PRESS RELEASE:

Authernative Granted U.S. Patent for User Authentication System Operation Modes

| From
user authentication patent

REDWOOD CITY, Calif. (SEND2PRESS NEWSWIRE) -- Authernative, Inc., the developer of innovative user authentication and identity management technologies, announced today that the United States Patent and Trademark Office has granted the company a patent for operation modes in a user authentication system.

The newly issued U.S. Patent No. 7,577,987 titled, "Operation modes for user authentication system based on random partial pattern recognition" ("the Patent") describes a system of operation modes for self-service account administration of a "what user knows" based authentication system using random partial pattern recognition. The Patent builds on Authernative's portfolio of user authentication patents by covering the operation modes for secure self-service set-up and self-reset of user accounts and authentication credentials. The patented system enables users to securely set-up and reset accounts and authentication credentials including usernames, e-mail addresses, personal profiles, security questions, temporary credentials, password credentials, and other authentication credentials used in a single- or multi-factor authentication based on random partial pattern recognition.

The security tiers and features offered by the newly patented system enhance the well known benefits of online self-service user authentication systems such as reduced support costs, anytime/anywhere access, and increased productivity. The result is an unparalleled secure self-service account administration that is immune from the security challenges and attacks plaguing user account login, set-up and reset. For example, security questions are commonly used for resetting passwords, but they alone do not provide sufficient security because they can be compromised or guessed by identity thieves. By contrast, Authernative's system protects against such back-door attacks by providing multi-tier account reset security, where at least two tiers must be successfully traversed before a user can reset the account.

The account login and reset security is further enhanced by random partial pattern recognition authentication, where the authentication server never challenges the user to provide the full secret pattern (authentication code such as a password, PIN, or graphical pattern), but instead requests a session-specific random subset of the secret pattern ("One Time Pattern"(TM) (OTP)). This significantly reduces the credential's entropy leakage and renders one-time authentication responses difficult to compromise, protecting users' credentials against phishing, key logging, brute force, Trojan horse and other spyware attacks. Moreover, the method's virtual reference grid and the scalable combinatorial capacity of the secret pattern provide high security against guessing attacks, while delivering a simple and more engaging user experience.

Authernative's patented system also provides multi-tier account set-up security options including temporary credentials, out-of-band delivery, and account release options. Additionally, the system logs all account administration and authentication events enabling automatic or human monitoring to detect unusual account administration activity, conduct forensic research, and meet regulatory compliance. This patent adds to the protected intellectual property and technology foundation for the company's AuthGuard(R) user authentication product.

AuthGuard(R) offers a suite of one-factor, layered, and multi-factor authentication to meet a variety of security and usability requirements. AuthGuard(R) user authentication is electronically mass deployable, has scalable security, high usability, low total cost of ownership, and efficient integration/customization options with legacy environments. The product provides fully automated operation modes for secure login, set-up, and reset of all AuthGuard(R) authentication methods including enhanced password, graphical password, one-time challenge one-time response, out-of-band, one-time pin, and secure in-band authentication. The AuthGuard(R) crypto security of data-in-transit and data-at-rest is assured by the CrosSecure(R) Authernative(R) Cryptographic Module that has been FIPS 140-2 certified by the National Institute of Standards and Technology (USA).

Authernative's granted patent solidifies the company's ability to provide innovative, secure and cost-effective user authentication solutions. With identity theft, cyber crime, and data breaches escalating to an all time high, enterprises, government agencies, online service providers, and consumers can benefit from the AuthGuard(R) authentication product to secure access to networks, extranets, portals, applications, data and devices.

About Authernative, Inc.:

Authernative is a leading provider of innovative software security solutions offering identity and access management capabilities including authentication, authorization, administration, and auditing. The company's products are used to prevent unauthorized online access to confidential data, protected resources, and financial transactions. They allow organizations to lower the cost of providing, deploying and managing user authentication for enabling e-commerce, e-government, and regulatory compliance.

More information: www.authernative.com.

News Source:
Like, Share, Save this press release:
  TWEET   SHARE   G+   PIN IT   STUMBLE   LinkedIn   Instapaper   Buffer

PERMALINK:
https://www.send2press.com/newswire/2009-10-1014-004.shtml
  LEGAL NOTICE AND TERMS OF USE:  
The content of the above press release was provided by the “news source” (Authernative, Inc.) or authorized agency, who is solely responsible for its accuracy. Send2Press® is the originating wire service for this story and content is Copr. © 2009 Authernative, Inc. with newswire version Copr. © 2009 Send2Press (a service of Neotrope). All trademarks acknowledged.

Rights granted for reproduction by any legitimate news organization. However, if news is cloned/scraped verbatim, then original attribution must be maintained with link back to this page as “original syndication source.” Resale of this content for commercial purposes is prohibited without a license. Reproduction on any site selling a competitive service is also prohibited. Information is believed accurate, as provided by news source or authorized agency, however is not guaranteed, and you assume all risk for use of any information found herein/hereupon. This work is licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License.
STORY READS for this single page only, as of Sep 29 2016:
[ count retired 8.4.16 ]


back to top
REFERENCES: user authentication patent, authernative authguard, AuthGuard user authentication, CrosSecure, patent, security, encryption, multi-factor, Government, Identity management, phishing, compliance, identity theft, Authernative, e-commerce, US Patent 7577987, One Time Pattern, regulatory compliance, tech patents, news, press release from Authernative, Inc., Oct 14, 2009, Patent and Trademark, , , Redwood City, California, Authernative Granted U.S. Patent for User Authentication System Operation Modes