Abstract

Systems, methods, and software products provide increased trust in authentication of a user to an authentication server when a trusted witness client device witnesses the authentication of the user on the user's root client device. Both the root and the witness client devices cooperate to present the user with an interactive task during the authentications and each client device independently captures movement of the user performing the interactive task, during which, the user is authenticated to the root client device. An increased level of trust in the authentication of the user is achieved by the authentication server when the captured movements match expected movements of the user performing the interactive task and the authentication server has proof that the witness client devices witnessed a successful authentication.

IPC Classes  ?

• G06F 21/34 - User authentication involving the use of external additional devices, e.g. dongles or smart cards
• G06F 21/32 - User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
• H04W 12/55 - Secure pairing of devices involving three or more devices, e.g. group pairing

Abstract

Systems, methods, and software products provide increased trust in authentication of a user to an authentication server when a trusted witness client device witnesses the authentication of the user on the user's root client device. Both the root and the witness client devices cooperate to present the user with an interactive task during the authentications and each client device independently captures movement of the user performing the interactive task, during which, the user is authenticated to the root client device. An increased level of trust in the authentication of the user is achieved by the authentication server when the captured movements match expected movements of the user performing the interactive task and the authentication server has proof that the witness client devices witnessed a successful authentication.

IPC Classes  ?

• G06F 21/34 - User authentication involving the use of external additional devices, e.g. dongles or smart cards
• G06F 21/32 - User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
• H04W 12/55 - Secure pairing of devices involving three or more devices, e.g. group pairing

Abstract

A passwordless authentication method authenticates a user to access a remote computer. A mobile device receives a flash pattern included on a webpage by an authenticator. A body part of a user of the mobile device is biometrically authenticating at the mobile device. Concurrently with the authenticating, a modulated optical signal based upon the flash pattern is emit toward the body part and detected remission of the modulated optical signal by the body part is recorded as a remitted pattern. An indication of authenticity of the user, as determined by the step of biometrically authenticating, and the remitted pattern are communicated to the authenticator, and the user is authenticated to the website based upon the indication of authenticity and a match of the remitted pattern to the flash pattern.

IPC Classes  ?

• G06F 21/40 - User authentication by quorum, i.e. whereby two or more security principals are required
• G06F 21/32 - User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
• G06F 21/36 - User authentication by graphic or iconic representation