As CJIS Solutions president, former New Jersey police officer Michael Coppola provides Criminal Justice Information Services (CJIS) compliant “cop simple” cloud computer services that meet the needs of police and sheriff’s departments. Writing in officer.com, Michael Coppola addressed the topic of Advanced Authentication (AA) and the ability to access Criminal Justice Information from a portable device or desktop computer.
The days in which password and username, or Something You Know, were sufficient to securely authenticate a user are in the past. This not only has to do with human fallibility, but unsecured website connections and viruses that enable hackers to record keystrokes and capture what is typed. Another threat is software that generates thousands of password combinations each second, until the right one is secured.
AA adds the element “Something You Have” as a requirement for user access and typically involves a 2 Factor Authentication process. The method involves initially logging into a system using username, PIN number, or password. This is followed by a one-time-use only passcode that is delivered via a secondary method, such as a USB device or smartphone.
Another AA route is through risk-based authentication, which brings together multiple factors as part of a collective calculation that decides a user’s access pass/fail rating. For example, the factors may be username and password, as well as five challenge questions and computer forensic information such as the geographical location of the device.
Michael Coppola 