Identity Verification

Two factor authentication is good, but it doesn't go far enough.

Organic, secure, trustworthy identity takes into account all the possible factors. A system that does not... You delegate the veracity of your authenticity to an outside entity.

A many factors authentication schema would, by its nature, operate under the presumption and anticipation that it is never a 100% match. Even were a map of thought and behavior to be drawn, to the smallest neuron, variables would ensure an increasingly diminishing margin of error. We should embrace the error. It could be the point of evolutionary change, for the individual and the collected body.

2 Factor - password + dongle or card (or implant)
Plenty of ways to circumvent that, from man in the middle interventions to social engineering.

Add a factor, maybe security questions. Same problem, but difficulty of emulation increased dramatically.

But once authenticated, the token persists. It should be constant, part of the header, continually renewed and refreshed.

But one of our concerns at the moment is that the government, companies, are building these organic maps for multi-factor identity verification. You walk a certain predictable path, you always buy a mocha on Mondays, you liked the Man of Steel movie. Your name, the phone number you have as an endpoint today, irrelevant.

Interesting to consider the buzz from a few years back, about the Internet of Things - we may be those things. Defined by the cloud of activities and preferences and social connections surrounding us.