{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,2]],"date-time":"2025-08-02T18:00:54Z","timestamp":1754157654430,"version":"3.41.2"},"reference-count":22,"publisher":"Emerald","issue":"1","license":[{"start":{"date-parts":[[2009,3,20]],"date-time":"2009-03-20T00:00:00Z","timestamp":1237507200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009,3,20]]},"abstract":"<jats:sec><jats:title content-type=\"abstract-heading\">Purpose<\/jats:title><jats:p>The purpose of this paper is to present a new method for ranking authentication products. Using this method, issues such as technical performance, application\/system\u2010specific requirements, cost and usability are addressed. The method simplifies and makes the selection process more transparent by identifying issues that are important when selecting products.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Design\/methodology\/approach<\/jats:title><jats:p>The paper used quantitative cost and performance analysis.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Findings<\/jats:title><jats:p>The method can be widely applied, allowing the comparison and ranking of an extensive variety of authentication products (passwords, biometrics, tokens). The method can be used for both product selection and the process of product development as supported by the case studies.<\/jats:p><\/jats:sec><jats:sec><jats:title content-type=\"abstract-heading\">Originality\/value<\/jats:title><jats:p>This is a work that demonstrates how to compare authentication methods from different categories. A novel ranking method has been developed which allows the comparison of different authentication products in a defined usage scenario.<\/jats:p><\/jats:sec>","DOI":"10.1108\/09685220910944740","type":"journal-article","created":{"date-parts":[[2009,3,14]],"date-time":"2009-03-14T08:01:54Z","timestamp":1237017714000},"page":"30-43","source":"Crossref","is-referenced-by-count":3,"title":["Formalizing the ranking of authentication products"],"prefix":"10.1108","volume":"17","author":[{"given":"Kirsi","family":"Helkala","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Einar","family":"Snekkenes","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"140","reference":[{"key":"key2021010620114891700_b1","unstructured":"Abbott, J. (2007), \u201cSmart cards: how secure are they?\u201d, available at: www.sans.org\/reading_room\/whitepapers\/authentication\/131.php, (accessed 18 April 2007)."},{"key":"key2021010620114891700_b2","unstructured":"Bhargav\u2010Spantzel, A., Squicciarini, A., Shimon, M., Young, M., Bertino, E. and Elliot, S. (2006), \u201cPrivacy preserving multi\u2010factor authentication with biometrics\u201d, Proceedings of the 2006 Workshop on Digital Identity Management, Vol. 2006, pp. 63\u201072."},{"key":"key2021010620114891700_b3","unstructured":"Datatilsynet (The Data Inspectorate) (2007), \u201cRisikovurdering av informasjonssystem med utgangspunkt i forskrift til personopplysningsloven\u201d, available at: www.datatilsynet.no, (accessed 18 April 2007)."},{"key":"key2021010620114891700_b4","doi-asserted-by":"crossref","unstructured":"Gafurov, D., Helkala, K. and S\u00f8ndrol, T. (2006), \u201cBiometric gait authentication using accelerometer sensor\u201d, Journal of computers, Vol. 1 No. 7, pp. 51\u20109.","DOI":"10.4304\/jcp.1.7.51-59"},{"key":"key2021010620114891700_b5","unstructured":"Gafurov, D., Snekkenes, E. and Bours, P. (2007), \u201cSpoof attacks on gait authentication system\u201d, Transactions on Information Forensics and Security, Vol. 2 No. 2, pp. 491\u2010502."},{"key":"key2021010620114891700_b6","unstructured":"Gravn\u00e5s, H. (2005), \u201cUser's trust in biometric authentication systems \u2013 do not take end\u2010user for granted\u201d, MS thesis in Information Security, Gj\u00f8vik University College, Gj\u00f8vik."},{"key":"key2021010620114891700_b7","unstructured":"Helkala, K. (2007), \u201cAuthentication in a Norwegian health service (survey report)\u201d, Proceedings of International Symposium on Health Informatics and Bioinformatics, p. 2007."