System and method for embedded authentication
First Claim
Patent Images
1. A method comprising:
- initiating an authentication session of a host application with an embeddable authentication interface and obtaining a transaction token;
delivering the transaction token to the embeddable authentication interface of the host application;
receiving a signed authentication token at a host server, wherein the signed authentication token is authenticated in a layer of authentication by an authentication server in response to a user challenge delivered by the authentication server to the embeddable authentication interface and in response to authentication of the transaction token delivered to the embeddable authentication interface;
verifying the signed authentication token at the host server; and
if the authentication token is successfully verified, setting an application-level state of a successful authentication.
3 Assignments
0 Petitions
Accused Products
Abstract
Various systems and methods of embedded authentication are described herein. One method of the preferred embodiment can include receiving at an authentication server a transaction token from a host website, the host website including an embeddable interface and prompting a user challenge by the authentication server at the embeddable interface. The method of the preferred embodiment can also include creating a signed authentication token in response to a successful user challenge, and transmitting the signed authentication token from the authentication server to the embeddable interface.
-
Citations
26 Claims
-
1. A method comprising:
-
initiating an authentication session of a host application with an embeddable authentication interface and obtaining a transaction token; delivering the transaction token to the embeddable authentication interface of the host application; receiving a signed authentication token at a host server, wherein the signed authentication token is authenticated in a layer of authentication by an authentication server in response to a user challenge delivered by the authentication server to the embeddable authentication interface and in response to authentication of the transaction token delivered to the embeddable authentication interface; verifying the signed authentication token at the host server; and if the authentication token is successfully verified, setting an application-level state of a successful authentication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method comprising:
-
at an authentication server, receiving a transaction token from an embedded authentication interface in a host application; at the authentication server, authenticating the transaction token to be a transaction token from a host server; prompting a user challenge of an embedded layer of authentication at the embeddable interface and initiated by the authentication server; in response to a successful user challenge and an authentic transaction token, creating a signed authentication token; and transmitting the signed authentication token from the authentication server to the embeddable interface. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A method comprising:
-
at an authentication server, receiving an authentication session initialization request from an embeddable interface, wherein the authentication session initialization request is generated by a virtual private network (VPN) access; authenticating the authentication session initialization request at the authentication server; prompting a user challenge of an embedded layer of authentication by the authentication server at the embeddable interface; in response to a successful user challenge, creating a signed authentication token; and verifying the signed authentication token between the authentication server and a VPN system. - View Dependent Claims (23, 24, 25, 26)
-
Specification