Why Digital Theatre+ recommends not using IP Authentication

Digital Theatre+ recommends that customers do not use IP Authentication, preferring Single Sign On instead

Summary

Historically, institutions and librarians have used IP authentication to provide access to licensed materials to their users. 

IP addresses have never been an accurate method to determine organisational affiliation, and continue to diminish in reliability of such. 

IP-based authentication is an inherently insecure form of authentication. Therefore, it should be
not be used in favour of user/password or identity provider-based authentication

IP Authentication:

  • Is not secure.
  • Is not reliable.
  • Gives false assurance of anonymity. 
  • Gives reduced value to your users.
  • Creates additional and avoidable cost.

Why IP Authentication is not secure

  1. In short - because IP addresses, by nature, are not guaranteed to be associated with a given organisation, IP Authentication must be considered a very weak indicator of organisational affiliation. This means that as a service, Digital Theatre+ cannot offer the frictionless, seamless and personalised experience that users now demand.
  2. IP Authentication may be faked through spoofing of the IP address. This is often done with certain HTTP headers that proxies may use to forward on requests. If an attacker successfully exploits an authentication bypass, they could log in as user in your organisation to view information.
  3. IP addresses therefore cannot be trusted to perform authentication, and must be assumed to have a high probability of being unauthorised.

Why IP Authentication is not reliable

  1. Ownership of IP ranges change, with no central global registry that can be used to assert ownership.  This means your users and their activity can either be blocked or associated with another organisation without prior notice or intent.
    1. We repeatedly have customers claim ownership of the same or overlapping IP ranges, and had to arbitrate between the two to discern ownership.
    2. We repeatedly have customers whose IP ranges have changed, however neither the person responsible for providing the service nor Digital Theatre+ are informed.
  2. In order to work, your users are forced to either be in specific locations, or connect via specific mechanisms (such as VPN or Proxy) which causes difficulty, frustration and friction in using web based resources.
    1. We repeatedly are contacted by customers who experience issues with both Digital Theatre+ and other websites, because VPN or Proxy networks and servers are misconfigured, or overloaded in traffic and processing terms.
    2. We are also contacted by users who know they want to use Digital Theatre+, discover our website but then cannot sign in, because they aren't familiar with the specific access methods organisations have configured for them.
  3. Misuse can result in all users being blocked.  If someone in your IP address range accidentally, or intentionally, performs actions that are considered harmful or suspicious, the only defence available is to block every user within the range.  Conversely, if users are individually identified, then the specific user can be suspended, and remaining users can continue using the service uninterrupted.

Why IP Authentication gives a false assurance of anonymity

One of the prevailing beliefs about the use of IP Authentication is that it provides end users with anonymity, ensuring their activity cannot be tracked by surreptitious or malicious companies for advertising purposes.

If a business is intent on tracking an end user, and building a profile of them, it's possible to do using techniques that cannot be detected or avoided by IP Authentication, VPNs or Proxies.  The primary technique is called Browser fingerprinting

At this point, it's important to point out that Digital Theatre+ does not include any third party tracking, even our analytics system is hosted by us, and Digital Theatre+ does not perform Browser fingerprinting.

The limit of personal information that Digital Theatre+ stores is information used for authentication only, which is not accessible to other business functions, such as marketing.

You can read more about Browser fingerprinting at AmIUnique.org and CoverYourTracks.eff.org.

In short, the majority of web browsers reveal sufficient information about themselves, the operating system, and the hardware that's being used, that they can be identified as unique, and therefore tracked.

Why IP Authentication provides reduced value to end users

In our experience:

  1. Issues with capacity or configuration of VPN, Proxy or network prevent users from accessing Digital Theatre+ despite the service being fully available and functional.  A computer, modern browser and an internet connection are all that is required to use Digital Theatre+.
  2. Users using IP Authentication will have to be treated as completely anonymous, and therefore will not benefit from the personalisation that digital services can provide.  Remember personalisation does not mean that personal information has to be provided about a user, only that the user is uniquely identifiable when using Digital Theatre+.

Why IP Authentication creates additional and avoidable cost

In our experience, IP Authentication causes increased:
  1. Administration and co-ordination costs
  2. Third party network and software costs
  3. User support costs
  4. Missed opportunity costs (when users aren't able to access Digital Theatre+ for reasons beyond their own and Digital Theatre+ control)