The disclosed embodiments relate generally to authentication technologies. More particularly, the disclosed embodiments relate to authentication platforms and methods that can be used to add one or more authentication mechanisms to an existing authentication system.
Authentication systems are commonly used to regulate access to secured entities such as confidential data, private real estate or equipment, personal electronic devices, and so on. An authentication system generally requires a user to present some form of authenticating information, such as a pass code, a personal token, or biometric data. The system then verifies the received information, e.g., by comparing it with stored data, and authenticates the user upon successful verification.
To provide enhanced security, some authentication systems require a user to present multiple types of authenticating information. These systems are often referred to as multi-factor authentication systems. In one common example, an automatic teller machine (ATM) requires a user to provide both a personal token in the form of a magnetized bank card, and a pass code in the form of a personal identification number (PIN). Some systems may further require the user to provide a third type of authenticating information, such as a fingerprint.
Notwithstanding current security measures, many authentication systems are susceptible to breach due to persistent and increasingly sophisticated threats from hackers, thieves, and others. Moreover, these threats tend to adapt to current technologies, making it difficult to maintain a consistent level of security with the same authentication system. Accordingly, most authentication systems are updated periodically to keep pace with evolving threats.
Unfortunately, such updates can be expensive and tedious. For instance, they may require new device hardware, software upgrades, issuance of new user tokens or pass codes, and so on. Additionally, certain updates are required to comply with security regulations or standards, creating further complications. For example, changes to electronic banking security can be subject to bank security regulations and standards, which can further complicate the task of maintaining updated security.
In view of these and other challenges, authentication systems continue to be an area of active research and development.