Simplified multi-factor authentication
First Claim
Patent Images
1. A method of handling a factor of a multi-factor authentication sequence, said method comprising:
- receiving a biometric candidate at a device associated with an identity verification element, said device lacking access to a biometric template until received from said identity verification element;
generating a cryptographic key from said biometric candidate;
decrypting a previously stored, encrypted character sequence associated with said identity verification element, wherein said decrypting employs said cryptographic key and results in a decrypted character sequence;
transmitting said decrypted character sequence to said identity verification element;
receiving, from said identity verification element, an indication of character sequence verification;
determining, from said indication, that said identity verification element has verified said decrypted character sequence; and
responsive to said determining, proceeding with said multi-factor authentication sequence by;
extracting said biometric template from said identity verification element; and
determining that said biometric candidate matches said biometric template.
4 Assignments
0 Petitions
Accused Products
Abstract
A reader element is associated with an identity verification element. The reader element has a biometric input device and is configured, through enrollment of a biometric element is used to encrypt a character sequence associated with the identity verification element. In a verification phase subsequent to the enrollment, a user may be spared a step of providing the character sequence by, instead, providing the biometric element. Responsive to receiving the biometric element, the reader element may decrypt the character sequence and provide the character sequence to the identity verification element.
-
Citations
14 Claims
-
1. A method of handling a factor of a multi-factor authentication sequence, said method comprising:
-
receiving a biometric candidate at a device associated with an identity verification element, said device lacking access to a biometric template until received from said identity verification element; generating a cryptographic key from said biometric candidate; decrypting a previously stored, encrypted character sequence associated with said identity verification element, wherein said decrypting employs said cryptographic key and results in a decrypted character sequence; transmitting said decrypted character sequence to said identity verification element; receiving, from said identity verification element, an indication of character sequence verification; determining, from said indication, that said identity verification element has verified said decrypted character sequence; and responsive to said determining, proceeding with said multi-factor authentication sequence by; extracting said biometric template from said identity verification element; and determining that said biometric candidate matches said biometric template. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A smart card reader comprising:
-
a storage component interface for receiving a smart card for communication therewith; a memory for storing an encrypted character sequence associated with said smart card, said memory lacking access to a biometric template until received from said smart card; a biometric input device; and a processor configured to; receive a biometric candidate from said biometric input device; generate a cryptographic key from said biometric candidate; decrypt said encrypted character sequence, wherein said decrypting employs said cryptographic key and results in a decrypted character sequence; transmit said decrypted character sequence to said smart card; receive, from said smart card, an indication of character sequence verification; determine, from said indication, that said smart card has verified said decrypted character sequence; and responsive to said determining, proceed with a multi-factor authentication sequence by; extracting said biometric template from said smart card; and determining that said biometric candidate matches said biometric template. - View Dependent Claims (7, 8, 9)
-
-
10. A non-transitory computer readable medium containing computer-executable instructions that, when performed by a processor, cause said processor to:
-
receive a biometric candidate at a device associated with an identity verification element, said device lacking access to a biometric template until received from said identity verification element; generate a cryptographic key from said biometric candidate; decrypt a previously stored, encrypted character sequence associated with an identity verification element, wherein said decrypting employs said cryptographic key and results in a decrypted character sequence; transmit said decrypted character sequence to said identity verification element; receive, from said identity verification element, an indication of character sequence verification; determine, from said indication, that said identity verification element has verified said decrypted character sequence; and responsive to said determining, proceed with a multi-factor authentication sequence by; extracting said biometric template from said identity verification element; and determining that said biometric candidate matches said biometric template. - View Dependent Claims (11, 12, 13, 14)
-
Specification