Mutual authentication systems and methods are known that attempt to authenticate a user or recipient of information that is being provided by a content service provider or other target resource that is, for example, accessible through an on-line communication link such as through the Internet, an intranet, or any other suitable wireless or non-wireless network. Such methods and apparatus attempt to thwart malicious exploits by hackers and others that attempt to steal a user's identity. For example, a malicious entity may send an email using the address of a legitimate bank and direct the recipient to a “counterfeit website”. The recipient, believing that it is a legitimate site, may be tricked into providing information such as an account number and password that can be used by the malicious entity to access the recipient's online account. The problem may be particularly acute in the consumer world where conventional methods of online mutual authentication may be very complex, typically requiring expensive hardware deployment and complex user interactions that make such mutual authentication techniques impractical. As such, it would be desirable to provide a system and method that allows the confirmation of users or recipients that are accessing an intended target organization, (i.e. sending entity) in a relatively inexpensive but secure manner.
Two factor authentication techniques are known that, for example, use a first authentication factor to authenticate an end user's identity and a second factor that is used for authentication to supplement the user name and password typically used in the first factor authentication. The concept of a second factor is that a user can authenticate using something that they know (e.g. their password) and something that they have (e.g. the second factor which may be, for example, a hardware token). Typically the second factor mechanisms are hardware based and are physically distributed to the end user. For example, time synchronous tokens are known and are sometimes referred to as multi-factor authentication techniques. Several known techniques are described further below.
Also, various methods for performing authentication of a target organization in connection with Internet applications are known that include, for example, secure socket layer server authentication which provides certification from a trusted third party based on the identity of the organization hosting a given web application. However, this can require the user to perform the manual step of double clicking on an on-screen icon and reading through information. The requirement of manual action often precludes it from being performed consistently and, thus, undermines the effectiveness of the method. In addition, client security plug-in applications are also known that involve an end user downloading and installing client side software which provides a visual indication of when the user is communicating with the legitimate site. However, it can be burdensome for end users to download and install software or to go through several manual steps to confirm the identity of the target organization.
In addition, both user and target organization authentication methods can be impractical when extending to other channels of communication such as interactive voice response systems or communication through mobile devices, such as cellular phones, personal digital assistants, Internet appliances, or other mobile devices, as they can rely on a user display and entry methods unique to web based applications.
Ensuring that a sent email message or other electronic message has been sent by a sender that can be trusted, also referred to as being authentic, helps ensure against theft of important information by unscrupulous parties and can help limit spam and phishing. Phishing is a form of Internet fraud that usually involves the mass sending of emails that appear to be from a legitimate organization such as a bank or other financial institution or other organization. These emails often direct the recipient to a fraudulent website or form where he or she is tricked into divulging personal or financial information. An alternative phishing attack may not ask for such information but, upon entering the URL, it may execute a download of a keystroke-logging program that lets the phisher harvest information from the recipient's machine. The information can then be used for identity theft and fraud.
Phishing attacks can be costly and can drain a company's resources since, for example a large number of attacks can be run against target companies in large volumes and billions of phishing messages can pass through filtering systems that can slow down email delivery, use up valuable processing times of servers and can ultimately result in the loss of important financial data to unscrupulous parties.
Several solutions are known that attempt to address this problem. Because phishing attacks often begin with large volumes of email sent from a forged sending address, efforts to reduce spam email may be somewhat effective in reducing the number of phishing attacks. For example, in one method referred to as Sender Policy Framework, an originator of a message or originator domain publishes in a directory or other suitable form legitimate sending computer addresses which are verified by receiving message transfer agents. The message transfer agent may verify a received message via a DNS server (domain name server). However, this technique can require widespread adoption of SPF-enabled message transfer agents which can potentially be costly to implement and deploy.
Another technique referred to as Coordinated Spam Reduction Initiative again requires originators in an originator domain to publish legitimate sending computer addresses which are verified by receiving message transfer agents in a relatively similar manner as described above.
Another technique requires domains to digitally sign email which is verified by the receiving message transfer agent via DNS servers. Again, this can require the widespread adoption of modified versions of message transfer agents.
Another technique uses the S/MIME protocol wherein sending individuals or domains digitally sign emails that are verified by receiving incoming message transfer agents or user email clients. This can require special email client features or recipient message transfer agents that are not currently supported in web based email clients.
Another technique employs secret images that are shared between a sender and a recipient. As understood, a personalized image is sent by a user to an authentication server. The server stores the recipient sent image. The authentication server may then send the personalized image to the recipient with an email and the user seeing the image recognizes that it is the one he or she sent. Also, during logon to a site, the server may include the image in the logon page so that a user trusts the login page when the user sees their personalized image (see e.g., www.passmarksecurity.com). Among other drawbacks, this system appears to use the same image for multiple logins until the shared image is changed and may require the recipient to choose and send the image to a sending server.
In addition, other systems are known which attempt to provide, instead of sender authentication, recipient authentication. For example, U.S. Pat. No. 5,712,627 discloses, among other things, an issued identification card that has indicum at one of the addressable positions on an assigned card. The card may have rows and columns with different numbers, characters or symbols that are addressable by the rows and columns. To determine whether a person seeking access to data is authorized to obtain requested access, the identification card is distributed to authorized users. A requesting person seeking access provides the indicia at one or more addressable positions on the card as specified by a security system. To notify the person which indicum to enter and send back, the system selects coordinate indicia known to be present on a particular card. The recipient must then send back the indicia located at the address sent by the security system. If the indicia matches that assigned to the person seeking access then access is granted. However, such systems do not resolve the problem with respect to phishing since the system provides authentication of a receiver and not a sender and requests that a person seeking access identify themselves to the system and the system requires entry and sending by the user of information located on the security card.
Other authentication systems are also known that have been employed, for example, in the military, numeral cipher/authentication systems have been used that employ cards that are held by a sender and recipient. A transmission is authenticated for example by using a challenge and reply authentication scheme. A sender of an electronic transmission for example may use the card and randomly select a row and column and transmit the row and column identifiers as a challenge. For a reply, row and column identifiers are used to look up an alphabetical letter which is then communicated back. As such, the sender can be assured that the receiver is in possession of a card. However, the authentication of the sender to the receiver is typically done by repeating the same challenge and reply in reverse, and both sender and receiver must be in possession of the same authentication card to achieve mutual authentification.
Another technique also uses a card that includes rows and columns of information on both the sender and receiver side, however, this transmission authentication scheme is used to authenticate transmissions. For example during transmission authentication, columns of transmission authentication diagraphs are located on the back of a cipher table and used to authenticate a sender. Column assignments are made by a designated representative such as a commander of a unit. The column assignments are known to both the sender and receiver apriori. Transmission authentication diagraphs are used only once. The first unused authenticator in the assigned column is used and a line is drawn through that authenticator to preclude its reuse. Such schemes do not utilize a random selection of information on the card and do not utilize the sending of coordinate information since the column information is known apriori. As such, only the authentication information is apparently communicated. If the sender sends authentication information and it is valid as determined by the recipient, the recipient crosses the authentication information off the card. The next time authentication is required, the next authentication information in the same column is then used. As such, a sequential and non-random approach is used. However, if the authentication card of a recipient is lost or obtained by an unscrupulous party, they would know how to act as a sender since they know which authentication information is next in the column since no random selection is utilized and since the card has markings thereon. In this system no coordinate information is sent since the column of information used to authenticate a sender is made known apriori to the sender and receiver. In addition, if the receiver does not receive the sender's transmission, the synchronization between the sender and receiver would be lost which may cause subsequent authentication attempts to fail.
Also, information security and user identification security are becoming increasingly important as technology becomes more sophisticated. For example, multi-factor authentication schemes are used in an attempt to thwart hackers or to thwart other inappropriate uses of information and user identities. For example, a two factor authentication scheme may use information known to a recipient or user such as a password or personal identification number (PIN) as well as some type of physical token such as a banking card, credit card, password token or other physical token which a user must be in physical possession of in order to initiate and complete an on-line transaction. Another level of authentication may include biometric authentication that may include the scanning of a fingerprint, eye or other biometric to again verify that the user attempting to gain access to a process, device, application or other right is in fact the appropriate user.
