Authenticator centralization and protection
First Claim
1. A computer implemented method for authenticating a user who is communicating with an enterprise via a user device, comprising:
- receiving authenticators for a user and storing the received authenticators;
receiving, from the enterprise, a request to authenticate the user with an authentication policy for authenticating the user, wherein the request does not identify which of the stored authenticators is to be used for authenticating the user;
determining whether the stored authenticators include a first authenticator to be used for authenticating the user based on the authentication policy;
when the stored indicators include the first authenticator, transmitting an authentication request to the user device requesting the first authenticator, receiving, from the user device, an authenticator in response to the authentication request, and authenticating the user by comparing the received authenticator with the stored first authenticator; and
when the stored authenticators do not include the first authenticator, transmitting to the entity an identification of at least one of the stored authenticators, for the entity to determine if the at least one of stored authenticators is to be used for authentication.
4 Assignments
0 Petitions
Accused Products
Abstract
Provided is a method for authenticating a user communicating with an enterprise via a network. The method includes receiving, via the network, authenticators for a user from a first user device associated with the user, and storing the received authenticators. A first authenticator from the stored authenticators is selected to be used for authenticating the user based on an authentication policy received from the enterprise. An authentication request is transmitted to a user device requesting the first authenticator and the user is authentication by by comparing the received authenticator with the stored first authenticator.
19 Citations
11 Claims
-
1. A computer implemented method for authenticating a user who is communicating with an enterprise via a user device, comprising:
-
receiving authenticators for a user and storing the received authenticators; receiving, from the enterprise, a request to authenticate the user with an authentication policy for authenticating the user, wherein the request does not identify which of the stored authenticators is to be used for authenticating the user; determining whether the stored authenticators include a first authenticator to be used for authenticating the user based on the authentication policy; when the stored indicators include the first authenticator, transmitting an authentication request to the user device requesting the first authenticator, receiving, from the user device, an authenticator in response to the authentication request, and authenticating the user by comparing the received authenticator with the stored first authenticator; and when the stored authenticators do not include the first authenticator, transmitting to the entity an identification of at least one of the stored authenticators, for the entity to determine if the at least one of stored authenticators is to be used for authentication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 10, 11)
-
-
8. A computer implemented method for authenticating a user who is communicating with an enterprise via a network, comprising:
-
receiving, via the network, authenticators for a user from a first user device associated with the user and authenticators for a second user device associated with the user, and storing the received authenticators; receiving, from the enterprise, a request to authenticate the user with an authentication policy for authenticating the user, wherein the request does not identify which of the stored authenticators is to be used for authenticating the user; determining whether the stored authenticators include a first authenticator to be used for authenticating the user based on the authentication policy; and when the stored indicators include the first authenticator, selecting one of the first user device and the second user device to use for authentication, transmitting an authentication request to the selected user device via the network requesting the first authenticator, receiving, from the selected user device, an authenticator in response to the authentication request, and authenticating the user by comparing the received authenticator with the stored first authenticator; and
.when the stored authenticators do not include the first authenticator, transmitting to the enterprise an identification of at least one of the stored authenticators, for the entity to determine if the at least one of stored authenticators is to be used for authentication. - View Dependent Claims (9)
-
Specification