Authentication is the verification of information that represents a party making an access request.
An authentication process consists of two steps
- Identification step: Presenting a known unique identifier to the authenticating system, (or sufficient information about the requesting party to resolve to a known identity.)
- Verification step: Presenting or generating information that corroborates the relationship between the identifier the party it identifies.
Because there are many alternatives types of information that can be used by the verification step authentication is referred to as being “factored”. Different authentication methods are classified by how they are factored.
The most common factors are:
- Something the agent knows. Typically a username password combination.
- Something the agent has. For example, a key card or file with a special code.
- Something the agent is. That is, a biometric identifier such as a finger or voice print.
Authentication methods are frequently designated as single-factor, two-factor, or multi-factor authentication according to how many of these factors are used.
Some literature refers to authenticating digital signatures or certificates. This is incorrect. Digital signatures are signed and verified. Digital certificates are issued and validated.