How to compare e-Authentication Methods?
Below is a table showing the comparison among the common authentication methods on areas of Assurance Level, ease of 'Token' distribution, installation and configuration.
| Authentication Method | Assurance Level | 'Token' Distribution | Installation / Configuration |
|---|---|---|---|
| Password | Level 1-2 Depending on the password policy. | User selectable | No additional software is required |
| SMS | Level 3 Together with another factor of authentication. | Through SMS | An SMS-enabled cell phone is required. |
| Symmetric Key / OTP Token | Level 3-4 Together with another factor of authentication. Hard token is required for Level 4 assurance. | Through registered mail or self-collection | No additional software is required. |
| Public Key | Level 3-4 Together with another factor of authentication. Hard token is required for Level 4 assurance. | Through registered mail or self-collection | Installation of smart card reader with related driver software, or importing of digital certificate into a key-store is required. |
| Biometrics | Level 1-4 Depending on the security of the biometrics reader. | The token is 'what you are' | Installation of biometrics reader is required |
It is envisaged that the wide spectrum of the availability of authentication technologies and solutions in respect of the strength, cost, portability and ease of use etc. will continue to exist in the foreseeable future.
|