Multi-module authentication platform
First Claim
1. An authentication platform for authenticating a user desiring access to an entity system, the authentication platform comprising:
- two or more authentication modules, each authentication module operable to authenticate the user using a different authentication method;
a decision engine in communication with the two or more authentication modules, the decision engine operable to receive an authentication request from the user, the decision engine operable to send one or more items of authentication information to a first authentication module to authenticate the user, the decision engine operable to receive a return from the first authentication module, the decision engine operable to determine if the user has been authenticated by the first authentication module, the decision engine operable to inform the user that the user has been authenticated; and
a user interface, the user interface operable to receive the authentication request, the user interface operable to receive one or more items of the authentication information from the user;
an institution interface, the institution interface operable to receive one or more authentication rules from one or more entities;
an authentication module interface, the authentication module interface operable to send information to one of the two or more authentication modules for authentication, the authentication module interface operable to receive the return from one of the two or more authentication modules for authentication;
a rules datastore, the rules datastore operable to store one or more authentication rules; and
a rules engine in communication with the user interface, the institution interface, the authentication module interface, and the rules datastore, the rules engine operable to store one or more authentication rules received from the institution interface into the rules datastore, the rules engine operable to receive an authentication request and the one or more items of authentication information from the user interface, the rules engine operable to read a rule from the rules datastore associated with the authentication request, the rules engine operable to send the authentication information to the authentication module interface for the first authentication module identified in the rules the rules engine operable to receive a return from the first authentication module, the rules engine operable to determine if the user has been authenticated by the first authentication module, and the rules engine operable to inform the user that the user has been authenticated by sending a message through the user interface.
8 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the disclosure generally relate to systems and methods for authenticating users of an entity system. In embodiments, an authentication platform receives a request for authentication. The authentication platform interacts with one of several authentication modules to authenticate the user. Each authentication module may use different information or procedures to authenticate the user. If authenticated, the user is allowed access to the system. Having access to two or more authentication modules allows the authentication platform to provide automatically a more robust authentication and alleviates the entity system from needing to integrate the several authentication modules.
-
Citations
17 Claims
-
1. An authentication platform for authenticating a user desiring access to an entity system, the authentication platform comprising:
-
two or more authentication modules, each authentication module operable to authenticate the user using a different authentication method; a decision engine in communication with the two or more authentication modules, the decision engine operable to receive an authentication request from the user, the decision engine operable to send one or more items of authentication information to a first authentication module to authenticate the user, the decision engine operable to receive a return from the first authentication module, the decision engine operable to determine if the user has been authenticated by the first authentication module, the decision engine operable to inform the user that the user has been authenticated; and a user interface, the user interface operable to receive the authentication request, the user interface operable to receive one or more items of the authentication information from the user; an institution interface, the institution interface operable to receive one or more authentication rules from one or more entities; an authentication module interface, the authentication module interface operable to send information to one of the two or more authentication modules for authentication, the authentication module interface operable to receive the return from one of the two or more authentication modules for authentication; a rules datastore, the rules datastore operable to store one or more authentication rules; and a rules engine in communication with the user interface, the institution interface, the authentication module interface, and the rules datastore, the rules engine operable to store one or more authentication rules received from the institution interface into the rules datastore, the rules engine operable to receive an authentication request and the one or more items of authentication information from the user interface, the rules engine operable to read a rule from the rules datastore associated with the authentication request, the rules engine operable to send the authentication information to the authentication module interface for the first authentication module identified in the rules the rules engine operable to receive a return from the first authentication module, the rules engine operable to determine if the user has been authenticated by the first authentication module, and the rules engine operable to inform the user that the user has been authenticated by sending a message through the user interface. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for authenticating a user of an entity system using an authentication platform, the method comprising:
-
receiving an authentication request from the user; extracting one or more items of authentication information; determining a first authentication module to use for the authentication; sending at least one of the one or more items of extracted authentication information to a first authentication module; receiving a return from the first authentication module; determining if the user has been authenticated by the first authentication module; if the user has been authenticated, allowing the user access to the entity system; and if the user has not been authenticated, denying the user access to the entity system; wherein determining a first authentication module to use for the authentication comprises; reading an authentication rule from a rules datastore; and reading an authentication module identifier for the authentication rule. - View Dependent Claims (9)
-
-
10. A computer program stored on a computer readable medium, the computer program embodied in one or more instructions for authenticating a user of an entity system, the computer program comprising:
-
