Multifactor network authentication
First Claim
1. A network authentication system, comprising:
- an authentication server implemented in hardware, configured to;
receive an authentication key request from a first user device associated with a first user, wherein the authentication key request identifies;
an account linked with the first user; and
a second user device associated with a second user;
generate an authentication key in response to receiving the authentication key request;
generate a first authentication key fragment comprising a first portion of the authentication key, wherein the first authentication key fragment is linked with a first set of authentication rules for the first user;
generate a second authentication key fragment comprising a second portion of the authentication key, wherein the second authentication key fragment is linked with a second set of authentication rules for the second user;
send the first authentication key fragment to the first user device;
send the second authentication key fragment to the second user device;
a server in signal communication with the authentication server, configured to;
receive a request to perform an action by the second user on the account linked with the first user, wherein the request comprises the second authentication key fragment;
send an authentication request comprising the second authentication key fragment to the authentication server in response to receiving the request; and
executing the action on the account linked with first user in response to receiving an authentication approval from the authentication server; and
the authentication server further configured to;
interrogate the second user via the second user device using the second set of authentication rules to validate the second authentication key fragment in response to receiving the authentication request;
send an approval request to the first user device in response to validating the second authentication key fragment;
interrogate the first user via the first user device using the first set of authentication rules to validate the first authentication key fragment in response to receiving the first authentication key fragment from the first user device; and
send an authentication approval to the server in response to validating the first authentication key fragment.
1 Assignment
0 Petitions
Accused Products
Abstract
A network authentication device that includes an authentication engine in signal communication with a network interface. The authentication engine is configured to receive an authentication key request from a first user device that identifies an account linked with a first user and a second user device. The authentication engine is configured to generate an authentication key and to establish a first set of authentication rules for the first user and a second set of authentication rules for the second user. The authentication engine is configured to generate a first authentication key fragment comprising a first portion of the authentication key and a second authentication key fragment comprising a second portion of the authentication key and to send the first authentication key fragment to the first user device and the second authentication key fragment to the second user device.
-
Citations
20 Claims
-
1. A network authentication system, comprising:
-
an authentication server implemented in hardware, configured to; receive an authentication key request from a first user device associated with a first user, wherein the authentication key request identifies; an account linked with the first user; and a second user device associated with a second user; generate an authentication key in response to receiving the authentication key request; generate a first authentication key fragment comprising a first portion of the authentication key, wherein the first authentication key fragment is linked with a first set of authentication rules for the first user; generate a second authentication key fragment comprising a second portion of the authentication key, wherein the second authentication key fragment is linked with a second set of authentication rules for the second user; send the first authentication key fragment to the first user device; send the second authentication key fragment to the second user device; a server in signal communication with the authentication server, configured to; receive a request to perform an action by the second user on the account linked with the first user, wherein the request comprises the second authentication key fragment; send an authentication request comprising the second authentication key fragment to the authentication server in response to receiving the request; and executing the action on the account linked with first user in response to receiving an authentication approval from the authentication server; and the authentication server further configured to; interrogate the second user via the second user device using the second set of authentication rules to validate the second authentication key fragment in response to receiving the authentication request; send an approval request to the first user device in response to validating the second authentication key fragment; interrogate the first user via the first user device using the first set of authentication rules to validate the first authentication key fragment in response to receiving the first authentication key fragment from the first user device; and send an authentication approval to the server in response to validating the first authentication key fragment. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A network authentication device comprising:
-
a network interface in signal communication with; a first user device associated with a first user; a second user device associated with a second user, wherein the second user is different from the first user; and an authentication engine implemented in hardware, wherein the authentication engine is in signal communication with the network interface, and configured to; receive an authentication key request from the first user device, wherein the authentication key request identifies; an account linked with the first user; and the second user device; generate an authentication key in response to receiving the authentication key request; establish a first set of authentication rules for the first user, wherein the first set of authentication rules identifies; a number of authentication rules selected by the first user; and an authentication type for each authentication rule selected by the first user; establish a second set of authentication rules for the second user, wherein the second set of authentication rules identifies; a number of authentication rules selected by the second user; and an authentication type for each authentication rule selected by the second user; generate a first authentication key fragment comprising a first portion of the authentication key; generate a second authentication key fragment comprising a second portion of the authentication key; send the first authentication key fragment to the first user device; and send the second authentication key fragment to the second user device. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. An authentication method, comprising:
-
receiving, by an authentication server, an authentication key request from a first user device associated with a first user, wherein the authentication key request identifies; an account linked with the first user; and a second user device associated with a second user, wherein the second user is different from the first user; generating, by the authentication server, an authentication key in response to receiving the authentication key request; establishing, by the authentication server and the first user device, a first set of authentication rules for the first user, wherein the first set of authentication rules identifies; a number of authentication rules selected by the first user; and an authentication type for each authentication rule selected by the first user; establishing, by the authentication server and the second user device, a second set of authentication rules for the second user, wherein the second set of authentication rules identifies; a number of authentication rules selected by the second user; and an authentication type for each authentication rule selected by the second user; generating, by the authentication server, a first authentication key fragment comprising a first portion of the authentication key; generating, by the authentication server, a second authentication key fragment comprising a second portion of the authentication key; sending, by the authentication server, the first authentication key fragment to the first user device; and sending, by the authentication server, the second authentication key fragment to the second user device. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification