Providing authentication using previously-validated authentication credentials
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-007/04
G06F-015/16
G06F-017/30
H04L-029/06
출원번호
US-0047565
(2016-02-18)
등록번호
US-9398000
(2016-07-19)
발명자
/ 주소
Grigg, David M.
Bertanzetti, Peter John
Qaim-Maqami, Hood
출원인 / 주소
BANK OF AMERICA CORPORATION
대리인 / 주소
Springs, Michael A.
인용정보
피인용 횟수 :
2인용 특허 :
47
초록▼
Embodiments of the invention are directed to systems, methods and computer program products for providing authentication using previously-validated authentication credentials. An exemplary apparatus is configured to receive a request to access a framework application, request, from a user, one or mo
Embodiments of the invention are directed to systems, methods and computer program products for providing authentication using previously-validated authentication credentials. An exemplary apparatus is configured to receive a request to access a framework application, request, from a user, one or more authentication credentials corresponding to a primary level of user authentication, receive and validate the one or more authentication credentials, create, using the framework application, an authentication token based at least partially on the validation of the primary level of user authentication, wherein the authentication token is accessible by a plurality of applications, receive a request, from the user, to access one or more non-framework applications; and authenticate the one or more non-framework applications, where authenticating the non-framework applications requires accessing the authentication token created by the framework application such that the authentication is at least partially based on the primary level of user authentication.
대표청구항▼
1. A computer program product for providing authentication using previously-validated authentication credentials, the computer program product comprising: a non-transitory computer-readable medium comprising a set of codes for causing a computer to:receive a request, from a user, to access a framewo
1. A computer program product for providing authentication using previously-validated authentication credentials, the computer program product comprising: a non-transitory computer-readable medium comprising a set of codes for causing a computer to:receive a request, from a user, to access a framework application, wherein access to the framework application requires a primary level of user authentication comprising one of a plurality of authentication types that is selectable by the user, wherein the plurality of authentication types comprises at least one of a hard authentication and a soft authentication, wherein the hard authentication is a multi-factor verification requiring the user present at least two authentication credentials, wherein the soft authentication is at least a single factor verification requiring the user to present at least one authentication credential;receive a user selected authentication type of the primary level of user authentication, wherein the user selected authentication type is selected from at least one of the hard authentication and the soft authentication;request, from the user, one or more authentication credentials corresponding to the user selected authentication type of the primary level of user authentication;receive the one or more authentication credentials from the user;validate the one or more authentication credentials, thereby resulting in a validation of the user selected authentication type of the primary level of user authentication;create, using the framework application, an authentication token corresponding to the user selected authentication type based at least partially on the validation of the user selected authentication type of the primary level of user authentication, wherein the authentication token is accessible by at least one non-framework application;receive a request to access the at least one non-framework application;access the authentication token created by the framework application; andat least partially authenticate the at least one non-framework application using the authentication token such that the authentication of the at least one non-framework application is at least partially based on the user selected authentication type of the primary level of user authentication,wherein authentication of the user selected authentication type of the primary level of user authentication decreases a degree of confidence required for authenticating the at least one non-framework application from at least a first degree of confidence to a second degree of confidence, and wherein the first degree of confidence is stronger than the second degree of confidence. 2. The computer program product of claim 1, the computer program product further comprising a set of code for causing a computer to deny a second request to at least partially authenticate the at least one non-framework application in response to determining the validation of the user selected authentication type of the primary level of user authentication has expired. 3. The computer program product of claim 2, the computer program product further comprising a set of code for causing a computer to prompt the user to authenticate the framework application using the primary level of user authentication prior to requesting to authenticate the at least one non-framework application. 4. The computer program product of claim 1, the computer program product further comprising a set of code for causing a computer to deny a second request to authenticate the at least one non-framework application in response to determining the validation of the primary level of user authentication has expired. 5. The computer program product of claim 4, the computer program product further comprising a set of code for causing a computer to prompt the user to authenticate the at least one non-framework application using the primary level of user authentication. 6. The computer program product of claim 1, the computer program product further comprising a set of code for causing a computer to determine the degree of confidence required for authenticating the at least one non-framework application based at least partially on the user selected authentication type of the primary level of user authentication. 7. The computer program product of claim 1, wherein authenticating the at least one non-framework application further requires validation of a secondary level of user authentication, and wherein the secondary level of user authentication comprises a single factor authentication. 8. The computer program product of claim 1, wherein authenticating the at least one non-framework application further requires validation of a secondary level of user authentication, and wherein the secondary level of user authentication comprises a soft authentication. 9. The computer program product of claim 1, wherein the one or more authentication credentials comprise at least one of a user name, a password, a web-based security system, a personal identification number (PIN), a security question, or a biometric screening parameter. 10. The computer program product of claim 1, wherein the computer program product further comprising a set of code for causing a computer to: determine one or more authentication credentials corresponding to a secondary level of user authentication for authenticating the at least one non-framework application, wherein determining the one or more credentials is based on the user selected authentication type of the primary level of user authentication;receive, from the user, a response for each of the one or more authentication credentials corresponding to the secondary level of user authentication;validate the response for each of the one or more authentication credentials corresponding to the secondary level of user authentication, thus resulting in a validation of the secondary level of user authentication; andauthenticate the at least one non-framework application based at least in part on validating the secondary level of user authentication, such that the authentication of the at least one non-framework application is based at least partially on the validation of the secondary level of user authentication and based at least in part on the validation of the user selected authentication type of the primary level of user authentication. 