19 July 2018
Register today

Authernative granted Australian patent for user authentication method

06 January 2009  |  1908 views  |  0 Source: Authernative

Authernative, the developer of innovative user authentication and identity management technologies, announced today that the Australian Patent Office has granted the company a patent for a user authentication method.

The newly issued patent number 2004323374 entitled, "Authentication System and Method Based Upon Random Partial Digitized Path Recognition" describes a "what user knows"-based authentication method which overcomes two major deficiencies of passwords: memorization difficulties and low security. To reduce memorization pressure and significantly improve ease of use, the patented technology utilizes a graphical secret pattern on a virtual reference grid, providing an easy way to choose, remember, and enter the user's credentials.

To enhance security, the authentication server never challenges the user to provide the full secret pattern, but instead requests a session-specific random subset of the secret pattern ("One Time Pattern"(TM) (OTP)). This significantly reduces the credential's entropy leakage and renders one-time authentication responses difficult to compromise, protecting users' entered credentials against phishing, key logging, brute force, Trojan horse and other spyware attacks. Moreover, the method's virtual reference grid and the scalable combinatorial capacity of the secret pattern provide high security against guessing attacks. The combination of these security and usability features enables stronger protection against known attacks, while delivering a simple and more engaging user experience.

The authentication method can be used as the single user authentication factor in any networked environment embracing computers, mobile devices, smart cards, or other terminals including, Point-of-Sale, ATM, VoIP or touch screen display. It offers the high security found in hardware-based authenticators while preserving the cost-effective electronic mass deployment and the ease of use typical of passwords. Alternatively, it can be used in combination with a legacy password or another authentication factor, creating a two-factor "strong" user authentication solution.

This patent, along with other recently granted patents (US Patent & TTrademark Office, patent number 7,073,067, titled, "Authentication System and Method Based Upon Random Partial Digitized Path Recognition"; US Patent & Trademark Office, patent number 7,188,314, titled, "System And Method For User Authentication Interface"; European Patent Office, patent number EP1434408, titled, "Authentication System And Method Based Upon Random Partial Pattern Recognition"; and US Patent & Trademark Office, patent number 7,299,356 titled, "Key Conversion Method For Communication Session Encryption And Authentication System") provide for a protected intellectual property and technology foundation for the company's AuthGuard(R) authentication product.

AuthGuard(R) includes patented front-end authentication algorithms, and on the back-end, it utilizes the patented encryption key management system combined with the mutual authentication protocol. As a result, AuthGuard(R) versatile authentication product provides for different methods and levels of authentication which allow balancing security and usability requirements.

AuthGuard(R) product provides one-factor, layered, or multi-factor authentication that is electronically mass deployable, has scalable security, high usability and a low total cost of ownership. Authentication methods include enhanced password, graphical password, one-time challenge one-time response, out-of-band, one-time-pin and secure in-band authentication, integrated with CrosSecure(R) Authernative(R) Cryptographic Module that has been FIPS 140-2 certified by the National Institute of Standards and Technology (USA).

Authernative's granted patent adds to the company's patent portfolio solidifying the company's ability to provide innovative, secure and cost-effective user authentication solutions. With identity theft, cyber crime, and data breaches escalating to an all time high, enterprises, government agencies, online service providers, and consumers can benefit from AuthGuard(R) authentication product to secure access to networks, extranets, portals, applications, data and devices.

Comments: (0)

Comment on this story (membership required)

Related company news


Related blogs

Create a blog about this story (membership required)
Visit info.nice.comVisit https://secure.vasco.comVisit http://go.jumio.com/finextraAd

Top topics

Most viewed Most shared
Calmejane quits Lloyds Bank to join SocGenCalmejane quits Lloyds Bank to join SocGen
11345 views comments | 5 tweets | 7 linkedin
Metro Bank opens developer portalMetro Bank opens developer portal
9974 views comments | 5 tweets | 14 linkedin
Anything Visa can do...Mastercard takes time outAnything Visa can do...Mastercard takes ti...
9600 views comments | 6 tweets | 15 linkedin
Mastercard enlists Worldpay to push Vocalink's Pay by Bank appMastercard enlists Worldpay to push Vocali...
9094 views 19 comments | 14 tweets | 30 linkedin
Hong Kong plans September go-live for blockchain-based trade financeHong Kong plans September go-live for bloc...
8615 views comments | 9 tweets | 17 linkedin

Featured job

Find your next job