Protecting against cybercrime and cyber-terrorism is extremely important. Consumers and businesses are subject to security intrusions where their passwords, bank information, social security numbers and other private information are being stolen. The challenge of protecting a user's identity and authenticating a user with third party applications like email, banking websites and social media sites is becoming increasingly difficult.
Two-factor authentication is a common way of protecting a user when he or she is logging into a system that requires elements such as a username and password. Two-factor authentication requires the use of a second factor in addition to a first factor, where the first factor is typically a user's password, to log into third-party applications. With traditional two-factor authentication techniques, the second factor typically consists of a numeric code that is either sent to a user via SMS or provided to a user through a soft or hard token (e.g., a key fob which contains a numeric display).
Traditional two-factor techniques, however, are often cumbersome for the user since they require the user to engage in an additional manual input step to authenticate with the third party application (e.g., manual entry of the key code from the token into the input screen of the application) in addition to entering the username and password, in order to gain access to the application. Often, two-factor techniques require a user to carry an additional “token” or device to display the second factor. However, this method is inconvenient and cumbersome since it reduces the convenience of the user and increases the amount of time required to gain access into a user's applications. Another method of two-factor authentication is with the use of biometrics. Under this method, a user's second factor may consist of a fingerprint, a retina/eye, voice or facial recognition techniques—instead of using a passcode from a soft or hard token. However, biometric authentication techniques are subject to reliability issues and have hardware limitations since this technique can only be utilized on devices that support biometric measurements and authentication software.
Accordingly, it is desirable to provide a user defined identity verification system and method that provides security, but which overcomes the deficiencies of the prior art.