The above applications relate generally to secure commerce over a networked community where security is a critical component. Specifically the security component around authentication has been a challenge to address with the masses due to the need to balance stronger authentication with the need for portability, low cost, human engineering, and ease of use. Many approaches to strong authentication are intrusive to the user, costly to implement and manage, limited in portability, and limited in functionality. Some examples include the popular secure ID (by RSA) approach to two factor authentication, the token approach (local or device driven), or many recently announced heuristic techniques using both customer activity and forensics associated with the device or computer and the network to which it is attached.
The present application relates to a common authentication service (CAS) incorporating an authentication library model, an authentication library selection criteria, and usage correlation for strong self service authentication over network connected applications, devices, users, and web services.
There is a market need for a unique authentication approach that addresses the requirement for strong authentication at any self service devices while reducing the threat posed by many common attacks. At self service channels a human dialog can not take place where a challenge can be made using data unique to the caller and relationship. In addition, at attended channels a mechanism is needed where data created and used for authentication is isolated from access by participants.
Some common attacks include Phishing (via email or spoofed web site), key board loggers, and man in the middle attacks as well as internal fraud. Current approaches are either limited in their ability to counter common attacks, are costly, labor intensive, limited in portability, or place unacceptable burden on the user. The solution of the invention addresses this need by establishing a unique authentication process as a multi-factor authentication mechanism that is easy for the user, low cost to implement and support, highly reliable, easily integrated with current systems, and flexible.
Current government mandates for stronger authentication for web based access are pushing this issue and posing challenges to current market available multi-factor approaches. Current solutions are costly and difficult to manage across millions of users, and multi-device/application environments. An example of the need is the recent government announcement requiring banks to establish stronger authentication models for internet baking customers. Current approaches are lacking in many areas. For example many of the common two factor token based approaches are expensive and intrusive to the users. In addition, using a token or secret stored on a machine or device often limits portability and can have significant deployment and support costs.
Threats to this group of users include both direct and indirect attacks. As a result there is a need for a strong flexible authentication approach to address this need that can be used at self service channels as well as agent attended channels.
This invention is applicable to any electronic interface where strong user/device or participant authentication is needed. The invention is a specific example of the security service described in previous applications mentioned earlier by applying a common security service for strong authentication. The invention brings automated customer centric strong authentication to all customer interaction points with a specific focus on self service interaction points and devices. Exposed as a service, the invention can be used at many different devices, interaction points, users, where the behavior of the service adjusts to the specifics of the authorization activity. Selections from the authentication library can be tailored to the request and subsequent responses to one or more authentication challenges and can maintain correlation between the creation of an authentication challenge and its use at a self service or attended channel. This feature assists in addressing internal and external fraud unlike any other approach available today by assuring that information may not be compromised by the initialization process or the attended channel agent.
In one example the invention is a significant enhancement to an approach that has been in use at agent attended customer interaction points for years. For example, in a call center, the caller is often challenged by the customer service agent with information that is unique to the caller, caller's account, or other specific information not readily known to someone other than the caller and the call center agent. This provides a level of assurance that the caller is who they say they are and is not something that can be easily spoofed or intercepted and used to impersonate the customer. A growing problem even with this approach is the need to assure the challenge data is unique to the parties of the transaction and it is tracked and managed specific the authentication process and business compliance needs. Often Social Security Number, date of birth, place of birth . . . etc. are used. With the proliferation of the internet and broad access to data, these challenges are proving inadequate because the information is readily available or gathered through a phishing activity. In addition, these elements are not suitable for use in self service channels and require interaction with an attendant or call center agent. Another problem with this approach is the inability to protect certain challenges from use at attended channels versus non-attended channels. The invention's ability to correlate this also combats internal fraud by assuring that attended channel customer service agents have limited or no access to self service challenges that are unique to the authenticating party. This feature of the invention allows for the use of a strength value (SV) in determining what authentication library enter to use for a given authentication activity. In this manner dynamic selection is supported from the invention.
There is a need for an authentication service where the service can be used at self service channels for strong authentication. To accomplish this the invention includes a process model to establish an authentication library and process model for the use of data from the library such that its use provides a significant enhancement to current authentication models without requiring user authentication to be device specific or the user to carry a token, bio metric reader, or key fob. For certain circumstances such measures may be combined with the invention as additions to the authentication library to provide even stronger authentication than what is possible within a single method. The advantage of a common authentication service is that it can select from many credential options based on factors that include but are no limited to device making the request, initial credential presented, request being made, risk profile of the activity, attended or self service channel, wireless or wired . . . etc. This information in combination with a authentication library and other credential stores provides a strong, cost effective, customer friendly method for authentication that counters common attacks.
