Abrégé

Systems, methods, and software products provide increased trust in authentication of a user to an authentication server when a trusted witness client device witnesses the authentication of the user on the user's root client device. Both the root and the witness client devices cooperate to present the user with an interactive task during the authentications and each client device independently captures movement of the user performing the interactive task, during which, the user is authenticated to the root client device. An increased level of trust in the authentication of the user is achieved by the authentication server when the captured movements match expected movements of the user performing the interactive task and the authentication server has proof that the witness client devices witnessed a successful authentication.

Classes IPC  ?

• G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p. ex. clés électroniques ou cartes à puce intelligentes
• G06F 21/32 - Authentification de l’utilisateur par données biométriques, p. ex. empreintes digitales, balayages de l’iris ou empreintes vocales
• H04W 12/55 - Appariement sécurisé de dispositifs faisant intervenir trois dispositifs ou plus, p. ex. appariement de groupes

Abrégé

Systems, methods, and software products provide increased trust in authentication of a user to an authentication server when a trusted witness client device witnesses the authentication of the user on the user's root client device. Both the root and the witness client devices cooperate to present the user with an interactive task during the authentications and each client device independently captures movement of the user performing the interactive task, during which, the user is authenticated to the root client device. An increased level of trust in the authentication of the user is achieved by the authentication server when the captured movements match expected movements of the user performing the interactive task and the authentication server has proof that the witness client devices witnessed a successful authentication.

Classes IPC  ?

• G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p. ex. clés électroniques ou cartes à puce intelligentes
• G06F 21/32 - Authentification de l’utilisateur par données biométriques, p. ex. empreintes digitales, balayages de l’iris ou empreintes vocales
• H04W 12/55 - Appariement sécurisé de dispositifs faisant intervenir trois dispositifs ou plus, p. ex. appariement de groupes

Abrégé

A passwordless authentication method authenticates a user to access a remote computer. A mobile device receives a flash pattern included on a webpage by an authenticator. A body part of a user of the mobile device is biometrically authenticating at the mobile device. Concurrently with the authenticating, a modulated optical signal based upon the flash pattern is emit toward the body part and detected remission of the modulated optical signal by the body part is recorded as a remitted pattern. An indication of authenticity of the user, as determined by the step of biometrically authenticating, and the remitted pattern are communicated to the authenticator, and the user is authenticated to the website based upon the indication of authenticity and a match of the remitted pattern to the flash pattern.

Classes IPC  ?

• G06F 21/40 - Authentification de l’utilisateur sous réserve d’un quorum, c.-à-d. avec l’intervention nécessaire d’au moins deux responsables de la sécurité
• G06F 21/32 - Authentification de l’utilisateur par données biométriques, p. ex. empreintes digitales, balayages de l’iris ou empreintes vocales
• G06F 21/36 - Authentification de l’utilisateur par représentation graphique ou iconique