SIMPLIFIED MULTI-FACTOR AUTHENTICATION
First Claim
1. A method of handling a factor of a multi-factor authentication sequence, said method comprising:
- receiving a biometric candidate;
generating a cryptographic key from said biometric candidate;
decrypting a previously stored, encrypted character sequence associated with an identity verification element, wherein said decrypting employs said cryptographic key and results in a decrypted character sequence;
transmitting said decrypted character sequence to said identity verification element;
receiving, from said identity verification element, an indication of character sequence verification;
determining, from said indication, that said identity verification element has verified said decrypted character sequence; and
responsive to said determining, proceeding with said multi-factor authentication sequence.
4 Assignments
0 Petitions
Accused Products
Abstract
A reader element is associated with an identity verification element. The reader element has a biometric input device and is configured, through enrollment of a biometric element is used to encrypt a character sequence associated with the identity verification element. In a verification phase subsequent to the enrollment, a user may be spared a step of providing the character sequence by, instead, providing the biometric element. Responsive to receiving the biometric element, the reader element may decrypt the character sequence and provide the character sequence to the identity verification element.
87 Citations
17 Claims
-
1. A method of handling a factor of a multi-factor authentication sequence, said method comprising:
-
receiving a biometric candidate; generating a cryptographic key from said biometric candidate; decrypting a previously stored, encrypted character sequence associated with an identity verification element, wherein said decrypting employs said cryptographic key and results in a decrypted character sequence; transmitting said decrypted character sequence to said identity verification element; receiving, from said identity verification element, an indication of character sequence verification; determining, from said indication, that said identity verification element has verified said decrypted character sequence; and responsive to said determining, proceeding with said multi-factor authentication sequence. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A smart card reader comprising:
-
a storage component interface for receiving a smart card for communication therewith; a memory for storing an encrypted character sequence associated with said smart card; a biometric input device; and a processor adapted to; receive a biometric candidate from said biometric input device; generate a cryptographic key from said biometric candidate; decrypt said encrypted character sequence, wherein said decrypting employs said cryptographic key and results in a decrypted character sequence; transmit said decrypted character sequence to said smart card; receive, from said smart card, an indication of character sequence verification; determine, from said indication, that said smart card has verified said decrypted character sequence; and responsive to said determining, proceed with said multi-factor authentication sequence. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A computer readable medium containing computer-executable instructions that, when performed by a processor, cause said processor to:
-
receive a biometric candidate; generate a cryptographic key from said biometric candidate; decrypt a previously stored, encrypted character sequence associated with an identity verification element, wherein said decrypting employs said cryptographic key and results in a decrypted character sequence; transmit said decrypted character sequence to said identity verification element; receive, from said identity verification element, an indication of character sequence verification; determine, from said indication, that said identity verification element has verified said decrypted character sequence; and responsive to said determining, proceed with a multi-factor authentication sequence. - View Dependent Claims (13, 14, 15, 16, 17)
-
Specification