Authernative, the leading developer of innovative user authentication and identity management technologies, announced today that the United States Patent Office has granted the company a patent for a user authentication method.
The newly issued U.S. Patent No. 7,849,321, titled "Authentication method of random partial digitized path recognition with a challenge built into the path" adds to Authernative's array of authentication methods based on random partial pattern recognition algorithms. It advances the security of Authernative's pattern based one-time PIN technology to provide a "what user knows" two-credential authentication.
With Authernative's Passline pattern-based one-time PIN solution, the user's credential is a secret pattern on a virtual grid of cells. During each login session, the digital content on the grid is randomized and the user is challenged to enter the content from the randomly specified set of positions of his pattern. The newly patented Crossline(TM) technology extends the above method by concealing the location of the challenge inside the grid as a second "what user knows" secret credential. The combination of two secret credentials on the grid having randomized content, used to generate a one-time response, surpasses the security of one-time PIN tokens.
Dr. Len Mizrah, President and CEO of Authernative said, "This technology fills a security gap that afflicts existing knowledge based authentication solutions, such as passwords or security questions, without the need to carry a token, a smart card, mobile device or any other authenticator, and without threat of credential compromise. Moreover, unlike a combination of a PIN and token, where the PIN is static and the token is displayed to anyone in its possession, Authernative's patented technology reliably veils both credentials."
The newly patented Crossline(TM) technology has a variety of applications. For example, the Crossline(TM) can be used by a field operative to securely access an online resource without having to carry a separate device, which could compromise the operative or access to the resource. Similarly, a consumer can use the Crossline(TM) at an internet café to ststrongly authenticate himself without anything more than his theft-proof knowledge-based secret. While, an enterprise employee can use the Crossline(TM) to gain secure access to the network from anywhere in the world. Or a bank or healthcare provider can offer Crossline(TM) for security conscious users without added costs or inconvenience.
This user-centric authentication method provides a common user experience from all networked devices including computers, mobile devices, smart cards, set-top-boxes, Point-of-Sale, ATM, VoIP terminal or touch screen displays. It provides stronger security than hardware-based authenticators while preserving the cost-effective, electronic mass deployment and ease of use typical of passwords.
The technology is part of the AuthGuard versatile authentication platform offering different methods and levels of authentication to meet a range of security and usability requirements. AuthGuard provides one-factor, layered, and multi-factor authentication that is electronically mass deployable, has scalable security, high usability and low total cost of ownership. AuthGuard patented authentication methods include enhanced password, pattern-based one-time PIN, out-of-band, and mobile client solutions. AuthGuard(R) is also integrated with the FIPS 140-2 certified Authernative Cryptographic Module and utilizes a patented encryption key management system combined with a mutual authentication protocol.
Authernative's granted patent adds to the company's patent portfolio solidifying the company's ability to provide innovative, secure and cost-effective user authentication solutions. With the increase in advanced persistent threats, identity theft, cyber crime, and data breaches, enterprises, government agencies, online service providers, and consumers can benefit from AuthGuard(R) authentication product to secure online and mobile access to networks, cloud computing and SaaS.