Forging a stronger tie between the sign-on process and the actual known user who owns that particular account

'Fingerprinting' evolving to protect device IDs

Distinguishing between identity and authentication

When software tokens are as strong as hardware ones

SSL will evolve to meet requirements for ecommerce and mobile

Protecting secret keys or seeds in software without the risk of being stolen is crucial

A natural evolution, but there are a few potential pitfalls to avoid

Time for reputation data on CAs

Needed: a unified way for users to log in websites regardless of the device they are using

Two-factor authentication products slow to catch on

Internet authentication

Separate authentication by websites will remain the reality until access control is done right in Web apps

Stronger authentication is a major security issue yet to be solved

Mobile is more secure than the browser realm because most mobile transactions are conducted through applications, not the browser

Obama administration's digital identities initiative relies on private industry to come together and make it work

Internet needs an infrastructure that enables back ends and users to communicate with each other using better authentication--and allows any number of authentication technologies to sign into it

Most online fraud stems from electronic transactions not associating the identity of the user with the card or account

How can we integrate fingerprints in a standard way?

I'm sure some of you remember a time when you actually used to telephone the bank to do a transaction. Do you remember all the questions they would ask to verify that you were, in fact, the account owner?

When we designed SSL to enable e-commerce on the Web, we had to solve two issues. One was the Web's openness -- the fact that anybody can read anything -- and the other was how parties might authenticate with one another.

A number of distinct developments brought about the current authentication schemes we see in networks today.

Today Dark Reading launches a new feature: the Authentication Tech Center, a subsite of Dark Reading devoted to bringing you news, insight, and in-depth reporting on the topic of authentication and certification of end user access.