instructions to receive an authentication request; instructions to determine the entity system associated with the authentication request; instructions to determine a type of transaction associated with the authentication request; instructions to locate an authentication rule associated with the entity system and the type of transaction; instructions to read the authentication rule; instructions to determine the authentication module associated with the authentication rule; instructions to provide one or more items of authentication information to the authentication module; instructions to receive a return from the authentication module; and instructions to determine if the user is authenticated according to the return; instructions to receive institution information from the entity system; instructions to receive transaction type information from the entity system; instructions to receive a choice of one or more authentication modules from the entity system; instructions to determine authentication information required for the chosen one or more authentication modules; instructions to receive success criteria from the entity system; instructions to receive reaction information from the entity system; instructions to create the authentication rule; and instructions to store the institution information, the transaction type information, the choice of one or more authentication modules, the authentication information required, the success criteria, and the reaction information into the authentication rule. - View Dependent Claims (11)
-
-
12. An authentication platform for authenticating a user desiring access to an entity system, the authentication platform comprising:
-
two or more authentication modules, each authentication module operable to authenticate the user using a different authentication method; a decision engine in communication with the two or more authentication modules, the decision engine operable to receive an authentication request from the user, the decision engine operable to send one or more items of authentication information to a first authentication module to authenticate the user, the decision engine operable to receive a return from the first authentication module, the decision engine operable to determine if the user has been authenticated by the first authentication module, the decision engine operable to inform the user that the user has been authenticated; wherein the decision engine is operable to send one or more items of information to a second authentication module to authenticate the user if the first authentication module failed to authenticate the user, the decision engine operable to receive a return from the second authentication module, the decision engine operable to determine if the user has been authenticated by the second authentication module, the decision engine operable to inform the user that the user has been authenticated.
-
-
13. An authentication platform for authenticating a user desiring access to an entity system, the authentication platform comprising:
-
two or more authentication modules, each authentication module operable to authenticate the user using a different authentication method; a decision engine in communication with the two or more authentication modules, the decision engine operable to receive an authentication request from the user, the decision engine operable to send one or more items of authentication information to a first authentication module to authenticate the user, the decision engine operable to receive a return from the first authentication module, the decision engine operable to determine if the user has been authenticated by the first authentication module, the decision engine operable to inform the user that the user has been authenticated; a user system in communication with the decision engine; and an entity system in communication with the decision engine.
-
-
14. A method for authenticating a user of an entity system using an authentication platform, the method comprising:
-
receiving an authentication request from the user; extracting one or more items of authentication information; determining a first authentication module to use for the authentication; sending at least one of the one or more items of extracted authentication information to a first authentication module; receiving a return from the first authentication module; determining if the user has been authenticated by the first authentication module; if the user has been authenticated, allowing the user access to the entity system; and if the user has not been authenticated, denying the user access to the entity system; and if the user has not been authenticated, sending at least one of the one or more items of extracted authentication information to a second authentication module; receiving a return from the second authentication module; determining if the user has been authenticated by the second authentication module; if the user has been authenticated, allowing the user access to the entity system; and if the user has not been authenticated, denying the user access to the entity system.
-
-
15. A method for authenticating a user of an entity system using an authentication platform, the method comprising:
-
receiving an authentication request from the user; extracting one or more items of authentication information; determining a first authentication module to use for the authentication; sending at least one of the one or more items of extracted authentication information to a first authentication module; receiving a return from the first authentication module; determining if the user has been authenticated by the first authentication module; if the user has been authenticated, allowing the user access to the entity system; if the user has not been authenticated, denying the user access to the entity system; reading the score from a success threshold field of an authentication rule stored in a rules datastore; comparing a returned score returned by the first authentication module with the score stored in the authentication rule; and determining if the returned score betters the score stored in the authentication rule.
-
-
16. A method for authenticating a user of an entity system using an authentication platform, the method comprising:
-
receiving an authentication request from the user; extracting one or more items of authentication information; determining a first authentication module to use for the authentication; sending at least one of the one or more items of extracted authentication information to a first authentication module; receiving a return from the first authentication module; determining if the user has been authenticated by the first authentication module; if the user has been authenticated, allowing the user access to the entity system; if the user has not been authenticated, denying the user access to the entity system; requesting further authentication information from the user; receiving the further authentication information from the user; and sending at least a portion of the further authentication information to the first authentication module.
-
-
17. A computer program stored on a computer readable medium, the computer program embodied in one or more instructions for authenticating a user of an entity system, the computer program comprising:
-
instructions to receive an authentication request; instructions to determine the entity system associated with the authentication request; instructions to determine a type of transaction associated with the authentication request; instructions to locate an authentication rule associated with the entity system and the type of transaction; instructions to read the authentication rule; instructions to determine the authentication module associated with the authentication rule; instructions to provide one or more items of authentication information to the authentication module; instructions to receive a return from the authentication module; and instructions to determine if the user is authenticated according to the return; and instructions to send an authentication signal to the user indicating the user has been authenticated.
-
Specification