11. A method for providing authentication using previously-validated authentication credentials, the method comprising: receiving a request, from a user via a mobile device, to access a framework application, wherein access to the framework application requires a primary level of user authentication comprising one of a plurality of authentication types that is selectable by the user, wherein the plurality of authentication types comprises at least one of a hard authentication and a soft authentication, wherein the hard authentication is a multi-factor verification requiring the user present at least two authentication credentials, wherein the soft authentication is at least a single-factor verification requiring the user to present at least one authentication credential;receiving a user selected authentication type of the primary level of user authentication, wherein the user selected authentication type is selected from at least one of the hard authentication and the soft authentication;requesting, from the user, one or more authentication credentials corresponding to the user selected authentication type of the primary level of user authentication;receiving the one or more authentication credentials from the user;validating the one or more authentication credentials, thereby resulting in a validation of the user selected authentication type of the primary level of user authentication;creating, using the framework application, an authentication token corresponding to the user selected authentication type based at least partially on the validation of the user selected authentication type of the primary level of user authentication, wherein the authentication token is accessible by at least one non-framework application;receiving a request to access the at least one non-framework application;accessing the authentication token created by the framework application; andat least partially authenticating the at least one non-framework application using the authentication token such that the authentication of the at least one non-framework application is at least partially based on the user selected authentication type of the primary level of user authentication,wherein authentication of the user selected authentication type of the primary level of user authentication decreases a degree of confidence required for authenticating the at least one non-framework application from at least a first degree of confidence to a second degree of confidence, and wherein the first degree of confidence is stronger than the second degree of confidence. 12. The method of claim 11, the method further comprising denying a second request to at least partially authenticate the at least one non-framework application in response to determining the validation of the user selected authentication type of the primary level of user authentication has expired. 13. The method of claim 12, the method further comprising prompting the user to authenticate the framework application using the primary level of user authentication prior to requesting to authenticate the at least one non-framework application. 14. The method of claim 11, the method further comprising denying a second request to authenticate the at least one non-framework application in response to determining the validation of the primary level of user authentication has expired. 15. The method of claim 14, the method further comprising prompting the user to authenticate the at least one non-framework application using the primary level of user authentication. 16. The method of claim 11, the method further comprising determining the degree of confidence required for authenticating the at least one non-framework application based at least partially on the user selected authentication type of the primary level of user authentication. 17. The method of claim 11, wherein authenticating the at least one non-framework application further requires validation of a secondary level of user authentication, and wherein the secondary level of user authentication comprises a single factor authentication. 18. The method of claim 11, wherein authenticating the at least one non-framework application further requires validation of a secondary level of user authentication, and wherein the secondary level of user authentication comprises a soft authentication. 19. The method of claim 11, wherein the one or more authentication credentials comprise at least one of a user name, a password, a web-based security system, a personal identification number (PIN), a security question, or a biometric screening parameter. 20. The method of claim 11, wherein the method further comprises: determining one or more authentication credentials corresponding to a secondary level of user authentication for authenticating the at least one non-framework application, wherein determining the one or more credentials is based on the user selected authentication type of the primary level of user authentication;receiving, from the user, a response for each of the one or more authentication credentials corresponding to the secondary level of user authentication;validating the response for each of the one or more authentication credentials corresponding to the secondary level of user authentication, thus resulting in a validation of the secondary level of user authentication; andauthenticating the at least one non-framework application based at least in part on validating the secondary level of user authentication, such that the authentication of the at least one non-framework application is based at least partially on the validation of the secondary level of user authentication and based at least in part on the validation of the user selected authentication type of the primary level of user authentication.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (47)
Davies Stephen W., Alarm server systems, apparatus, and processes.
Ayanamcottil, Antony Aloysius; Chandrappa, Varun Yarehalli; Revankar, Natesh Shridhar; Verma, Priya; Alam, Mohammad Dilshad; Sharma, Nitin Prakash; Pullaikudi, Praveen Prakash Thazhalhu, Method for destructive readout of data in case of mobile theft.
Natsuno,Takeshi, Method for inhibiting use of mobile communication terminal having memory where card information is stored, mobile communication network, and mobile communication terminal.
Aravamudan, Murali; Rajasekharan, Ajit; Ramakrishnan, Kajamalai G.; Gupta, Mayank, Methods and systems for segmenting relative user preferences into fine-grain and coarse-grain collections.
Grigg, David M.; Thomas, Susan Smith; Harkey, Scott Lee; Bondesen, Laura; Calman, Matthew A., Providing automated initial and final payment for an activity based on determining the location of an activity participant's mobile communication device.
Ellis, Stephen M.; Kennedy, Michael J.; Kurani, Ashish Bhoopen; Lowry, Melissa; Meyyappan, Uma; Sahni, Bipin; Stroke, Nikolai, System and method for a mobile wallet.
Berardi,Michael J.; Bliman,Michal; Bonalle,David S.; Elwood,Jennifer Anne; Hood,Matthew C.; Isenberg,Susan E.; Mayers,Alexandra; Saunders,Peter D.; Scheding,Kathryn D.; Shah,Sejal Ajit; Williamson,Jo, System and method for payment using radio frequency identification in contact and contactless transactions.
Dhesi, Rajkaran Singh; Hunt, Simon; Parke, Paul Martin, System, method, and computer program product for disabling a communication channel during authentication.
Grigg, David M.; Bertanzetti, Peter John; Burrell, Charles Jason; Hanson, Carrie Anne; Johansen, Joseph Neil; Toth, Michael E., Determining user authentication requirements based on the current location of the user being within a predetermined area requiring altered authentication requirements.
Grigg, David M.; Bertanzetti, Peter John; Burrell, Charles Jason; Hanson, Carrie Anne; Johansen, Joseph Neil; Toth, Michael E., Determining user authentication requirements based on the current location of the user being within a predetermined area requiring altered authentication requirements.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.