Hacker News new | ask | show | jobs
by braincoke 1672 days ago
I believe it's - Something you have (key, device,...) - Something you know - Something you are (biometry)

In Europe there is a regulation (PSD2) that defines a strong authentication as 2 of the 3 listed above.
1 comments
amalcon 1672 days ago
I've always disliked this breakdown. My body is something I have -- it's just potentially (not always practically -- see the article) more difficult to clone or otherwise use without my consent than a key fob or something.

Edit: To be clear, I don't think this is an argument for biometrics, but rather an argument against them. They can't complement something I have in a two factor scheme, because my biometrics are something I have.

link
jagged-chisel 1672 days ago
But it's the parts that are easily forgeable (fingerprints, retinas, etc) that are being relied upon. By "forgeable" I mean "things that someone else can also have by creating copies."

I don't think we have yet good metrics on how to detect specific individuals using a full-body scan. Not to mention the invasiveness of creating your personal initial dataset. Most folks won't stand for it. So right back to parts that are forgeable...

link
avianlyric 1671 days ago
Your body isn’t very easy to replace. Passwords and devices are.
link
SEJeff 1671 days ago
This is precisely why he is a poor “password” / secret replacement.

Whelp, your fingerprints have been cloned. Time to go get them burned off and get some new ones. Yeah, that’s not gonna work.

link
folkrav 1671 days ago
I'd tend to describe one's body as a state more than a possession. You are your body, it's not something you can get rid of.
link