Setting aside the fact that smartcards and other cryptographic devices constitute "two factor" authentication, the term is often used to refer to a large class of personal authentication devices that generate a pass phrase or other login code, used to access online resources. There are three important sub-classes:

Time Syncronised One Time Password: every thirty seconds or so, the device generates a fresh pseudo random one time password. The pseudo random number generator is seeded uniquely for each specific device.

Read more

There are several policy approaches to authentication, in principle, which tend to vary from one jurisdiction to another according to political philosophy.

Read more

There are three different types of electronic signature legislation worldwide, offering different degrees of legal certainty with respect to security technology, and fundamental trade-offs with respect to freedom of choice.

Read more

The OASIS IDtrust Member Section was formed in 2006, partly on top of the erstwhile PKI Forum and OASIS PKI Member Section, in response to an intensifying yet broadening interest amongst businesses and vendors in the tpics of "identity" and "trust". In this we are probably paralleling the "Identity 2.0" movement.

Read more

A number of mechanisms apart from PKI may be used to authenticate people and entities online.