Single token multifactor authentication system and method
First Claim
1. A system for authenticating the identity of a user of the services provided by one or more on-line service providers, said system comprising:
- an item of information known by the user, said item of information providing a first identification factor;
an object in the possession of the user, said object providing a second identification factor;
a client infrastructure for first receiving and then transmitting said first and second identification factors to an authentication infrastructure for;
verifying the accuracy of said first and second identification factors;
generating a message to one of the one or more on-line service providers in said client infrastructure that said first and second identification factors have been authenticated;
connecting the user to the on-line service provider;
whereby the users need only one of said item of information and only one of said item object in possession to gain individual access to the one or more on-line service providers.
0 Assignments
0 Petitions
Accused Products
Abstract
A system and method for using multiple factors to verify and thereby authenticate the identity of a user attempting to gain access to a personal account at an on-line service provider. The disclosed system and method may be used by multiple on-line service providers thereby enabling the user to be in possession of a single set of identification factors to gain access to one of multiple accounts. Once the user provides the proper identification factors and the identification factors are verified by matching them against factors stored in a computer, the identity of the user is deemed to be authentic and the user is passed onto the on-line service provider for access to the user'"'"'s personal account.
73 Citations
20 Claims
-
1. A system for authenticating the identity of a user of the services provided by one or more on-line service providers, said system comprising:
-
an item of information known by the user, said item of information providing a first identification factor;
an object in the possession of the user, said object providing a second identification factor;
a client infrastructure for first receiving and then transmitting said first and second identification factors to an authentication infrastructure for;
verifying the accuracy of said first and second identification factors;
generating a message to one of the one or more on-line service providers in said client infrastructure that said first and second identification factors have been authenticated;
connecting the user to the on-line service provider;
whereby the users need only one of said item of information and only one of said item object in possession to gain individual access to the one or more on-line service providers. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for authenticating the rights of a single user to one or more on-line service providers, said method comprising the steps of:
-
providing the user with an item of information known only to the user, said item of information known only to the user being a first identification factor;
providing the an object to the possession of the user, said object in the possession of the user being a second identification factor;
receiving said first identification factor and said second identification factor at a computer terminal;
transmitting said first and second identification factors from said computer terminal to an authentication infrastructure;
verifying the accuracy of said first and said second identification factors;
generating a message to a selected one of the one or more on-line service providers that said first and second identification factors have been verified;
connecting the user to said selected on-line service provider. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for authenticating the rights of a single user to a set of one or more on-line service providers, said method comprising the steps of:
-
providing the user with an item of information known only to the user, said item of information known only to the user being a first identification factor;
providing the user with a physical token generating a random number, said random number being a second identification factor;
transmitting said first identification factor and said second identification factor to a customer service representative of the on-line service provider whereby said customer service representative may verify the authenticity of said first and said second identification factors using an authentication infrastructure;
generating a message to the set of on-line service providers of the verification of the authenticity of said first and said second identification factors;
connecting the user to a selected on-line service provider from the set of on-line service providers. - View Dependent Claims (20)
-
Specification