Authentication is the concept of security management and means the identity verification of any entity (person, system). Thus, determination whether the entity is the one for which poses as.
Authentication methods are based on the proof of the identity of the entity. There are roughly three basic methods of authentication:
- Authentication according to what the entity has (e.g. ID card, identification document, credit card, key)
- Authentication according to what the entity knows (e.g. PIN, password, access phrase)
- Authentication according to what the entity is (e.g. different biometric data such as fingerprint)
Each of the authentication methods has in a particular use its advantages and disadvantages. The methods are often combined in practice.
Use of the authentication in practice: Authentication is one of the security measures and provides protection against false identity. It is used in all business processes that require human verification of identity, specific software, data report or other entity. Authentication usually precedes authorization. Authentication in organizations belongs to the security management and therefore it is in a responsibility of the Security Manager (CSO).