1. The Field of the Invention
The present invention relates generally authenticating users. More specifically, embodiments of the present invention relates to methods and systems for managing multifactor user authentication for use with multiple account providers.
2. the Relevant Technology
Computers and computing systems have affected nearly every aspect of modern living. Computers are generally involved in work, recreation, healthcare, transportation, entertainment, household management, online banking, shopping, etc. The functionality of computers has also been enhanced by their ability to be interconnected through various network connections.
The increased use of computers is accompanied by the need for increased computer security. Many computer systems and networks require that a user perform an authentication process prior to accessing the services provided by the computer system or network. Authentication is a way to ensure that the user who attempts to perform functions in a computer system or network is in fact the user who is authorized to do so. Common examples of access control involving authentication include withdrawing cash from an ATM, controlling a remote computer over the Internet, using an Internet banking system, purchasing items over the Internet, and the like.
An authentication procedure typically requires a user attempting to gain access to the computer system or network to pass one or more tests. For example, many computer related authentication procedures require the user to submit a username and password. If the username and password proffered by the user match a username and password stored at the system the user is attempting to gain access to, the system authorizes the user to access certain content on the system.
The above example, where a user is required to submit a single password in order to authenticate, is commonly referred to as a single action authentication, meaning that the user is only required to submit a single form of authentication (in addition to the username) in order to authenticate. Single-action authentication is often problematic because the single form of authentication can easily be intercepted, lost, or stolen. Multi-factor authentication has been introduced to provide an additional layer of security by requiring another form of authentication.
One example of multi-factor authentication requires a first form of authentication, which is generally something that the user knows, and another form of authentication, which is generally something the user possesses. For example, the first form of authentication may include a username, password, or combination of a username and password. A second form of authentication may include a small token device which is carried by the user. The token device may include a compact electronic device, such as a keyfob, a smartcard, a USB device, cell phone or the like, which displays information to the user. By entering this information into the system, the user proves that he or she is in possession of the information provided by the token device. If the first and a second form of authentication are correct, the user is authenticated.
One drawback of using a token device to perform multi-factor authentication includes the cost of distributing the token devices. For example, in many instances, each token device may cost $100.00 or more. When considering that each organization employing multi-factor authentication often has thousands of users, and each user may potentially need a separate token device for each of the user's accounts, the cost of using token devices to perform multi-factor authentication may be prohibitive.