1.5 Authenticity

Authenticity is often a confusing term for students. In the context of ITGS, authenticity refers to users proving their identity - for example, using passwords, biometrics, or some other authentication mechanism.

Passwords and biometrics

Passwords, biometrics, and two-factor authentication

The video Secure Passwords Explained by CommonCraft is a good introduction to this topic. Why passwords have never been weaker - and crackers have never been stronger and How I Became a Password Cracker (ARS Technica) explain the security threats facing passwords.

Two-Step Verification is inconvenient, but more secure (NY Times) and Google's Alternative to the Password (MIT) offer alternatives to passwords.

Biometrics (BBC) are often hailed as a better authentication mechanism, and modern systems can even recognise users by the way they walk (Science Daily).

Problems with biometrics

Questions have been raised about the accuracy of biometric systems. For example, in 2018 it was reported that facial recognition technology used by police is only about 10% accurate.

Contrary to popular belief, biometrics systems can be fooled. For example, by using fake silicone fingers (BBC) and even plastic fingerprint surgery (BBC). Voice recogition technology can also be fooled: the BBC fooled HSBC's voice recognition security system for online banking, for example. In 2018 an AI algorithm was revealed that could imitate a person's voice based on only a few samples.

Social and ethical issues

Biometric facial recognition systems can raise privacy issues as they are capable of surveillance without subjects' knowledge or permission - one such example is in the 2001 Super Bowl (The Register). The article You Cannot Encrypt your Face examines this issue in greater detail.

Another potential issue with biometrics is security - ironically there are several major security concerns about using such technology. This Wired article explains the concerns and how they affect stakeholders in various fields.

Updated: 2018-05-21
Electronic passport

Electronic Passports (ePassports)

Numerous countries, including the United States, Canada, Germany, and the United Kingdom now issue electronic passports designed to improve security and reliability.

However, security concerns are high among some people in the IT industry. This article contains many links to cases involving cloning, 'sniffing'of passport data, data tampering, and more. The BBC has also reported (video) on German hackers who were able to clone electronic passports with relatively ease.

Updated: 2014-11-07
Online voting

Electronic Voting software and lesson plan

Electronic voting is a controversial topic. This E-Voting lesson plan uses a simple Java application I wrote to simulate the e-voting process. Students get to vote and then are presented with three sets of results - two of which are falsified. This is a useful practise exercise to stimulate discussions about e-voting and the potential problems that may arise.

The New York Times article Voting Test Falls Victim to Hackers and the video Why Internet-Based Voting Is a Bad Idea are also useful for this task, as are the articles below.
Updated: 2014-11-07
Electronic voting

Electronic Voting articles

E-Voting impacts and issues

Report: Voting Machine Errors Highlight Urgent Need for U.S. Database (Wired) describes many, many problems that have occurred with e-voting machines in recent years. Some of them are quite unusual.  E-voting system awards election to wrong candidates in Florida (ComputerWorld) and Voting Out E-Voting Machines (TIME) both detail further problems.

Oscar's E-Voting Problems Worse Than Feared analyses the problems that faced e-voting systems designed to vote for Oscar nominees, while 'Fake votes' cast in France's first digital election (BBC) explores France's June 2013 open primary mayoral election - both articles are a stark reminder of the myriad problems facing such systems.

Finally,  this is a letter to President Obama about e-voting, written by elections officers and computer security experts - and urging him to resist calls for Internet voting. Online voting is impossible to secure examines the various security issues related to online voting, and discusses why voting is much easier to attack than other secure applications such as online banking.


Science Daily's 'Voter-Verifiable' Voting System Ensures Accuracy And Privacy explains how paper-trails are needed on voting machines, while Aussies Do It Right: E-Voting (Wired) discusses another possible solution - open source voting software (this is a good article for students who believe open source software is "less secure".

Updated: 2018-05-21