Get the best cybersecurity science, research, resources and insights to help secure and safeguard the digital world.
No Charge. No Spam. Unsubscribe Anytime.

Your digital overlords can see you now!

Your digital overlords can see you now!

Recognition is seen by many as the future of authentication. Are we finally there?

The recent launch of the Facebook Moments application and a look into the sophisticated facial recognition technology deployed to enable it, brought to mind three separate topics and conversations:

  1. A comment by a friend who manages a population scale identity program that "... identity, when it comes to digital service delivery, is a problem you have to solve only once—everything that follows is a matching problem"

  2. A note from another friend who is a really deep thinker on these topics that "... trusted intermediaries are needed for initial registration, but they are not needed (or to be desired) for subsequent transactions"

  3. Gartner's Maverick research on "The Death of Authentication" (Paywall), by Bob Blakley from 2011 when he was at Gartner, about how "... authentication will disappear over time and be replaced by recognition technologies"

All three of the perspectives above, in one way or the other, speak to the the need for authentication simply as a means of trusted introduction, and having little to no utility in subsequent interactions between the two parties.

In the current state of the art, the "matching problem" is handled using attributes and identity resolution techniques. But is that the only, or even the best, way to do that?

The data that Facebook has released about its research indicates that it "... can recognize faces with a 98% accuracy, and it can do so quickly—the company says it can identify you in one picture out of 800 million in less than 5 seconds".

What I find fascinating about that particular number (98% accuracy) is that, it is as good or better than the identity resolution study results that were conducted by NASPO.

And that opens up some really interesting avenues for innovation and implementation. However, if not done with a clear focus for the dignity of an individual, it is also a path fraught with some serious privacy consequences.


A widening breach

Lots of ink about the scope of the OPM data breach. As someone who is directly affected, I am not all that happy about this.


cyberforge: random and relevant


 Tweet  Share  Share  Share  Pin  Email


Get the best cybersecurity science, research, resources and insights to help secure and safeguard the digital world.
No Charge. No Spam. Unsubscribe Anytime.