EFFICIENT TWO-FACTOR AUTHENTICATION
First Claim
Patent Images
1. An authentication method, comprising:
- receiving a card challenge;
receiving a user-provided credential;
combining the card challenge with the user-provided credential; and
transforming the combination of the card challenge and user-provided credential.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, devices, and systems are provided for an efficient two-factor authentication process. In particular, a card challenge is combined with a user-provided password or similar user-based credential before a transformation of the data is performed. Once the combined challenge and user-provided credential have been transformed, the transformed data is used as a basis for authentication verification.
-
Citations
20 Claims
-
1. An authentication method, comprising:
-
receiving a card challenge; receiving a user-provided credential; combining the card challenge with the user-provided credential; and transforming the combination of the card challenge and user-provided credential. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A secure access system, comprising:
-
a card being assigned to an authorized card holder and being carried by an actual card holder; a terminal adapted to communicate with the card via a communication link, wherein one or both of the card and terminal are adapted to verify an authenticity of the other of the card and terminal as well as verify that the actual card holder is the authorized card holder by analyzing a combined authentication value that includes a combination of card authentication information and user authentication information, wherein the card authentication information is obtained from the card, wherein the user authentication information is obtained from the actual card holder, and wherein the combined authentication value comprises a single number that was calculated based on the card authentication information and the user authentication information. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A computer program product comprising computer executable instructions stored onto a computer readable medium which, when executed by a processor of a computer, cause the processor to execute a method, the method comprising:
-
receiving card authentication information; receiving user authentication information; determining a combined authentication value by combining the card authentication information with the user authentication information; and transmitting the combined authentication value to one of a card and terminal such that the combined authentication value, or a transformation thereof, can be analyzed by an analyzing device, thereby enabling the analyzing device to confirm a trusted relationship exists between the card and terminal and an actual holder of the card is an authorized holder of the card. - View Dependent Claims (17, 18, 19, 20)
-
Specification