Today, a majority of accounts registered with online service providers are not authenticated. Any entity can access an online service provider site and create an account thereon based on whatever information is provided by the entity. The provided information can accurately represent who the entity is when the entity registrant is truthful during account registration. However, the provided information can also be falsified such that the account appears to be registered to someone other than the true registrant. For example, anyone can create a Facebook® account claiming to be a celebrity, politician, or other prominent figurehead and then begin disseminating information on behalf of that entity. In other words, it is relatively easy to hijack the account of another, provide falsified information that misleads others, or commit fraud.
For these reasons, there is a push to authenticate entities online. Different online service providers have tried various authentication methodologies. However, some of these methodologies fail to curb fraud and falsified account registration because the information used for the authentication is obtained from a source that is itself subject to fraud or falsified information. For instance, some online service providers rely on linking a registered account with another existing account at another service provider. For example, in order to create an account at a first online service provider, a registrant may be required to provide an address for an email account that is registered with a second online service provider. The first online service provider then sends an activation email to the email account and the account is only activated when the registrant invokes a link in the activation email or returns a verification code from the activation email to authenticate that the registrant has access to the email account. This methodology does little to prevent fraudulent registration of accounts as the linked account can be falsified just as easy as the account being registered.
Some online service providers store confidential information about an entity as part of an account registered by that entity. The confidential information is then used to generate a series of challenge questions that are presented to an entity claiming to have forgotten or lost a username, password, or other access credentials to the registered account. While this methodology prevents others from accessing an account of another once that account has been registered, the methodology does little to prevent an entity from creating a fake account or from registering an account that hijacks the identity of another. Also, the provided information is typically limited such that only a few challenge questions can be generated. With such a small set of challenge questions, a perpetrator can discover the right answer by guessing or by obtaining the answers from other sources.
Some online service providers perform their own independent authentication. The independent authentication can occur by way of a telephone contact or by requiring the registrant to submit identification information that confirms the information used in registering an account with the online service provider. While effective, this methodology is expensive to deploy in terms of cost and time. Many potential registrants may be dissuaded by the extra effort needed to submit the supplemental authenticating information and may therefore look to competing online service providers that provide a simpler registration process.
Accordingly, there is need to provide effective, comprehensive, and unobtrusive authentication for entities registering or using unauthenticated accounts at different online service providers. There is a need for the registration to occur using verified information without the inconvenience of acquiring the verified information from the registrant whenever the registrant attempts to register a new account. Accordingly, there is a need to provide a single system with which to authenticate an entity across different platforms of various online service providers.