UNIT 5: Authentication vs.

Privacy

WARM-UP
1. Discuss the following questions:
1. What are some common authentication methods?
Common methods include passwords, biometrics, two-factor authentication
(2FA), multi-factor authentication (MFA), token-based, and certificate-
based authentication.
2. What is the difference between authentication and authorization?
Authentication confirms identity, while authorization determines access
rights.
3. Describe the various types of authentication methods and explain their
advantages and disadvantages.
Passwords are simple but vulnerable; biometrics offer security but can be
costly. Two-factor authentication adds security layers, while token-based
methods add complexity.
4. What’s the best way to secure your passwords without having to remember
them all?
Use a password manager, enable two-factor authentication, regularly update
passwords, and avoid reuse for better security.
5. What are some of the most trusted two-factor authentication apps for mobile
devices?
Google Authenticator, Authy, Microsoft Authenticator, Duo Mobile, and
LastPass Authenticator are reputable options for enhancing account security
on mobile devices.
READING
1. Read a text about authentication vs. privacy and mark the following
statements as true or false.
 1. Authentication is the process of determining whether someone or
something is, in fact, who or what it is declared to be. __T_
2. In the first paragraph of the text the types of identifier for
authentication are suggested. _T__
3. The reason of people's worry is that their employer might abuse the
sensitive information. __T_
4. Companies shouldn't care for personal information of employees. _F__
2. Answer the following questions.
1. What types of factor are used for authentication?
Something you know (e.g., password, pass phrase, PIN).
Something you have (e.g., key, token, credit card).
Something you are (e.g., signature, voice, fingerprint).
2. What is a PIN/token/credit card?
These are examples of "something you have" in authentication.
3. What is the strongest authentication factor? Why?
The strongest authentication factor is something you are, such as
biometrics (e.g., fingerprints), as they are unique and difficult to forge.
4. What are the benefits and weaknesses of different types of
authentication?
Password: Easy to use but susceptible to hacking.
Biometrics: Secure but can raise privacy concerns.
Tokens: Provide added security but can be lost or stolen.
Multi-Factor Authentication (MFA): Offers enhanced security but may
inconvenience users.
5. What is Multi-Factor Authentication (MFA)?
MFA involves using two or more authentication factors for added
security. For example, a combination of a password and a fingerprint
scan.
6. How is authentication connected with privacy?

2
 Authentication, especially when using biometrics, involves collecting
and verifying personal data. Balancing strong authentication with
privacy concerns is crucial. Companies should handle personal data
carefully, providing clear policies on usage and ensuring security
measures are in place to prevent misuse.

Authentication vs. Privacy

In the context of both computer security and e-business, authentication is
the reliable identification of an entity, such as a user seeking access to a
computer or network. One of the most widely used authentication mechanisms is
a username and a password. This is one of three types of identifiers or factors
used for authentication:
1. Something you know (e.g., password, pass phrase, personal
identification number (PIN)).
2. Something you have (e.g., key, token, credit card).
3. Something you are (e.g., signature, voice, fingerprint).
An authentication mechanism with only one factor is referred to as single
factor. The more factors, the stronger the authentication. For example, if you
need a PIN and a card, as with an ATM machine (an automated teller machine),
that's stronger security than just a PIN or just a card. Also, since an identifier
that's harder to duplicate is less prone to "spoofing," the more unique the
identifier, the stronger the authentication. So, a long password is better than a
short one, and a safe with one million combinations is harder to crack than one
with a thousand. Finally, the tighter an identifier is tied to the entity it identifies,
the stronger the authentication. For example, including a cardholder photograph
on a card is a huge improvement in security. (When the Royal Bank of Scotland
introduced this feature on ATM cards, fraud was reduced by 70 percent.)
So, what does this aspect of security have to do with privacy? The most
unique identifiers, and thus the strongest authentication factor, are biometrics –