Transaction cards are known that may include for example smart cards, magnetic strip-based cards, and other transaction cards that facilitate banking transactions, credit card transactions, or any other suitable transactions. As known in the art, a user personal identification number (PIN) is usually required in addition to the possession of a banking card to obtain cash from a cash-dispensing machine or to otherwise carry out an online transaction. One known multi-factor authentication technique employs the use of a hardware token such as a battery operated smart card that displays a periodically changing and seemingly random number on a portion of the smart card. When a user wishes to execute a transaction with the smart card, for example, the user enters the seemingly random number that changes often. The receiving transaction server compares the received code entered by the user as displayed on the smart card with a corresponding number generated by a code source generator. If the code entered by the user matches the number generated by the code source generator, the transaction is approved and the user is granted a particular right such as accessing a bank account, purchasing goods, obtaining information, gaining access to a website or other software application, or any other suitable right as desired. However, such hardware tokens can be quite expensive and are battery powered thereby requiring changing of the battery and the potential of an electronic malfunction due to moisture problems or any other problems related to electronic circuitry.
Other smart cards that do not employ such screens typically require a card reader that reads, for example, a magnetic strip. This can be a restriction where a user wishes to perform an online transaction but is not sitting at a terminal that contains or has access to a magnetic strip reader.
In an apparently unrelated field, translucent cards are known such as plastic cards that contain a semi-transparent picture or pattern that when visually evaluated does not appear to connote any particular information. However, when the translucent card is held over a display with a corresponding background filter pattern, the combination of the pattern on the card with the background pattern on the display screen combine to present a visually recognizable message or word such as the word “sorry” or “you're a winner”. These are static messages which are not unique to any user and typically include only a single message. Such plastic cards may be used for example to see if a holder has won a prize. The card for example may be mailed in the mail to members of a population. Those recipients then go to a web page identified on the translucent card or otherwise indicated in the mailing information to see if they have won a prize. However, such plastic cards do not provide multi-factor authentication, are not user specific, do not include multiple messages and typically include static messages.
Currently, second factor authentication involving an article may contain a collection of randomly generated symbols, as described above. As also described above, a sender of a transmission may use an article and randomly select a row and column and transmit the row and column identifiers (data challenge elements) as a challenge. For a reply, row and column identifiers are used to look up corresponding sender authentication, which allows the person with the article to authenticate to the sender. However, a potential threat exists if an attacker can see both the challenge data elements (such as grid coordinates) and the reply (user's responses to the challenge). As the attacker sees more user authentications, he or she learns more about the contents of the article, thereby increasing the attacker's ability to successfully impersonate the user.
Correspondingly, in the case of sender authentication, a similar potential threat exists. In this case, a sender would transmit to a user sender authentication information such as article location information and the corresponding sender authentication information that is locatable on the article at that article location information. For example, in one embodiment a sender could send row and column identifiers and the numbers or alphanumeric characters to be found at those locations. By providing this information, the sender demonstrates to the user that the sender is a legitimate sender because it knows information that should only be known by the sender and the user. However, an attacker intercepting the sender's transmission could learn information about the contents of the card. This information could be use to increase the attacker's ability to impersonate the sender and/or the user. Accordingly, careful selection of sender authentication transmissions and user challenges is important to attempt to address this risk.
Currently, one known technique used to generate a challenge is random generation. The challenge data elements are chosen uniformly at random, meaning that all possible challenge data elements have an equal chance of being chosen. Despite the strong security of such systems, for each successful, and in some cases unsuccessful, authentication operation an attacker has observed, the probability of a successful impersonation increases. The impersonator/attacker must be patient enough to get a randomly generated challenge that corresponds to challenge/reply sets he or she has observed. The probability of successful impersonation decreases exponentially with the number of grid coordinates (challenge data elements) not known to the attacker that appear in the present challenge. Therefore, a need exists to provide a mechanism for generating challenges that decrease the probability that an attacker has seen all of the challenge data elements and corresponding sender authentication information, thereby increasing the effective security of the article (e.g. card) over its useful life.
Accordingly, a need exists for a method and apparatus that overcomes one or more of the above problems.