View article

The Internet has consolidated itself as a very powerful platform that has changed the communication and business transactions. Now, the number of users navigating through the Internet is more than 2.4 billion. This large audience demands online commerce, knowledge sharing, social networks etc., which grew exponentially over the past few years. Thus, it leads to the need for security and enhanced privacy. In recent days, fraud over the Internet constitutes one of the main drawbacks for the widespread of the use of commercial applications. Therefore, the three vital security issues take place every day in our world of transparent fashion, more precisely: identification, authentication and authorisation. Identification is a process that enables recognition of an entity, which may be either, a human, a machine, or another asset such as a software programme. In security systems, authentication and authorisation are two complementary mechanisms for determining who can access the information resources over a network. Many solutions have been proposed in the literature, from a simple password to recent technologies based on RFID (Radio Frequency IDentification) or biometrics (Mahier et al., 2008). This paper provides an overview on existing authentication methods, and its pros and cons when designing an online service.