System and method for facilitating multi-connection-based authentication
First Claim
1. A method of facilitating multi-connection-based authentication, the method being implemented by a computer system that comprises one or more processors executing computer program instructions that, when executed, perform the method, the method comprising:
- causing, by the computer system, first and second connections to be established between the computer system and a remote client device;
obtaining, by the computer system, a first challenge response from the remote client device via the first connection and a second challenge response from the remote client device via the second connection, the first and second challenge responses each being generated based on a same private key stored in a secure local storage at the remote client device;
obtaining, by the computer system, a public key corresponding to the private key from the remote client device via the first connection;
performing, by the computer system, public-key-based verification of the first challenge response by using the public key to verify at least a portion of the first challenge response;
obtaining, by the computer system, a confirmation of identification information associated with an entity, to which the private key corresponds, based on information obtained from the remote client device via the first connection;
registering, by the computer system, the public key in a database in association with the entity based on (i) the obtained confirmation via the first connection and (ii) the public-key-based verification of the first challenge response obtained via the first connection;
obtaining, by the computer system, an identifier associated with the entity from the remote client device via the second connection;
determining, by the computer system, a match between the associated identifier and at least one identifier registered in association with the entity in a database;
performing, by the computer system, based on the matching, public-key-based verification of the second challenge response by using the public key to verify at least a portion of the second challenge response; and
authenticating, by the computer system, information obtained from the remote client device via the second connection based on the public-key-based verification of the second challenge response obtained via the second connection.
2 Assignments
0 Petitions
Accused Products
Abstract
In certain embodiments, first and second challenge responses may be obtained at a computer system from a client device respectively via first and second connections between the computer system and the client device. The challenge responses may each be generated based on a same private key stored in a secure local storage at the client device. Confirmation of identification information associated with an entity, to which the private key corresponds, may be obtained based on information obtained from the client device via the first connection. Information obtained from the client device via the second connection may be authenticated based on (i) the obtained confirmation via the first connection and (ii) verification of the first and second challenge responses obtained respectively via the first and second connections.
22 Citations
20 Claims
-
1. A method of facilitating multi-connection-based authentication, the method being implemented by a computer system that comprises one or more processors executing computer program instructions that, when executed, perform the method, the method comprising:
-
causing, by the computer system, first and second connections to be established between the computer system and a remote client device; obtaining, by the computer system, a first challenge response from the remote client device via the first connection and a second challenge response from the remote client device via the second connection, the first and second challenge responses each being generated based on a same private key stored in a secure local storage at the remote client device; obtaining, by the computer system, a public key corresponding to the private key from the remote client device via the first connection; performing, by the computer system, public-key-based verification of the first challenge response by using the public key to verify at least a portion of the first challenge response; obtaining, by the computer system, a confirmation of identification information associated with an entity, to which the private key corresponds, based on information obtained from the remote client device via the first connection; registering, by the computer system, the public key in a database in association with the entity based on (i) the obtained confirmation via the first connection and (ii) the public-key-based verification of the first challenge response obtained via the first connection; obtaining, by the computer system, an identifier associated with the entity from the remote client device via the second connection; determining, by the computer system, a match between the associated identifier and at least one identifier registered in association with the entity in a database; performing, by the computer system, based on the matching, public-key-based verification of the second challenge response by using the public key to verify at least a portion of the second challenge response; and authenticating, by the computer system, information obtained from the remote client device via the second connection based on the public-key-based verification of the second challenge response obtained via the second connection. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for facilitating multi-connection-based authentication, the system comprising:
a computer system that comprises one or more processors programmed with computer program instructions that, when executed, cause the computer system to; cause first and second connections to be established between the computer system and a remote client device; obtain a first challenge response from the remote client device via the first connection and a second challenge response from the remote client device via the second connection, the first and second challenge responses each being generated based on a same private key stored in a secure local storage at the remote client device; obtain a public key corresponding to the private key from the remote client device via the first connection; perform public-key-based verification of the first challenge response by using the public key to verify at least a portion of the first challenge response; obtain a confirmation of identification information associated with an entity, to which the private key corresponds, based on information obtained from the remote client device via the first connection; register the public key in a database in association with the entity based on (i) the obtained confirmation via the first connection and (ii) the public-key-based verification of the first challenge response obtained via the first connection; obtain an identifier associated with the entity from the remote client device via the second connection; determine a match between the associated identifier and at least one identifier registered in association with the entity in a database; perform, based on the matching, public-key-based verification of the second challenge response by using the public key to verify at least a portion of the second challenge response; and authenticate information obtained from the remote client device via the second connection based on the public-key-based verification of the second challenge response obtained via the second connection. - View Dependent Claims (9, 10, 11, 12, 13)
-
14. A method implemented by a computer system that comprises one or more processors executing computer program instructions that, when executed, perform the method, the method comprising:
-
causing, by the computer system, first and second connections to be established between the computer system and a remote client device; obtaining, by the computer system, a first challenge response from the remote client device via the first connection and a second challenge response from the remote client device via the second connection, the first and second challenge responses each being generated based on a same private key stored in a secure local storage at the remote client device; obtaining, by the computer system, a public key corresponding to the private key from the remote client device via the first connection; performing, by the computer system, public-key-based verification of the first challenge response by using the public key to verify at least a portion of the first challenge response; obtaining, by the computer system, a confirmation of identification information associated with an entity, to which the private key corresponds, based on information obtained from the remote client device via the first connection; registering, by the computer system, the public key in a database in association with the entity based on (i) the obtained confirmation via the first connection and (ii) the public-key-based verification of the first challenge response obtained via the first connection; obtaining, by the computer system, a public key candidate from the remote client device via the second connection; determining, by the computer system, a match between the public key candidate and the public key stored in the database; and performing, by the computer system, based on the matching, public-key-based verification of the second challenge response by using the public key to verify at least a portion of the second challenge response, authenticating, by the computer system, information obtained from the remote client device via the second connection based on the public-key-based verification of the second challenge response obtained via the second connection. - View Dependent Claims (15, 16, 17)
-
-
18. A system comprising:
a computer system that comprises one or more processors programmed with computer program instructions that, when executed, cause the computer system to; cause first and second connections to be established between the computer system and a remote client device; obtain a first challenge response from the remote client device via the first connection and a second challenge response from the remote client device via the second connection, the first and second challenge responses each being generated based on a same private key stored in a secure local storage at the remote client device; obtain a public key corresponding to the private key from the remote client device via the first connection; perform public-key-based verification of the first challenge response by using the public key to verify at least a portion of the first challenge response; obtain a confirmation of identification information associated with an entity, to which the private key corresponds, based on information obtained from the remote client device via the first connection; register the public key in a database in association with the entity based on (i) the obtained confirmation via the first connection and (ii) the public-key-based verification of the first challenge response obtained via the first connection; obtain a public key candidate from the remote client device via the second connection; determine a match between the public key candidate and the public key stored in the database; perform, based on the matching, public-key-based verification of the second challenge response by using the public key to verify at least a portion of the second challenge response; and authenticate information obtained from the remote client device via the second connection based on the public-key-based verification of the second challenge response obtained via the second connection. - View Dependent Claims (19, 20)
Specification