Posted by:
root
10 years ago
What is ok to use as a risk factor and what is not? This will be a question in the near future. Increasingly, companies are pushing odd (and some down-right creepy) authentication methods.
Some of these go without saying. Like Do not use brainprints. Do not require chips that are injected in the body. Do not use something like voice print, without asking first.
But there's a finer line too. What if you collect data like keystrokes that are used to identify the user. And what if you can also tell if someone is sick with say, Parkinson's by analyzing their keystrokes? Are you in possession of Personal Health Information (PHI)? If you have to disclose that your site uses cookies, there's a good chance you will have to disclose this too.
Share on Twitter Share on Facebook