordings, photographs, or videos. Documents can be
verified as being created on ink or paper readily available at the time of the item's implied creation.
Attribute comparison may be vulnerable to forgery. In general, it relies on the facts that creating a
forgery indistinguishable from a genuine artifact requires expert knowledge, that mistakes are easily
made, and that the amount of effort required to do so is considerably greater than the amount of
profit that can be gained from the forgery.

In art and antiques, certificates are of great importance for authenticating an object of interest and
value. Certificates can, however, also be forged, and the authentication of these poses a problem.
For instance, the son of Han van Meegeren, the well-known art-forger, forged the work of his father
and provided a certificate for its provenance as well; see the article Jacques van Meegeren.
Criminal and civil penalties for fraud, forgery, and counterfeiting can reduce the incentive for
falsification, depending on the risk of getting caught.
Currency and other financial instruments commonly use this second type of authentication method.
Bills, coins, and cheques incorporate hard-to-duplicate physical features, such as fine printing or
engraving, distinctive feel, watermarks, and holographic imagery, which are easy for trained
receivers to verify.
The third type of authentication relies on documentation or other external affirmations. In criminal
courts, the rules of evidence often require establishing the chain of custody of evidence presented.
This can be accomplished through a written evidence log, or by testimony from the police detectives
and forensics staff that handled it. Some antiques are accompanied by certificates attesting to their
authenticity. Signed sports memorabilia is usually accompanied by a certificate of authenticity. These
external records have their own problems of forgery and perjury, and are also vulnerable to being
separated from the artifact and lost.
In computer science, a user can be given access to secure systems based on user credentials that
imply authenticity. A network administrator can give a user a password, or provide the user with a
key card or other access device to allow system access. In this case, authenticity is implied but not
guaranteed.
Consumer goods such as pharmaceuticals, perfume, fashion clothing can use all three forms of
authentication to prevent counterfeit goods from taking advantage of a popular brand's reputation
(damaging the brand owner's sales and reputation). As mentioned above, having an item for sale in
a reputable store implicitly attests to it being genuine, the first type of authentication. The second
type of authentication might involve comparing the quality and craftsmanship of an item, such as an
expensive handbag, to genuine articles. The third type of authentication could be the presence of
a trademark on the item, which is a legally protected marking, or any other identifying feature which
aids consumers in the identification of genuine brand-name goods. With software, companies have
taken great steps to protect from counterfeiters, including adding holograms, security rings, security
threads and color shifting ink.[1]

Factors and identity[edit]

The ways in which someone may be authenticated fall into three categories, based on what are
known as the factors of authentication: something the user knows, something the user has, and
something the user is. Each authentication factor covers a range of elements used to authenticate
or verify a person's identity prior to being granted access, approving a transaction request, signing a
document or other work product, granting authority to others, and establishing a chain of authority.
Security research has determined that for a positive authentication, elements from at least two, and
preferably all three, factors should be verified.[2] The three factors (classes) and some of elements of
each factor are:

This is a picture of the front (top) and back (bottom) of an ID Card.

the knowledge factors: Something the user knows (e.g., a password, pass phrase,
or personal identification number (PIN), challenge response(the user must answer a question, or
pattern)

the ownership factors: Something the user has (e.g., wrist band, ID card, security
token, cell phone with built-in hardware token, software token, or cell phone holding a software
token)

the inherence factors: Something the

user is or does (e.g., fingerprint, retinal pattern, DNA sequence (there are assorted definitions of
what is sufficient), signature, face, voice, unique bio-electric signals, or other biometric identifier).

Two-factor authentication[edit]
Main article: Two-factor authentication
When elements representing two factors are required for authentication, the term two-factor
authentication is applied e.g. a bankcard (something the user has) and a PIN (something the
user knows). Business networks may require users to provide a password (knowledge factor) and a
pseudorandom number from a security token (ownership factor). Access to a very-high-security

system might require a mantrap screening of height, weight, facial, and fingerprint checks (several
inherence factor elements) plus a PIN and a day code (knowledge factor elements), but this is still a
two-factor authentication.

Product authentication[edit]

A Security hologram label on an electronics box for authentication

Counterfeit products are often offered to consumers as being authentic. Counterfeit consumer
goods such as electronics, music, apparel, and Counterfeit medications have been sold as being
legitimate. Efforts to control the supply chain and educate consumers help ensure that authentic
products are sold and used. Even security printing on packages, labels, and nameplates, however, is
subject to counterfeiting.
A secure key storage device can be used for authentication in consumer electronics, network
authentication, license management, supply chain management, etc. Generally the device to be
authenticated needs some sort of wireless or wired digital connection to either a host system or a
network. Nonetheless, the component being authenticated need not be electronic in nature as an
authentication chip can be mechanically attached and read through a connector to the host e.g. an
authenticated ink tank for use with a printer. For products and services that these Secure
Coprocessors can be applied to, they can offer a solution that can be much more difficult to
counterfeit than most other options while at the same time being more easily verified.

Packaging[edit]