This article outlines some of the basic principles involved in the design and administration of a secure transaction service for a database system. Specifically it discusses the case in which the database also maintains personal details of the users in order to facilitate real time user identification. In this design we distinguish two types of identification for the user:-(i) User's self - declared identity and(ii) Machine perceived view of the identity of the user based on the user's behavioural characteristics - such as voice, handwriting, facial features, key - stroke and mouse dynamics.The user's self - declared identity, when valid, would initiate the transaction; however, the continuation of the transaction is dependent upon the mach...