Parasitic authentication to protect your e-wallet

The electronic wallet (e-wallet), a handheld computer that consolidates a user's personal items, stores vital information and facilitates financial transactions, has received much attention lately. It promises to consolidate many of the personal items carried around by the modern individual: wallet, phone, pager, diary and keys. In fact, Nokia's 9001 Communicator already combines the phone, pager and diary into one unit. The question arises, however, as to how to provide user authentication. Traditional protection mechanisms require users to enter a PIN or password every time they wish to perform a transaction. More sophisticated techniques include using a biometric device, such as a fingerprint scanner, which is integrated into the e-wallet. Both of these options have disadvantages. Usability problems due to authentication are a significant barrier to the adoption of e-wallets. How can an e-wallet guarantee security without being cumbersome? In this article, the authors present some uses of existing protocols whereby a concealable, wireless and portable device can temporarily act as an authentication proxy for the user. The e-wallet then becomes a parasite - feeding off the small device for required authentication and identification information. Parasitic authentication attempts to provide handheld computers with security without reducing convenience