Multi factor user authentication on multiple devices
First Claim
Patent Images
1. A system, comprising:
- at least one processor executing software instructions within a memory of a server computing device coupled to a network, the software instructions causing the server computing device to;
transmit, to a first client computer coupled to the network, a software module configured for installation on the first client computer;
receive, from the software module installed on the first client computer;
a public key from a public/private key pair generated by the software module on the first client computer; and
a biometric data input, by a user, into the first client computer using the software module;
store, within a database coupled to the network, the public key and the biometric data;
generate an authentication challenge user interface comprising a request for an authentication credential from the user;
transmit the authentication challenge user interface to a second client computer coupled to the network;
responsive to receiving the authentication credential from the second client computer;
verify an identity of the user via a match, within the database, to the authentication credential;
generate a notification requesting a biometric input from the user; and
transmit the notification, for display on the software module;
receive, from the first client computer, the biometric input, digitally signed using a private key from the public/private key pair;
decrypt the biometric input using the public key; and
responsive to a determination that the biometric input matches the biometric data stored in the database, authenticate the user.
3 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods of the present invention provide for a first and second client computer configured to receive and transmit an authentication credential and at least one additional authentication credential respectively. The authentication credentials may be selected from authentication credentials known only to a user, identifying a client computer and/or identifying a characteristic unique to the user. A server computer communicatively coupled to the network may be configured to receive the authentication credentials and verify the identity of the user via a match, in a database, of a first authentication credential, a second authentication credential and a third authentication credential.
33 Citations
20 Claims
-
1. A system, comprising:
- at least one processor executing software instructions within a memory of a server computing device coupled to a network, the software instructions causing the server computing device to;
transmit, to a first client computer coupled to the network, a software module configured for installation on the first client computer; receive, from the software module installed on the first client computer; a public key from a public/private key pair generated by the software module on the first client computer; and a biometric data input, by a user, into the first client computer using the software module; store, within a database coupled to the network, the public key and the biometric data; generate an authentication challenge user interface comprising a request for an authentication credential from the user; transmit the authentication challenge user interface to a second client computer coupled to the network; responsive to receiving the authentication credential from the second client computer; verify an identity of the user via a match, within the database, to the authentication credential; generate a notification requesting a biometric input from the user; and transmit the notification, for display on the software module; receive, from the first client computer, the biometric input, digitally signed using a private key from the public/private key pair; decrypt the biometric input using the public key; and responsive to a determination that the biometric input matches the biometric data stored in the database, authenticate the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- at least one processor executing software instructions within a memory of a server computing device coupled to a network, the software instructions causing the server computing device to;
-
11. A method, comprising the steps of:
-
transmitting, by a server computing device coupled to a network and comprising at least one processor executing software instructions within a memory, a software module configured for installation on a first client computer coupled to the network; receiving, by the server computing device, from the software module installed on the first client computer; a public key from a public/private key pair generated by the software module on the first client computer; and a biometric data input, by a user, into the first client computer using the software module; storing, by the server computing device, within a database coupled to the network, the public key and the biometric data; generating, by the server computing device, an authentication challenge user interface comprising a request for an authentication credential from the user; transmitting, by the server computing device, the authentication challenge user interface to a second client computer coupled to the network; responsive to receiving the authentication credential from the second client computer; verifying, by the server computing device, an identity of the user via a match, within the database, to the authentication credential; generating, by the server computing device, a notification requesting a biometric input from the user; and transmitting, by the server computing device, the notification, for display on the software module; receiving, by the server computing device, from the first client computer, the biometric input, digitally signed using a private key from the public/private key pair; decrypting, by the server computing device, the biometric input using the public key; responsive to a determination that the biometric input matches the biometric data stored in the database, authenticating, by the server computing device, the user. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification