home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Ian & Stuart's Australian Mac: Not for Sale
/
Another.not.for.sale (Australia).iso
/
wide open road
/
openmarket.com
/
Payment System
/
authentication
next >
Wrap
Text File
|
1994-11-19
|
2KB
|
53 lines
AUTHENTICATION
_________________________________________________________________
Open Market's payment server implements a modular approach to
authentication, with support for several methods. Additional
mechanisms may be added (such as Secure HTTP, SHEN, and PGP HTTP)
if/when they become widely deployed.
Different authentication methods have different levels of user
convenience. Since all methods may not be appropriate for all
transactions, the payment system dynamically selects a method (or
methods) based on the user and transaction profile. For example, a
small transaction might require only username/password, while a large
transaction would require a hand-held authenticator.
Several methods are currently supported:
Username and Password
Using the standard HTTP "Basic" authentication method, users
enter their name and password into their Web browser for
authentication.
Challenges
The payment system may use information about the user to
compose additional requests for more information to
authenticate a transaction. The idea is very similar to that
used by a bank when they ask "What is your mother's maiden
name?" A challenge asks for a piece of information the user
should know, but which an impostor is not likely to know.
Handheld Authenticators
Authentication devices such as the Secure Net Key from Digital
Pathways, and SecureID from Security Dynamics can be used to
provide a very strong level of security. The payment system
will challenge the user for authentication information from the
device, which must be entered for the transaction to proceed.
More information about authentication for users is available in the
payment system's Security Profile documentation.
Do you have any suggestions, comments, or questions? Please send us
your feedback.
_________________________________________________________________
OMI Home Copyright © 1994 Open Market, Inc. All Rights Reserved.