1. Field of the Invention
The present invention generally relates to authentication for mobile applications and, more specifically, a security application that is independent of client applications on a mobile device using a secondary out-of-band channel for authentication, in contrast to the normal transmission channel normally used by applications on the mobile device.
2. Description of the Related Art
Conventional mobile client applications request data and services from network-based or server-based systems (hereinafter referred to as “network services”). Often these network services contain sensitive data or provide sensitive services that require that the user of the mobile device provide security credentials to the network services.
However, the ability for a mobile application to adopt a wide range of authentication challenge-responses is intractable, meaning that it is impractical or impossible, especially for the adoption of emerging technologies in mobile contexts, such as biometric or geolocation authentication, where the authentication protocols are not yet standardized.
Therefore, mobile devices create both new opportunities and new challenges for the authentication function. On the one hand, the readily-available sensors provide opportunity for new authentication credentials, such as biometrics and context of the device. On the other hand, the ability for existing mobile applications to dynamically adapt to support a wide range of ever changing authentication challenge types remains impractical or impossible, particularly for adopting new authentication technologies.