Electronic authentication (e-authentication) is the process of establishing confidence in user identities electronically presented to an information system.
Authentication provider Market size estimated by Gartner estimate stand at 2 billion dollar growing at average 30% year on year with about 150 vendors.
Authentication technologies companies can be segmented to 3 types :
- Client-side software or hardware, such as PC middleware, smart cards and biometric capture devices (sensors)
- Software, hardware or a service, such as access management or Web fraud detection (WFD), that makes a real-time access decision and may interact with discrete user authentication software, hardware or services (for example, to provide “step up” authentication)
- Credential management software, hardware or services, such as password management tools, card management (CM) tools and public-key infrastructure (PKI) certification authority (CA) and registration authority (RA) tools (including OCSP responders)
- Software, hardware or services in other markets, such as Web access management (WAM) or VPN, that embed native support for one or many authentication method.
Specialist vendor provide SDK,while commodity vendor provide one-time password (OTP) tokens (hardware or software) and out of band (OOB) authentication methods.
Shift is happening in industry from traditional hardware tokens to phone-based authentication methods or supporting knowledge-based authentication (KBA) methods or X.509 tokens (such as smart cards). NIST defines three types of authentication methods: