Method and apparatus for providing authentication using policy-controlled authentication articles and techniques
First Claim
10. A method for providing second factor authentication comprising:
- providing, through a user interface, selectability on a per user group basis of a plurality of second factor authentication policies associated with a second factor authentication article that includes sender authentication information located in cells thereon that can be located by using corresponding location information;
controlling a challenge strength of one group of users to be different from another group of users that both use second factor authentication articles, based on a selected second factor authentication policy from the plurality of second factor authentication policies; and
providing second factor authentication based on the second factor authentication articles for each of the groups by enforcing at least one of the plurality of the selected group policies.
7 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus provides first or second factor authentication by providing selectability of a plurality of second factor authentication policies associated with a second factor authentication article. The first or second factor authentication article includes authentication information, such as a plurality of data elements in different cells or locations on the authentication article, which can be located by using corresponding location information. The method and apparatus provides second factor authentication based on the first or second factor authentication article by enforcing at least one of the plurality of selected authentication policies.
-
Citations
43 Claims
-
10. A method for providing second factor authentication comprising:
-
providing, through a user interface, selectability on a per user group basis of a plurality of second factor authentication policies associated with a second factor authentication article that includes sender authentication information located in cells thereon that can be located by using corresponding location information;
controlling a challenge strength of one group of users to be different from another group of users that both use second factor authentication articles, based on a selected second factor authentication policy from the plurality of second factor authentication policies; and
providing second factor authentication based on the second factor authentication articles for each of the groups by enforcing at least one of the plurality of the selected group policies. - View Dependent Claims (11, 12)
-
-
13. An apparatus for providing second factor authentication comprising:
-
one or more processors and memory, operatively coupled to the one or more processors, that contains executable instructions that when executed causes the one or more processors to;
provide selectability of a plurality of second factor authentication policies associated with a second factor authentication article that includes sender authentication information located thereon that can be located by using corresponding location information; and
provide second factor authentication based on the second factor authentication article by enforcing at least one of the plurality of the selected policies. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
21. An apparatus for providing second factor authentication comprising:
-
one or more processors and memory, operatively coupled to the one or more processors, that contains executable instructions that when executed causes the one or more processors to;
provide, through a user interface, selectability on at least one of a per user group basis, user basis and transaction type basis of a plurality of second factor authentication policies associated with a second factor authentication card that includes sender authentication information located in cells thereon that can be located by using corresponding location information;
control a challenge strength of one group of users to be different from another group of user that both use second factor authentication cards, based on a selected second factor authentication policy from the plurality of second factor authentication policies; and
provide second factor authentication based on the second factor authentication cards for each of the groups by enforcing at least one of the plurality of the selected group policies. - View Dependent Claims (22)
-
-
23. A method for providing authentication comprising:
-
providing selectability of a plurality of authentication policies associated with a an authentication scheme wherein the policies select differing strength levels for the authentication scheme depending upon a specific user or user group or transaction type; and
providing different strength levels of authentication security for the authentication scheme depending on a specified policy for a given user, group of users, or transaction type. - View Dependent Claims (24, 25, 26)
-
-
27. An apparatus for providing authentication comprising:
-
one or more processors and memory, operatively coupled to the one or more processors, that contains executable instructions that when executed causes the one or more processors to;
provide selectability of a plurality of authentication policies associated with an authentication scheme wherein the policies select differing strength levels for the authentication scheme depending upon a specific user or user group or transaction type; and
provide different strength levels of authentication security for the authentication scheme depending on a specified policy for a given user, group of users, or transaction type. - View Dependent Claims (28)
-
-
29. A method for providing authentication comprising:
-
providing selectability of a plurality of authentication policies associated with an authentication article that includes sender authentication information located thereon that can be located by using corresponding location information; and
providing authentication based on the authentication article by enforcing at least one of the plurality of the selected policies. - View Dependent Claims (1, 2, 3, 4, 5, 6, 7, 8, 9, 30, 31, 32, 33, 34, 35)
-
-
33-1. The method of claim 32 wherein the selectable authentication policies include at least one of:
-
a policy to control a number of response data elements provided on the authentication article;
a policy to control authentication article content type;
a policy to control a strength of an authentication challenge that is part of a challenge/reply authentication process;
a policy to control a lifetime of the authentication article;
a policy to control lock out after unsuccessful reply attempts to an authentication challenge that is part of a challenge/reply authentication process based on the authentication article;
a policy to control a multiple screen authentication process using the authentication article;
a policy to control whether a challenge based on the authentication article is acceptable via different channels.
-
-
36. A method for providing authentication comprising:
-
providing, through a user interface, selectability on a per user group basis of a plurality of authentication policies associated with an authentication article that includes sender authentication information located in cells thereon that can be located by using corresponding location information;
controlling a challenge strength of one group of users to be different from another group of users that both use authentication articles, based on a selected authentication policy from the plurality of authentication policies; and
providing authentication based on the authentication articles for each of the groups by enforcing at least one of the plurality of the selected group policies. - View Dependent Claims (37, 38)
-
-
39. An apparatus for providing authentication comprising:
-
one or more processors and memory, operatively coupled to the one or more processors, that contains executable instructions that when executed causes the one or more processors to;
provide selectability of a plurality of authentication policies associated with an authentication article that includes sender authentication information located thereon that can be located by using corresponding location information; and
provide authentication based on the authentication article by enforcing at least one of the plurality of the selected policies. - View Dependent Claims (40, 41, 42, 43)
-
Specification