• Grid View
  • List View
SUBSCRIPTION
PLANS
  • Technology Trends - The Business Case for Keystroke Dynamics in Multi-Factor Authentication

    The Business Case for Keystroke Dynamics in Multi-Factor Authentication

    Username and password pairs as authentication factors are as weak as they are ubiquitous. They can be phished, stolen, discovered, and cracked in a number of ways. Use of a single factor of authentication is so weak that the Federal Financial Institutions Examination Council (FFIEC) is requiring that all online banking services adopt multi-factor authentication by the end of 2006. In light of these needs, a biometric method known as keystroke dynamics (or, keyboard or typing dynamics) is emerging as an effective way to strengthen user authentication. This special report provides scenarios that illustrate the application of keystroke dynamics. We then present a probability model that can be used to analyze the security benefits of multi-factor authentication. Finally, we present an economic analysis of the financial benefits of keystroke dynamics. (8 pp., 5 figs.) [Executive Summary]

    December, 2006

  • IT Best Practices - Proof of Concept Evaluates Secure Internet Customer Services (1Q03)

    Proof of Concept Evaluates Secure Internet Customer Services (1Q03)

    The Social Security Administration recently completed proof of concept testing of a number of technologies aimed at reducing its workload and enhancing efficiency of handling customer transactions.  The project was successful in showing that existing technologies could ensure secure access, protect data, and shield the privacy of CRM information.  The interoperability of applications run on hardware from multiple vendors and several software applications was an important result of this proof of concept. 

    February, 2003

  • IT Best Practices - Web Services Moving Toward Federated Authentication (May 2002)

    Web Services Moving Toward Federated Authentication (May 2002)

    The major concern of online shoppers remains the security of e-commerce sites. While the number of consumers willing to provide credit card numbers or personal information online continues to rise, the lack of easily used security measures remains an impediment to more rapid growth in those numbers.  Security requirements also extend to the necessity for nonrepudiation of transactions, so merchants can be assured that the online orders are valid and were made by the credit card owners.

    May, 2002