1. Field of the Disclosure
Embodiments of the disclosure relate in general to the field of computers and similar technologies, and in particular to software utilized in this field. Still more particularly, it provides a system, method, and computer-usable medium for providing multi-factor authentication of a user of a wearable user authentication factor.
2. Description of the Related Art
Today, the threat of identity theft and fraud is pervasive and its prevention has become a growing concern. This threat is not just limited to the financial industry—it can adversely affect all aspects of commercial and consumer activities. Simply put, identity theft is where a first party poses as a second party by using information associated with a second party to commit a fraudulent act with a third party. The third party believes that the first party is who they claim to be because they are using information that generally would only be known by the second party. A common solution to preventing identity theft is the use of authentication credentials that prove the identity of the user.
There are numerous approaches to the implementation of authentication credentials. Some of these approaches are simple, yet vulnerable to compromise. Others, such as a public key infrastructure (PKI), which uses various combinations of public and private cryptographic keys in a network environment, are complex, costly to implement, and difficult to maintain. Furthermore, as identity thieves and the technologies they employ become more sophisticated, such systems become more prone to compromise as well. In recent years, there has been a growing awareness that any single means of authentication is insufficient to prevent identity theft and fraud. Accordingly, there has been a movement to the adoption of multi-factor authentication, which combines multiple methods, or factors, of authenticating a party. Authentication factors used in multi-factor authentication are typically something a user knows, such as a personal identification number (PIN), something intrinsic to the user, such as a biometric indicator, and something the user possesses, such as a physical article comprising a unique identifier.
However, current multi-factor authentication approaches have their own attendant issues, one of which is ensuring that the physical factor, such as a payment card, a smart card, a USB dongle, or a one-time password-generating token device, is always available for use. Due to their unattached nature and small form factors, these devices will often be left behind, lost, or worse, stolen. Furthermore, many of these devices are dedicated to a single authentication action. As a result, the user is required to not only carry multiple articles, one for each authentication action they may anticipate, but remember which article is used for which purpose. For example, the user may carry a smartcard for access into a restricted physical facility. Once inside the facility, a USB dongle may be required to access a secured information processing system, which once accessed, requires a one-time password-generating token device for the user to then gain access to a restricted information repository. If the user decides to leave the facility for lunch, then an ATM card may be required to get cash from an ATM machine. After leaving the facility for the day, the user may wish to make a purchase with one of several payment cards they may be carrying. Accordingly, making sure that the right authentication article is available at the right time, at the right place, can prove challenging.