Enhanced security for registration of authentication devices
First Claim
Patent Images
1. A method comprising:
- receiving a request at a relying party from a user to register an authenticator;
sending a code from the user to the relying party through an authenticated out-of-band communication channel; and
verifying the identity of the user using the code and responsively registering the authenticator with the relying party in response to a positive verification.
3 Assignments
0 Petitions
Accused Products
Abstract
A system, apparatus, method, and machine readable medium are described for enhanced security during registration. For example, one embodiment of a method comprises: receiving a request at a relying party to register an authenticator; sending a code from the user to the relying party through an authenticated out-of-band communication channel; and verifying the identity of the user using the code and responsively registering the authenticator in response to a positive verification.
-
Citations
23 Claims
-
1. A method comprising:
-
receiving a request at a relying party from a user to register an authenticator; sending a code from the user to the relying party through an authenticated out-of-band communication channel; and verifying the identity of the user using the code and responsively registering the authenticator with the relying party in response to a positive verification. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
receiving at a relying party a request from a user to register an authenticator; generating a code by the authenticator; securely providing the code to the user; sending the code to the relying party from the user over an authenticated out-of-band communication channel; and verifying the identity of the user using the code and responsively registering the authenticator in response to a positive verification. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method comprising:
-
receiving a request at a relying party from a user to register an authenticator, the request including identification information identifying existing credentials of the user; creating an authentication object at a client of the user, the authentication object including a signature generated using a private key associated with the existing credentials of the user; and verifying the signature at the relying party and responsively registering the authenticator in response to a positive verification. - View Dependent Claims (21, 22, 23)
-
Specification