As the Internet and the numbers of users, of the Internet, continue to grow, measures to enhance security are becoming more important. Websites, service providers and users alike are employing new technologies and protocols to better safeguard sensitive information and reduce the incidence of online identity theft and/or fraud.
A number of websites are improving security measures by incorporating two-factor authentication methodologies into website access protocols. Authentication methodologies generally involve one or more of three basic factors: something the user knows (e.g. username, password, personal identification number (PIN), answers to challenge questions, etc.); something the user physically possesses (e.g., ATM card, token device, smartcard, etc.); and some user characteristic (e.g., user biometric characteristics, such as fingerprints, facial characteristics, DNA sequences, retina patterns, etc.). While many websites may require only a single authentication factor, such as a knowledge-based authentication factor (e.g., something the user knows), an increasing number of websites are beginning to require two-factor authentication and issue authentication devices, such as tokens and smartcards, to registered users to comply with the second, physical authentication factor (e.g., something the user physically possesses). The form factor of a typical device may allow a user to attach a token device to the user's key chain or to secure a smartcard in the user's wallet or purse.
While a device, such as a token and/or smartcard, may provide for effective second-factor authentication, a particular device only works with the particular issuing website. Moreover, because methods of implementing devices are not widespread, standardized and/or universally implemented, websites requiring two-factor authentication may incur the considerable expense and resources to procure, issue and/or administer website-unique devices. Consequently, users may accumulate increasing numbers of website-unique devices and may need to bear the burden of possessing, transporting, managing and using multiple devices, of varying types and protocols to access a number of different websites.