3.3. Using authenticating devices

For user authentication, special devices can be used that store authentication information. The most common devices today are smart cards, magnetic stripe cards, iButton electronic tablets, and USB tokens.

The uniqueness of each of these items is determined by the information that it contains. In the simplest case, this information is the user ID and password, which are simply read from the media and transmitted to the authentication module. A more complicated case is that the carrier contains a cryptographic key that is used in any of the remote authentication protocols. Often, such devices are used within two-factor authentication , when additional password authentication methods are used with the device (entering a PIN code when using an electronic magnetic card).

The threats to this type of authentication include:

• theft of an authenticating item from its owner;

• the need for special equipment to work with devices;
• the possibility of making a copy or device emulator.

Despite these threats, authentication using special devices is becoming increasingly popular, especially since many popular information systems already have built-in support for this kind of authentication. Thus, Microsoft Windows 2000 and higher operating systems have built-in authentication support using USB tokens.