End user initiated access server authenticity check
First Claim
1. A method comprising:
- receiving, by a computing system of an access management system, from a computing device operated by a user, a validation request to authenticate the access management system, the validation request including user identification information associated with the user;
sending, by the computing system, to a destination associated with the user based on the user identification information, temporary access information for the user to authenticate the access management system;
receiving, by the computing system, a first response including the temporary access information;
upon verifying the temporary access information received in the first response, sending, by the computing system, personal information about the user to the computing device, the personal information being selected from current records of the user available from a third party system that is different from the access management system;
receiving, from the computing device, a second response, the second response indicating a confirmation by the user of the personal information and the second response including credential data of the user; and
determining, by the computing system, authentication of the user to access the resource from the computing device, wherein the authentication is determined based on the credential data and the confirmation of the personal information received in the second response.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques are disclosed for enabling a user to validate the authenticity of a computing system (e.g., an access management system) such as one which controls access to one or more resources. A user can determine the authenticity of an access management system before the user provides credential information to the access management system. A user can be presented at a client system with an interface to request authentication of an access management system. The access management system may provide the user at the client system with temporary access information to submit back to the access management system. The access management system may provide recent personal information to the user at the client system to verify the access management system. Upon verification of the personal information, the access management system may prompt the user for credential information to establish a session.
-
Citations
20 Claims
-
1. A method comprising:
-
receiving, by a computing system of an access management system, from a computing device operated by a user, a validation request to authenticate the access management system, the validation request including user identification information associated with the user; sending, by the computing system, to a destination associated with the user based on the user identification information, temporary access information for the user to authenticate the access management system; receiving, by the computing system, a first response including the temporary access information; upon verifying the temporary access information received in the first response, sending, by the computing system, personal information about the user to the computing device, the personal information being selected from current records of the user available from a third party system that is different from the access management system; receiving, from the computing device, a second response, the second response indicating a confirmation by the user of the personal information and the second response including credential data of the user; and determining, by the computing system, authentication of the user to access the resource from the computing device, wherein the authentication is determined based on the credential data and the confirmation of the personal information received in the second response. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An access management system comprising:
-
one or more processors; and a memory coupled with and readable by the one or more processors, the memory storing a set of instructions that, when executed by the one or more processors, causes the one or more processors to; receive, from a computing device operated by a user, a validation request to authenticate the access management system, the validation request including user identification information associated with the user; send, to a destination associated with the user based on the user identification information, temporary access information for the user to authenticate the access management system; receive a first response including the temporary access information; upon verifying the temporary access information received in the first response, send personal information about the user to the computing device, the personal information being selected from current records of the user available from a third party system that is different from the access management system; receive, from the computing device, a second response, the second response indicating a confirmation by the user of the personal information and the second response including credential data of the user; and determine authentication of the user to access the resource from the computing device, wherein the authentication is determined based on the credential data and the confirmation of the personal information received in the second response. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable medium storing a set of instructions that, when executed by one or more processors, causes the one or more processors to:
-
receiving, by a computing system of an access management system, from a computing device operated by a user, a validation request to authenticate the access management system, the validation request including user identification information associated with the user; sending, by the computing system, to a destination associated with the user based on the user identification information, temporary access information for the user to authenticate the access management system; receiving, by the computing system, a first response including the temporary access information; upon verifying the temporary access information received in the first response, sending, by the computing system, personal information about the user to the computing device, the personal information being selected from current records of the user available from a third party system that is different from the access management system; receiving, from the computing device, a second response, the second response indicating a confirmation by the user of the personal information and the second response including credential data of the user; and determining, by the computing system, authentication of the user to access the resource from the computing device, wherein the authentication is determined based on the credential data and the confirmation of the personal information received in the second response. - View Dependent Claims (17, 18, 19, 20)
-
Specification