{"id":4417,"date":"2022-02-21T06:44:00","date_gmt":"2022-02-21T06:44:00","guid":{"rendered":"https:\/\/wibmo.com\/identification-authentication-authorisation-know-the-difference\/"},"modified":"2024-06-04T06:28:19","modified_gmt":"2024-06-04T06:28:19","slug":"identification-authentication-authorisation-know-the-difference","status":"publish","type":"post","link":"https:\/\/wibmo.com\/blogs\/identification-authentication-authorisation-know-the-difference\/","title":{"rendered":"Identification, Authentication, Authorisation \u2014 Know the Difference"},"content":{"rendered":"\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

We undergo the process of Identification, Authentication, and Authorization every day in both physical and digital worlds.<\/p>\n

Let\u2019s first start with the physical world.<\/p>\n

You have been planning for a weekend vacation for a long time but have been stalling because of the busy work schedule. After months of long hours of work, you finally find a weekend for a getaway. After work hours you meticulously plan the vacation \u2014 the place to visit, the hotel to stay, the to-do activities, and whatnot.<\/p>\n

Finally, the getaway weekend has arrived and the first thing that you do after reaching your destination: is Check-in into the hotel<\/p>\n

1. Identification<\/strong> \u2014 You walk to the hotel reception and mention that you have a prior booking at the hotel. The first thing the receptionist asks is for your name. The receptionist then checks through the register to confirm of your booking.<\/p>\n

By providing your name, you claimed your identity. Your name, more or less, is unique and used for identification.<\/p>\n

2. Authentication<\/strong> \u2014 Once the receptionist has got your name in the booking register, you are asked to present an ID card. The ID card verifies that you are the person whose name is on the reservation<\/p>\n

Here, the ID card facilitates the process of authentication and verifies your identity.<\/p>\n

3. Authorisation<\/strong> \u2014 After the receptionist has done the necessary authentication process\/paperwork, you receive a guest keycard. The guest\u2019s keycard grants you access to your room, the guest elevators, and the pool \u2014 but not other guests\u2019 rooms or the service elevator.<\/p>\n

Hotel employees have a service keycard, authorized to access more areas of the hotel than guests are.<\/p>\n

You enjoy the next few days to the fullest and finally be well-rested and rejuvenated. It\u2019s time to go back to your work and give your best. It\u2019s time to check out and walk to the reception desk. You hand over your card to the receptionist to pay the bill.<\/p>\n

At this moment you have jumped into the digital world of identification, authentication, and authorization.<\/p>\n

1. Identification<\/strong> \u2014 The receptionist puts your card through a POS terminal. The information stored on your magnetic strip\/EMV chip enables the banking systems to identify your valid account details \u2014 a bank that has your account, your account details, etc.<\/p>\n

Here the information on your card\u2019s magnetic strip\/EMV chip is analogous to your name which you used during check-in.<\/p>\n

2. Authentication<\/strong> \u2014 You are then requested to enter your card PIN. Your card PIN is confidential to you \u2014 only you know it (an ideal case). By providing the PIN, you establish the validity of you being the owner of the card, associated with the bank account.<\/p>\n

The PIN authenticates that you are the owner of the bank account, from which money would be transferred to the hotel for its services.<\/p>\n

3. Authorisation<\/strong> \u2014 There are multiple stakeholders involved when you are making transactions through your card. The bank in which you have your account, the card networks \u2014 Visa\/Mastercard\/Amex\/Diners, the bank which has the hotel account, the software provider for the POS terminal, etc. Each stakeholder has a specific role to play.<\/p>\n

For example, the bank \u2014 which has your account- confirms that your account has enough balance amount. It then authorizes the deduction of the bill amount from your bank account.<\/p>\n

It may seem that all three steps \u2014 identification, authentication, and authorization are inseparable. But that\u2019s not true. Remember the last time you uploaded a file on your Google Drive\/One Drive and shared a public link. Here, you have authorized anyone with the link to access that file without any prior identification or authentication.<\/p>\n

Probably, the value of the file is far less than the value of the money in your bank account. Hence, the banking world uses cutting-edge solutions<\/a> to predict, prevent and detect fraudulent transaction attempts on your card.<\/p>\n

Author:<\/strong><\/p>\n

Sujit Kumar Mahato<\/a>, Product Manager<\/p>\n

Wibmo<\/a> A PayU\/Naspers FinTech Company<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t

\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t