3
quantifiable personal characteristics – of which fingerprints are perhaps the best
known. Just as fingerprints can prove a criminal's guilt, they can prove that the
person logging into the network as Jane Doe really is Jane Doe, and not
someone who guessed Jane Doe's password.
Some people, however, have become so sensitive about sharing personal
data that they object to enrolling in biometric authentication systems. For
example, a recent contributor to the employment advice column of a major
newspaper complained that his company's plan to "make employees submit to
fingerprinting to log into company workstations" was an invasion of privacy. On
one side you have security professionals cheering the company's decision to
improve the level of authentication, while on the other side you have people
suspicious of how their employer might use or abuse the data.
The Good News: Fortunately, there is a middle ground. If the company had
done a better job of explaining why they intended to deploy the technology, they
would have caused fewer concerns. That's because, unlike fingerprinting used
by law enforcement, fingerprint systems used for access control don't capture or
store a complete image of your fingerprint. The data they capture would be
useless for law enforcement. Indeed, some of these systems are incapable of
reproducing an image of your fingerprint, since all they store is a mathematical
abstraction of the image against which they measure the momentary reading
obtained from the scanner when you log in. Furthermore, the better biometric
systems go to considerable lengths to prevent any leakage of the data they use
by encrypting it, erasing it from memory, and so on.
But: Identity can't be proven to the high levels of certainty required by
some transactions without the presentation of strong credentials and unique
identifiers, and these tend to involve personal data. There are times when private
data must be shared, as anyone who has applied for a mortgage well knows.
Smart Move: The smart enterprise attempts to strike the right balance
between both goals. It's sensitive to the privacy concerns of those individuals

4
from whom it obtains private data, and it handles that data with care, explicitly
stating in a privacy policy how it will and won't be used.
Security technology can be employed at this point to control authorized
access to personal data. Consider the aforementioned example. The employer
could obtain fingerprints for identification, but limit their use for that purpose
alone, and only within the company system. But security can only help in this
way if help is sought. There are many situations in which companies that
request personal data for one purpose feel they have a right to use it for other
purposes. One example is companies that sell their customer list to other
companies seeking to market to those customers. If it was against company
policy to do this, security technology could help to prevent it from happening,
but security has nothing to say, or any role to play, about whether such a policy
should or shouldn't exist.
ACTIVE VOCABULARY

spoofing спуфінг
to be suspicious бути підозрілим
an ATM machine банкомат
fraud шахрайство
to abuse зловжити
to apply for a mortgage просити іпотеку
law enforcement проведення законів в життя
strong credentials посвідчення особистості
unique identifiers унікальні ідентифікатори
a reliable identification of an надійна ідентифікація юридичної
entity особи
quantifiable personal вимірні особисті особливості
characteristics
to object to enrolling in biometric заперечити проти реєстрації в
authentication systems системах біометричної
аутентифікації
sensitive data критичні дані
fingerprints відбитки пальця
to deploy the technology розгортати технологію
to erase from memory стерти з пам'яті

5
 to prevent any leakage of data запобігти будь-якому витоку даних
the aforementioned example вищезгаданий приклад

EXERCISES
1. Explain the words and word-combinations.
Mechanisms, to crack, fraud, to prove, to log into, sensitive data, to capture, to
obtain, company policy.
Mechanisms: Systems or processes designed to perform specific functions or
actions.
To crack: To successfully break through or bypass a security measure or system.
Fraud: Deceptive or dishonest activity intended to result in financial or personal
gain.
To prove: To demonstrate or establish the truth or validity of something.
To log into: To gain access to a computer system, network, or application by
providing the required credentials.
Sensitive data: Information that is confidential, private, or requires special
protection due to its nature.
To capture: To take hold of or record something, often referring to data or
information.
To obtain: To acquire or get hold of something, typically through effort or a
specific process.
Company policy: Set rules, guidelines, or principles established by a company to
govern its employees' behavior, actions, and decisions.
2. Fill in the word(s) from the list below. Use the word(s) only once.
Authentication, spoofing, privacy, leakage, aforementioned, abuse,
identification, private, fraud, network.
1 Authentication mechanisms 6 a privacy policy
2 to log into the network 7 to obtain fingerprints for

6
 identification
3 to capture the data 8 to prone to "spoofing"
4 to prevent any leakage 9 Fraud was reduced
5 Private data must be shared 10 the aforementioned example

3. Cross the odd word out.

1) deploy, deplore, arrange, dispose;
2) voice, key, token, credit card;
3) authentication, authority, validation, proof;
4) password, combination, iris scan, personal identification number;
5) direct, preclude, prevent, prohibit.
4. Match the words with definitions.