},{"key":"key2021010620114891700_b8","doi-asserted-by":"crossref","unstructured":"Husemann, D. (1999), \u201cThe smart card: don't leave home without it\u201d, IEEE Concurrency, Vol. 7, pp. 24\u20107.","DOI":"10.1109\/4434.766959"},{"key":"key2021010620114891700_b9","unstructured":"Maio, D., Maltoni, D., Cappelli, R., Wayman, J. and Jain, A. (2002), \u201cFVC2000: fingerprint verification competition\u201d, Transactions on Pattern Analysis and Machine Intelligence, Vol. 24, pp. 402\u201012."},{"key":"key2021010620114891700_b10","unstructured":"Maltoni, D., Maio, D., Jain, A.K. and Prabhakar, S. (2003), Handbook of Fingerprint Recognition, Springer, New York, NY."},{"key":"key2021010620114891700_b11","unstructured":"Mansfield, A. and Wayman, J. (2002), \u201cBest practices in testing and reporting performance of biometric devices NPL report CMSC 14\/02\u201d, NPL Report CMSC 14\/02 Version 2.01."},{"key":"key2021010620114891700_b12","unstructured":"MISCO.CO.UK Web site (2008), \u201cRSA SecurID(applicance\u201d, available at: www. misco.co.uk\/CONTENT\/PROMOS\/RSA\/SECUREID.ASP?bp1, (accessed 26 March)."},{"key":"key2021010620114891700_b13","unstructured":"NEUROtechnologija Web Site (2008a), \u201cPrices for our products\u201d, available at: www.neurotechnologija.com\/prices.html, (accessed 26 March)."},{"key":"key2021010620114891700_b14","unstructured":"NEUROtechnologija Web Site (2008b), \u201cVeriFinger, PC\u2010based fingerprint recognition technology\u201d, available at: www.neurotechnologija.com\/verifinger.html, (accessed 26 March)."},{"key":"key2021010620114891700_b15","unstructured":"NIST (2006), \u201cSecurity: electronic authentication guideline\u201d, NIST Special Publication 800\u201063, Version 1.0.2."},{"key":"key2021010620114891700_b16","unstructured":"O'Gorman, L. (2003), \u201cComparing passwords, tokens, and biometric for user authentication\u201d, Proceedings of IEEE, Vol. 91, pp. 2019\u201040."},{"key":"key2021010620114891700_b17","unstructured":"Phillips, P.J., Moon, H., Rizvi, S.A. and Rauss, P.J. (2000), \u201cThe FERET evaluation methodology for face\u2010recognition algorithms\u201d, Transactions on Pattern Analysis and Machine Intelligence, Vol. 22, pp. 1090\u2010104."},{"key":"key2021010620114891700_b18","unstructured":"Pond, R., Podd, J., Bunnell, J. and Henderson, R. (2000), \u201cWord association computer passwords: the effect of formulation techniques on recall and guessing rates\u201d, Computers & Security, Vol. 19, pp. 645\u201056."},{"key":"key2021010620114891700_b19","unstructured":"Stalling, W. (2006), Cryptography and Network Security, Prentice Hall, Upper Saddle River, NJ."},{"key":"key2021010620114891700_b20","unstructured":"Statham, P. (2005), \u201cThreat analysis: how can we compare different authentication methods?\u201d, paper presented in the Biometric Consortium, 2005, Hyatt Regency Crystal City, Arlington, VA."},{"key":"key2021010620114891700_b21","unstructured":"StorageMojo Web site (2007), \u201cRSA security price list\u201d, available at: storagemojo.com\/?page_ id\u2009=\u2009417, (accessed 26 March 2008)."},{"key":"key2021010620114891700_b22","unstructured":"Yan, J., Blackwell, A., Anderson, R. and Grant, A. (2004), \u201cPassword memorability and security: empirical results\u201d, IEEE Security and Privacy, September\/October, pp. 25\u201031."}],"container-title":["Information Management &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/09685220910944740","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685220910944740\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685220910944740\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T00:09:08Z","timestamp":1753402148000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/17\/1\/30-43\/179628"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009,3,20]]},"references-count":22,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2009,3,20]]}},"alternative-id":["10.1108\/09685220910944740"],"URL":"https:\/\/doi.org\/10.1108\/09685220910944740","relation":{},"ISSN":["0968-5227"],"issn-type":[{"type":"print","value":"0968-5227"}],"subject":[],"published":{"date-parts":[[2009,3,20]]}}}