BIOMETRIC AUTHENTICATION SYSTEM FOR ENHANCING NETWORK SECURITY
First Claim
1. A non-transitory computer-readable storage medium with an executable program stored thereon for enabling a biometric authentication system, wherein the system includes at least one item of stored user identification information received from a user and stored so as to be accessible by at least an authentication server, and further wherein the program includes code segments for instructing a microprocessor, the code segments comprising:
- a code segment for receiving notification that a client computer associated with the user is requesting access to a resource associated with a third-party server;
a code segment for enabling the authentication server to generate a token seed upon the user requesting access to said resource associated with the third-party server;
a code segment for enabling the authentication server to communicate the token seed to the client computer upon generation of the token seed;
a code segment for enabling the authentication server to generate a first token from the token seed;
a code segment for enabling the client computer to generate a second token from the token seed;
a code segment for enabling the client computer to receive at least one item of live user identification information entered by the user;
a code segment for enabling the client computer to encrypt, using the second token or information associated with the second token, the at least one item of live user identification information;
a code segment for enabling receipt, by the authentication server and from the client computer, of the encrypted at least one item of live user identification information;
a code segment for enabling the authentication server to decrypt the encrypted at least one item of live user identification information, wherein the decryption is performed by the authentication server using the first token;
a code segment for enabling the authentication server to authenticate the decrypted at least one item of live user identification information with the stored user identification information; and
upon authentication of the decrypted at least one item of live user identification information, a code segment for enabling receipt by the third-party server of information usable by the third-party server to allow the user access to the resource associated with the third-party server.
3 Assignments
0 Petitions
Accused Products
Abstract
A network-based biometric authentication system includes a client computer (10), a third party server (24), and a biometric authentication server (26). A user requests access to a web site hosted by the third party server via the client computer, wherein the third party server communicates a deployable object to the client computer. The client computer executes the deployable object, wherein the object enables the client computer to receive a user name, password, and biometric data from the user and to communicate the user name, password, and biometric data to the biometric authentication server in a secure fashion. The biometric authentication server authenticates the user name, password, and biometric data, and communicates the user name and password to the third party server, which attempts to verify the user name and password in a conventional manner and grants access to the user if the user name and password are verified.
-
Citations
24 Claims
-
1. A non-transitory computer-readable storage medium with an executable program stored thereon for enabling a biometric authentication system, wherein the system includes at least one item of stored user identification information received from a user and stored so as to be accessible by at least an authentication server, and further wherein the program includes code segments for instructing a microprocessor, the code segments comprising:
-
a code segment for receiving notification that a client computer associated with the user is requesting access to a resource associated with a third-party server; a code segment for enabling the authentication server to generate a token seed upon the user requesting access to said resource associated with the third-party server; a code segment for enabling the authentication server to communicate the token seed to the client computer upon generation of the token seed; a code segment for enabling the authentication server to generate a first token from the token seed; a code segment for enabling the client computer to generate a second token from the token seed; a code segment for enabling the client computer to receive at least one item of live user identification information entered by the user; a code segment for enabling the client computer to encrypt, using the second token or information associated with the second token, the at least one item of live user identification information; a code segment for enabling receipt, by the authentication server and from the client computer, of the encrypted at least one item of live user identification information; a code segment for enabling the authentication server to decrypt the encrypted at least one item of live user identification information, wherein the decryption is performed by the authentication server using the first token; a code segment for enabling the authentication server to authenticate the decrypted at least one item of live user identification information with the stored user identification information; and upon authentication of the decrypted at least one item of live user identification information, a code segment for enabling receipt by the third-party server of information usable by the third-party server to allow the user access to the resource associated with the third-party server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
Specification