Authentication

Laurie Lipton_Illusion-of-Control Tower_2010

Growing up in an era when [graffiti] artists were trying just as hard not to get figured out, as they were trying to get famous, and when the handwritten signature became a document-insertable jpeg, I watched the concept of authentication twitch and struggle to redefine itself in a world of increasingly evaporating identity.

I just finished reading Albert-Laszlo Barabasi’s Bursts. To grossly gloss, it says that humans are painfully predictable. If, for example, you give me access to a couple weeks of reasonable frequent mobile data, I can predict your whereabouts on any given day to an accuracy of at least 80%. Let’s also remember things like the fact that even Target can figure out you’re pregnant before you do. (Not really, but almost.)

One day I got a call from my credit card company:

“You buying some hardhats?”
“No.”
“Okay, we didn’t think so. We’re gonna open up a fraud claim and send you a new card.”

How did they know that it wasn’t me buying a couple hardhats at home depot?

People are predictable, that’s how.

Finally, this brings me to the recent Wired article,

ThePassword is Dead

I wonder then, what does one benefit in offering more personal data in exchange for a more robust, accurate prediction analysis that can be used by authentication services?

notes:

Kill the Password: Why a String of Characters Can’t Protect Us Anymore

Mat Honan 11.15.12

http://www.wired.com/gadgetlab/2012/11/ff-mat-honan-password-hacker/

Bursts, Albert-Laszlo Barabasi, 2010

http://barabasi.com/bursts/

How Companies Learn Your Secrets

CHARLES DUHIGG, February 16, 2012

http://www.nytimes.com/2012/02/19/magazine/shopping-habits.html

Gotcha

http://networkaddress.blogspot.com/2012/11/gotcha.html