SINGLE-INPUT MULTIFACTOR AUTHENTICATION
First Claim
Patent Images
1. A method comprising:
- receiving, on a computing device, a first-factor authentication request for a user from a requesting program, operating remotely to the computing device;
authenticating the user based on a biometric input for access to a secure storage on the computing device and to a secure element on the computing device;
retrieving a credential from the secure storage, wherein the credential corresponds to the first-factor authentication request;
sending the credential to the requesting program;
receiving a second-factor authentication request from the requesting program;
requesting a token from the secure element responsive to the second-factor authentication request, wherein the token is based on a token seed corresponding to the requesting program;
sending the token to the requesting program; and
receiving authentication from the requesting program.
1 Assignment
0 Petitions
Accused Products
Abstract
Multifactor authentication is a method to secure data and accounts and to prevent unauthorized access. A first factor can be information that the user knows, such as a username and password combination. A second factor can be something that the user possesses, such as a token generator or a trusted device. The present invention enables a user to present multiple authentication factors through a single biometric input using stored credentials and tokens generated by a secure element.
-
Citations
1 Claim
-
1. A method comprising:
-
receiving, on a computing device, a first-factor authentication request for a user from a requesting program, operating remotely to the computing device; authenticating the user based on a biometric input for access to a secure storage on the computing device and to a secure element on the computing device; retrieving a credential from the secure storage, wherein the credential corresponds to the first-factor authentication request; sending the credential to the requesting program; receiving a second-factor authentication request from the requesting program; requesting a token from the secure element responsive to the second-factor authentication request, wherein the token is based on a token seed corresponding to the requesting program; sending the token to the requesting program; and receiving authentication from the requesting program.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsKozma, Gabriel M., Seo, Carlos E.
-
Application NumberUS15/910,107Publication NumberTime in Patent OfficeDaysField of SearchUS Class CurrentCPC Class CodesG06F 21/32 using biometric data, e.g. ...G06F 21/33 using certificatesG06F 21/34 involving the use of extern...G06F 21/6245 Protecting personal data, e...H04L 2463/082 applying multi-factor authe...H04L 63/083 using passwords cryptograph...H04L 63/0861 using biometrical features,...H04L 9/3213 using tickets or tokens, e....H04L 9/3226 using a predetermined code,...H04L 9/3231 Biological data, e.g. finge...H04L 9/3234 involving additional secure...H04W 12/06 AuthenticationH04W 12/068 using credential vaults, e....H04W 12/069 using certificates or pre-s...
