Fundamental Difference between ‘Authentication’ and ‘Identification

“What is valid for ‘identification’ must be valid for ‘authentication, and vice versa” — This is a misperception shared by not a few IT professionals, particularly conspicuous among pro-biometrics folks.

It cannot be the case — ‘Identification’ is to give an answer to “Who is this person?” while ‘Authentication’ is to give the answer to “Is this person the one who claims to be?” Can they be equated as the same?

Hence, the correct perception must be “What is valid for identification is not necessarily valid for authentication, and vice versa”.

The typical example is DNA, which is very valid for identification but just invalid for authentication; DNA can be indefinitely copied and easily spread all over the world.

Another one is the secret credential like a remembered password that is valid for authentication but invalid for identification; Such a statement as “Passwords are not good for identification” is only nonsensical.

It is sad that we still have to take up such a very basic ABC; we have already been talking about ‘identification and authentication’ over many decades and yet we see so many people being so indifferent to this essential difference.

Ref: “Leak-resistant Secret Credential

Key References

Quantum Computing and Password Authentication
Biometrics is to Password what Back door is to Front door

Removal of Passwords and Its Security Effect

Negative Security Effect of Biometrics Deployed in Cyberspace

External Body Features Viewed as ‘What We Are’

Additional References

For Achieving Solid Digital Identity on Information Security Buzz (Mar/2021)

What We Know for Certain about Authentication Factors

Digital Identity for Global Citizens
Image-to-Code Conversion by Expanded Password System

Summary and Brief History — Expanded Password System

Proposition on How to Build Sustainable Digital Identity Platform

Account Recovery with Expanded Password System

History, Current Status and Future Scenarios of Expanded Password System

Availability-First Approach

Update: Questions and Answers — Expanded Password System and Related Issues

< Videos on YouTube>

Slide: Outline of Expanded Password System (3minutes 2seconds)

Digital Identity for Global Citizens (10minutes — narrated)

Demo: Simplified Operation on Smartphone for consumers (1m41s)

Demo: High-Security Operation on PC for managers (4m28s)

Demo: Simple capture and registration of pictures by users (1m26s)

Slide: Biometrics in Cyber Space — “below-one” factor authentication




Advocate of ‘Identity Assurance by Our Own Volition and Memory’, Inventor of Expanded Password System and Founder of Mnemonic Identity Solutions Limited in UK.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How to Stay Safe on the Dark Web

The Security Problem You Forgot Wasn’t Solved Yet

AnySwap launches on Ethereum Nov 19, 10 pm GMT

{UPDATE} Looper - Save The Twain Hack Free Resources Generator

Zoom Is Safer Now, Thanks to Hackers

Teamviewer Mac Server Did Not Respond

[Research Note] DODO’s IDO and Cresco

Techceleration and Identity Assurance

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Hitoshi Kokumai

Hitoshi Kokumai

Advocate of ‘Identity Assurance by Our Own Volition and Memory’, Inventor of Expanded Password System and Founder of Mnemonic Identity Solutions Limited in UK.

More from Medium

With Episodic Memory, ‘What We Remember’ Makes ‘What We Are’

CS373 Spring 2022: John Powers

Elliptic Curve Cryptography (ECC)

Signatures, Key Management, and Trust in Software Supply Chains — Part 1: Identities, Signatures…