1.5+Authenticity


 * Authenticity**


 * Authenticity** means establishing a user’s identity beyond reasonable doubt. Authenticating the user is crucial in many scenarios, particularly in business and legal matters. A simple example of authentication is a user login to a network. A more advanced example would be the use of encrypted digital signatures in a business transaction or the use of watermarking on digital photographs.

Three different types of information that can be used for authentication are something you know, something you have, and something you are. Explain each type and provide examples of each. What are the strengths and weaknesses of each type.

Something you know:
 * password
 * PIN code
 * Strength: unable to access without knowing the password
 * Weakness: password may be easily guessed by someone else

Something you have:
 * passport
 * driving license
 * identity card
 * magnetic swipe card
 * Strength: able to identify your information and give access to a place
 * Weakness: can be stolen by someone else, it also can be created by someone else in your name for unknown or malicious purposes (identify theft)

Something you are:
 * fingerprint
 * eye scans/retina scans
 * DNA
 * Strength: biological data, everyone has their own unique fingerprint or DNA
 * Weakness: prints can be changed through surgery
 * Concern: personal privacy, people may feel uncomfortable to share their biological data or allow the data to be saved in the database