Multi-factor authentication with URL validation
First Claim
Patent Images
1. A computer program product, the computer program product being tangibly embodied on a non-transitory computer-readable storage medium and comprising instructions that, when executed, are configured to cause at least one computing device to:
- receive an authentication request from a first user for access to a network resource via a first communications channel, the authentication request including at least one authentication parameter, wherein the at least one authentication parameter comprises location information of the first user;
generate a user-specific authentication code, based on the at least one authentication parameter;
generate a user-specific authentication Uniform Resource Locator (URL) for an access page, based on the user-specific authentication code;
send the authentication URL to the first user via a second communications channel;
receive an access request in response to selection of the authentication URL by a second user, the access request associated with at least one access parameter, wherein the at least one access parameter comprises information separate from the authentication URL identifying the second user associated with the access request, and wherein the at least one access parameter comprises location information of the second user;
validate the access request, wherein validating the access request comprises verifying a match between the location information of the first user and the location information of the second user to confirm that the first user and the second user are the same, wherein the first user and the second user are the same when the location information of the first user corresponds to the location information of the second user; and
provide the access page to the first user, in response to the matching, the access page indicating grant of access to the network resource.
3 Assignments
0 Petitions
Accused Products
Abstract
Techniques are provided for providing multi-factor authentication with Uniform Resource Locator (URL) validation (MFAUV). One of the multiple authentication factors used may include a unique, user-specific URL that is sent to the user within a message. In this way, the user may simply click on, or otherwise execute or select, the provided URL, directly from within the message in which the URL is provided.
16 Citations
19 Claims
-
1. A computer program product, the computer program product being tangibly embodied on a non-transitory computer-readable storage medium and comprising instructions that, when executed, are configured to cause at least one computing device to:
-
receive an authentication request from a first user for access to a network resource via a first communications channel, the authentication request including at least one authentication parameter, wherein the at least one authentication parameter comprises location information of the first user; generate a user-specific authentication code, based on the at least one authentication parameter; generate a user-specific authentication Uniform Resource Locator (URL) for an access page, based on the user-specific authentication code; send the authentication URL to the first user via a second communications channel; receive an access request in response to selection of the authentication URL by a second user, the access request associated with at least one access parameter, wherein the at least one access parameter comprises information separate from the authentication URL identifying the second user associated with the access request, and wherein the at least one access parameter comprises location information of the second user; validate the access request, wherein validating the access request comprises verifying a match between the location information of the first user and the location information of the second user to confirm that the first user and the second user are the same, wherein the first user and the second user are the same when the location information of the first user corresponds to the location information of the second user; and provide the access page to the first user, in response to the matching, the access page indicating grant of access to the network resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-implemented method, comprising:
-
receiving an authentication request from a first user for access to a network resource via a first communications channel, the authentication request including at least one authentication parameter, wherein the at least one authentication parameter comprises location information of the first user; generating a user-specific authentication code, based on the at least one authentication parameter; generating a user-specific authentication Uniform Resource Locator (URL) for an access page, based on the user-specific authentication code; sending the authentication URL to the first user via a second communications channel; receiving an access request in response to selection of the authentication URL by a second user, the access request associated with at least one access parameter, wherein the at least one access parameter comprises information separate from the authentication URL identifying the second user associated with the access request, and wherein the at least one access parameter comprises location information of the second user; validating the access request, wherein validating the access request comprises verifying a match between the location information of the first user and the location information of the second user to confirm that the first user and the second user are the same, wherein the first user and the second user are the same when the location information of the first user corresponds to the location information of the second user; and providing the access page to the first user, in response to the matching, the access page indicating grant of access to the network resource. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A computer program product, the computer program product being tangibly embodied on a non-transitory computer-readable storage medium and comprising instructions that, when executed, are configured to cause at least one computing device to:
-
receive an authentication request from a first user for a network resource; execute a first authentication factor with respect to the first user; execute a second authentication factor with respect to the first user, including; receiving at least one authentication parameter that is unique to the first user, via a client operable to provide the network resource, wherein the at least one authentication parameter comprises location information of the first user; selecting a uniform resource locator (URL) for a web page associated with the client; parameterizing the URL using the at least one authentication parameter, to obtain an authentication URL that is unique to the first user sending a message to the first user that contains the authentication URL receiving at least one access parameter in conjunction with a selection of the authentication URL by a second user, wherein the at least one access parameter comprises information separate from the authentication URL identifying the second user, and wherein the at least one access parameter comprises location information of the second user; and verifying a match between the location information of the first user and the location information of the second user to confirm that the first user and the second user are the same, wherein the first user and the second user are the same when the location information of the first user corresponds to the location information of the second user; and validate the authentication request, based on the matching, to provide the first user with access to the network resource. - View Dependent Claims (18, 19)
-
Specification