The present disclosure relates to systems and methods for enabling secure user authentication.
Credentials may be used to gain access to information and/or computing resources (e.g., servers, storage devices, files, and computing applications). In one example, an end user of a mobile device (e.g., a tablet computer or smartphone) may provide user credentials, such as a user identifier and password, in order to gain access to native applications, web-based applications, or cloud-based applications accessible using the mobile device. In another example, user credentials may be used to access an online bank account or to facilitate an online transaction to purchase goods or services using the Internet. The user credentials may include a personal identification number (PIN) or PIN code. A PIN may comprise a static PIN that does not change over time or a dynamic PIN that changes over time (e.g., a new PIN may be used for every transaction). In some cases, multi-factor authentication may be used in which more than one credential is required in order to gain access to applications running on the mobile device. For example, two-factor authentication may require the end user of the mobile device to provide two authentication factors before gaining access to the applications running on the mobile device. An authentication factor may comprise a knowledge factor (e.g., something the end user has knowledge of such as a password), a possession factor (e.g., something the end user has possession of such as a smart card or security token), or an inherence factor (e.g., something inherent only to the end user such as a biometric characteristic). Biometric characteristics may comprise distinguishing characteristics of the end user such as a fingerprint, a voice characteristic, or a facial characteristic.