Authentication of a user requesting access to a system is generally necessary to ensure access is limited only to authorized users. Systems that store personal or confidential information generally require one or more forms of authentication before a user is granted access. Authentication typically involves requiring a user to present evidence that the user is who he or she purports to be. Different types of evidence may be required. The number and/or type of evidence is an authentication “factor.” Traditional authentication generally requires a user to present a password before access to a computer system is granted. However, passwords offer only a single piece of evidence (i.e., one factor) of a user's identity. Moreover, data breaches and identity theft often expose this type of data, enabling unauthorized users to acquire credential information necessary to access protected systems without permission.
Multi-factor authentication improves system security requiring users to present two or more factors before access is granted. Multi-factor authentication improves a system's confidence that the user is who he or she purports to be before granting access. Existing methods of multi-factor authentication often require factors that can be categorized as one or more of the following: evidence of something known to the user, evidence of something owned by the user, and/or evidence of something about the user. One example of two-factor authentication requiring data known only to the user may include a password (factor one) and an authentication phrase or challenge question (factor two). A multi-factor authentication example requiring evidence derived from something owned by the user may include requiring a password (factor one) and a security code that is sent to the user's mobile phone and/or obtained by a number-generating security token (factor two). A multi-factor authentication example requiring something about the user may include requiring a password (factor one) and a biometric identifier from the user, such as a fingerprint or facial scan (factor two). An aspect of multi-factor authentication is that it may require the user to present evidence derived from different sources, or evidence provided via separate communication channels. This makes it more difficult for an unauthorized user to acquire necessary authentication information because information is not derived from the same source or provided through the same line of communication. As a result, it becomes more difficult to obtain or intercept the data, and thus reduces instances of successful hacking attempts and unauthorized system access.
In view of existing multi-factor authentication methods, the present disclosure provides new methods and systems for multi-factor authentication that utilize evidence derived from a vehicle that is associated with the user. A vehicle and its associated data form a physical factor (e.g., something owned by the user) that is difficult to obtain or otherwise acquire without authorization. Combined with additional factors during a request for access, such as a password or fingerprint data, data derived from a vehicle improves system security beyond existing methods. Data unique to the vehicle, data unique to the user and associated with the vehicle, evidence of a communication link between the vehicle and user (or system) during authentication, and/or proximity of the user to a vehicle during authentication are examples of some of the vehicle-based evidence of the present disclosure.
Given the prevalence of privately-owned vehicles, their increasing computing power and technology, and the fact vehicles are often in proximity to a user and difficult to acquire (or move without authorization from the user), requiring evidence of data associated with a vehicle improves system security. Data from the vehicle or data associated therewith offers an authentication factor derived from a distinct data silo that may be provided via a separate communication channel to confirm that the user is who he or she purports to be. The present disclosure thus provides improved information security for secure systems by disclosing improved authentication methods and determining an authorized user with a high degree of confidence.