The invention includes an audit trail, origination data, and history of activity for compliance reporting and for assessing the strength of a given set of authentication activities. A unique feature of the invention is the collection of data that provides for the creation and use of a SV to determine what authentication library elements are appropriate for a given authentication request or series of requests. For example, an authentication challenge that is unique to the customer and not available to a customer service agent would have a higher SV value than one that was available to a customer service agent. Likewise, by combining a user ID and password with a random selection from a user defined authentication library would provide a better SV than something common like address, maiden name, Social Security Number, amount of last transaction . . . etc.
The present invention includes a CAS and process model that allows for integration to current authentication processes.
The present invention includes a authentication library and access methods such that the compromise of a traditional credential such as user ID and password does not compromise the system or user. The present invention also includes a process model for use and creation of authentication library entries where a SV can be used to correlate what libraries are best for a given activity, device, user, access method . . . etc.
The use of a SV value provides for a unique level of audit that includes life cycle elements around the creation of the initial authentication library entries, updates or adjustments to entries, and library use at various devices and channels.
At a self service channel there is no customer service agent to challenge the user and even if there was, over something like the internet, the challenge can be intercepted, keyboard logged, or otherwise compromised without the knowledge of either the customer or the organization they are attempting to authenticate to. In addition, with attended channels a person is acting on behalf of a user and can readily leverage access to credentials or characteristics specific to the user and provider to compromise the authentication process. In self service channels authentication is a challenging proposition due to the fact that all information used for authentication is communicated over the same in band communications channel with no human dialog. Also in this approach the interaction is typically limited to a single type or user input device.
For example using a biometric or multiple passwords is a good approach but is easily defeated by a common key board logger, man in the middle attack, or internet browser Trojan horse. This is especially true in the case of a shared computer or a community device where there is limited control over the device or what is running on it. In addition, in the case of using a bio metric, there is a need to have an additional biometric reader at the terminal or device. This limits portability and adds cost. For example if you go to a device that does not have the needed bio metric reader, the solution is useless.
Another common approach is to use a two factor authentication model where the user must have a key fob that also generates a random code sequence that is only know to the holder of the fob and the device they are attempting to authenticate to. This approach provides strong authentication but is costly to deploy and support. It is also intrusive to the customer and suffers from the out of synch conditions with the random code sequence on the fob vs the system they are authenticating to. It is also quite costly to deploy, invasive to the user, and costly to support over that of the solution of the invention.
Another approach is to store something on the device that the user employs to authenticate. This may include a secret token, cookie . . . etc that is specific the device and/or user. This approach suffers from portability limitations but, in combination with the solution of the invention can be beneficial.
Event specific processing for authentication is a key feature of the invention. Events including the creation, use, and function are all factors that are considered when using and managing the authentication library and CAS.
A CAS that is automated and auditable is needed that addresses the most common threats to authentication. Currently there is no mechanism to create, track, manage, and report on multiple authentication challenges used across more than one network attached device type and/or user type for one or more applications and/or Service Oriented Architecture (SOA)/Service Oriented Network (SON) implementations.
A unique feature of the solution is that it works for any customer interaction point and more specifically the self service device where the device is connected to a network and communicates to one or more applications or devices connected to the network to effect the authentication of a user. This need is especially important for high value information. For such activities secure interaction and compliance reporting is needed such that it is consistent and specific to the user and the application, service, or device they are interacting with. In today's networked world it is difficult to correlate network packet traffic to a specific user, application, or service activity where all associated data and activities are isolated and secure from all other traffic on the network.
The Authentication Challenge Method: The basic challenge method has been used with agent attended devices, channels, applications, and interactions, like the call center and teller platform for years. It has also been used to challenge customers when they forget their password and there is a need to reset passwords for access via self service channels. The problem with current approaches to self service channel authentication is that the challenge secret and responses are readily compromised by phishing, key board logger, and Trojan attacks. In addition, the data (address, date of birth . . . etc) is often available via other methods including phishing.
A method is needed that eliminated this risk for the authentication process in self service applications. There is a need to establish an automated process around the use, creation and management of an authentication library for use in authentication challenges for self service interaction points. A method is also needed that automates authentication such that it provides a strong cost effective mode of authentication that is portable, reliable, and manageable for self service interaction points including the internet. As part of a process model, a method is needed that correlates the creation, use, and lifecycle of authentication library entries and corresponding responses such that this information is considered when selecting an appropriate authentication credential from the library for a specific authentication request. In this manner a SV can be established and managed for all authentication requests independent of a specific application, network, or device. By tracking and managing the information around the creation and use of authentication credentials a SV can be utilized to select the most suitable authentication library entry for a specific authentication request.
The invention defines a strong authentication approach that can be used stand alone or combined with other authentication mechanisms to authenticate a user to a device, service, application, network and the like at any self service channel.