1. ATM: c - is a banking terminal that accepts deposits and dispenses cash.

2. Authentication: e - is the process of determining whether someone or
something is, in fact, who or what it is declared to be.

3. Leakage: a - is something that escapes.

4. Fraud: b - is deliberate deception, trickery, or cheating intended to gain

an advantage.

5. Identification: d - the process of recognizing specific objects as the result

of remembering.

1 ATM a is something that escapes.

2 authentication b is deliberate deception, trickery, or cheating
intended to gain an advantage.
3 leakage c is a banking terminal that accepts deposits
and dispenses cash.
4 fraud d the process of recognizing specific objects as
the result ofremembering
5 identification e is the process of determining whether
someone or something is, in fact, who or

7
 what it is declared to be.
5. Fill in the correct word derived from the word in bold.
1. Confidentiality (Confidential): The assurance that the content of a
message is known only to its intended recipients.
2. Integrity (Integrate): The assurance that the content of a mes- sage has
not been modified in transit.
3. Availability (Available): The assurance that the content of a message can
be accessed when required by those allowed to access it.
4. Authentication (Authenticate): The assurance that the identity of the
sender of a message can be proved to the recipient as correct.
5. Nonrepudiation (Nonrepudiate): The assurance that the identity of the
sender of a message can be proved to a third party as correct.

6. Choose the correct answer.

1. Security principals are entities such as user accounts or logon sessions
that __________ by the Microsoft Windows security subsystem.
A can authenticate
B can authenticated
C can be authenticated
D can be authenticating
2. Now the information age ____dramatically the ways and situations in
which individuals are identified and authenticated.
A is changing B changes C has changed D is changed

3. Identification and authentication processes must be _________.

A enough B stringent enough C so stringent D stringent so
stringent
4. Ideally, authentication ________ on personal identity facts or other
information and identifiers that individuals acquire during their
lifetime that are not easily or often changed.
8
 A should not be based
B should not base
C should not based
D should not being based
5. These identity facts and numbers are likely ____ to others.
A to be known B to know C known D know
6. Individuals and businesses must protect themselves ______ identity
theft and fraud risk.
A to B of C on D from
7. Sensitive information is privileged or proprietary information which,
if _________ through alteration, corruption, loss, misuse, or
unauthorized disclosure, could cause serious harm to the
organisation owning it.
A to B compromise C compromising D
compromise compromised
8. It is easy _________when they need to login.
A for the user to remember
B for the user remember
C for the user remembering
D for the user remembered
9. An authentication mechanism defines rules about security
information, such as whether ____ credential is forwardable to another
Java process, and the format of how security information is stored in both
credentials and tokens.
Aa B the C an D−
10. A billion words (more or less) _______ on the subject of
authentication.
A are written B have written C have been written D write

9
7. Review crossword. In every word the first letter has been given.
1. (across) The process of determining whether someone or something is, in fact,
who or what it is declared to be.
2. The act of ensuring observance of or obedience to (e.g. law).
3. A temporary, conditional pledge of property to a creditor as security for
performance of an obligation or repayment of a debt.
4. Evidence or testimonials concerning one's right to credit, confidence, or
authority (e.g.passport).
5. Loss of information due to weak security.
6. Knowledge derived from study, experience, or instruction.
7. (down) Like an apple hanging on a tree, waiting for somebody to come along
and pick it.
8. A service that provides proof of the integrity and origin of data.
9. The process of recognizing specific objects as the result of remembering.
10. A deception deliberately practiced in order to secure unfair or unlawful gain.
4c
8n

2e
1,7a

10f 5l

3m

9i

6i

10
1. authentication
2. enforcement
3. mortgage
4. credentials
5. leakage
6. information
7. availability
8. nonrepudiation
9. identification
10. fraud

11