Also found in: Dictionary, Thesaurus, Medical, Legal, Financial, Acronyms, Wikipedia.
Related to authentication: Authentification


Security measure designed to protect a communications system against fraudulent transmissions and establish the authenticity of a message.


The verification of the identity of a person or process. In a communication system, authentication verifies that messages really come from their stated source, like the signature on a (paper) letter. The most common form of authentication is typing a user name (which may be widely known or easily guessable) and a corresponding password that is presumed to be known only to the individual being authenticated. Another form of authentication is biometrics.


(1) Verifying the integrity of a transmitted message. See message integrity, email authentication and MAC.

(2) Verifying the identity of a user logging into a network. Passwords, digital certificates, smart cards and biometrics can be used to prove the identity of the client to the network. Passwords and digital certificates can also be used to identify the network to the client. The latter is important in wireless networks to ensure that the desired network is being accessed. See identity management, identity metasystem, OpenID, human authentication, challenge/response, two-factor authentication, password, digital signature, IP spoofing, biometrics and CAPTCHA.

Four Levels of Proof

There are four levels of proof that people are indeed who they say they are. None of them are entirely foolproof, but in order of least to most secure, they are:

1 - What You Know
Passwords are widely used to identify a user, but only verify that somebody knows the password.

2 - What You Have
Digital certificates in the user's computer add more security than a password, and smart cards verify that users have a physical token in their possession, but both laptops and smart cards can be stolen.

3 - What You Are
Biometrics such as fingerprints and iris recognition are more difficult to forge, but you have seen such systems fooled in the movies all the time!

4 - What You Do
Dynamic biometrics such as hand writing a signature and voice recognition are the most secure; however, replay attacks can fool the system.
References in periodicals archive ?
Users simply suspend their hand above the authentication device and their palm vein pattern is compared to their pre-registered pattern for verification.
Hitachi began researching and developing finger vein authentication technology in 1997, with its Central Research Laboratory at the forefront of these efforts.
S/MIME Digital Signatures: Prove You Are A Trusted Sender One of the most time-tested approaches to e-mail authentication is to apply S/MIME digital signatures to outbound e-mail.
Central authentication for multiple applications is coming first to major research institutions and only very slowly to other IHEs.
y By broadening even more our range of strong authentication solutions, we offer to our clients to choose, according to criteria such as easiness to use, authentication channel (single and/or multichannel), association with other services, the best suited solution to their environment e, says Philippe BUSCHINI, SVP Marketing of nCryptone.
Fingerprint authentication can be hindered by friction or dryness of the skin, while iris scanning can be difficult depending on the size of the user's eye, thereby preventing successful registration and verification at times.
DH-CHAP is the simplest of the authentication protocols.
Its 100% software authentication solutions eliminate the need for hardware tokens and complex login processes providing customers with strong, PKI-based authentication with the simplicity of a username/password interface.
Compared to the costs of forever looking for and implementing filter-based, rules-based and AI-based technologies to solve this problem, Source Authentication offers a solution for a one-time development cost.
They provide strong two-factor authentication (exceeding FFIEC and NCUA guidelines) as well as effective site authentication (mutual authentication) that protects against phishing, pharming, and online fraud, while allowing users to continue to enjoy the simple, comfortable user experience with which they are already familiar.
In this example, Tom is the subject, the brokerage portal is the authentication authority, and the trading application and the key server are the relying parties.
We are delivering on our commitment to make it easier for users to get the benefits of stronger security in the devices they already own, and provide account providers and enterprises with a flexible mechanism to arm their customers with stronger authentication without having to procure and deliver stand-alone authenticators," said Toffer Winslow, vice president of product management and product marketing, Enterprise Solutions at RSA, The Security Division of EMC.

Full browser ?