Showing posts from November, 2016

Authentication, Attribution & Identity

By Ken Moyle As practitioners in the Digital Transformation space, we hear our share of concerns about authentication, especially in the area of electronic contracts. When we get asked, we find it’s important to clarify what is meant by authentication.  For example:  In IT terms, authentication means using a previously issued credential to grant access to a system.  So, when I use my userID and password to log onto my email account, I have authenticated myself. In legal terms, authentication means proving the genuineness of a document or any part of it, including a signature.  To get a document entered into evidence, I will need to establish a foundation and I will need to fend off any objections to the authenticity of the document or its contents. When we are talking about signatures, neither of those definitions really fits. And that’s because we often will use the term “authentication” when we really mean “attribution.” After all, as a party relying on the veracity