Systems and methods for distribution of selected authentication information for a network of devices
Abstract
A system for facilitating distribution of authentication information for a network of devices to be authenticated is provided. The system comprises: an authentication module configured to obtain an identity-proofing confidence score, based on data about identity-proofing of a user obtained from an authentication service system, wherein the data about identity-proofing comprises a type of identity document of the user and a presentation method used for verifying the user's identity by the authentication service system; and an insurance module in communication with the authentication module, configured to generate a plurality of security levels for the user, wherein each of the plurality of security levels is generated based on the identity-proofing confidence score and a credential authentication confidence score that is (1) obtained with aid of at least one device from the network of devices, and (2) determined based on a credential to be used for a transaction and a presence of an anti-replay feature about the at least one device, wherein a display is configured to show a plurality of coverage plans associated with the plurality of security levels to the user for selection, such that the authentication service system performed credential authentication according to a selected coverage plan.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A system for facilitating distribution of authentication information for a network of devices to be authenticated, comprising
an authentication module configured to obtain an identity-proofing confidence score, based on data about identity-proofing of a user obtained from an authentication service system, wherein the data about identity-proofing comprises a type of identity document of the user and a presentation method used for verifying the user's identity by the authentication service system; and an insurance module in communication with the authentication module, configured to generate a plurality of security levels, wherein each of the plurality of security levels is generated based on the identity-proofing confidence score and a credential authentication confidence score that is (1) obtained with aid of at least one device from the network of devices, and (2) determined based on a credential to be used for a transaction and a presence of an anti-replay feature about the at least one device, wherein a display is configured to show a plurality of coverage plans associated with the plurality of security levels to the user for selection, such that the authentication service system performed credential authentication according to a selected coverage plan.
2 . The system of claim 1 , wherein the data about identity-proofing of a user is stored in a memory unit accessible to the authentication service system.
3 . The system of claim 1 , wherein the user is provided with one or more credentials by the authentication service system upon verification of the user's identity.
4 . The system of claim 1 , further comprising a memory unit storing data about the one or more credentials provided to the user.
5 . The system of claim 1 , wherein the credential to be used for the transaction is selected from the one or more credentials provided to the user.
6 . The system of claim 1 , wherein the anti-replay feature comprises using nonce data to detect a replay attack.
7 . The system of claim 6 , wherein the nonce data is generated using device state data about a physical state of a device used for the credential authentication or using characteristic data of the credential.
8 . A computer implemented method for facilitating authentication information distribution for a network of devices to be authenticated, comprising:
obtaining, at an authentication module, an identity-proofing confidence score, based at least in part on (i) an identity document confidence score which is associated with a security feature of an identity document that is used for identity-proofing, and (ii) a presentation method confidence score associated with a method used for presenting the identity document; obtaining, with aid of a least one device of the network of devices, a credential authentication confidence score, wherein the credential authentication confidence score is determined based on (i) a credential confidence score associated with a credential used for authentication, and (ii) a presence of an anti-replay feature during the identity authentication; and determining an insurance level, based on the identity-proofing confidence score obtained at the authentication module and the credential authentication confidence score obtained with aid of the at least one device, wherein the insurance level is useful for generating an insurance coverage plan for the identity authentication.
9 . The method of claim 8 , wherein the security feature indicates the strength of the identity document to resist counterfeit.
10 . The method of claim 8 , wherein the presentation method used for presenting the identity document comprises knowing the identity document, showing the identity document, presenting the identity document remotely, showing the identity document in-person, or proving the identity document in-person.
11 . The method of claim 8 , wherein the credential confidence score is associated with an assurance level of the credential or the likelihood of authentication error when using the credential for verifying an identity of a user.
12 . The method of claim 8 , wherein the credential comprises password, visual token, physical token or biometrics of a user.
13 . The method of claim 8 , wherein the anti-replay feature comprises using nonce data to detect a replay attack.
14 . The method of claim 13 , wherein the nonce data is generated using device state data which is about a physical state of the at least one device used during the identity authentication or using characteristic data of the credential.
15 . The method of claim 14 , wherein the device state data comprises data collected by multiple types of sensors.
16 . The method of claim 14 , wherein the device state data comprises positional information about the device, data indicative of environmental information collected by one or more sensors on-board the device, or local data indicative of a physical state of a component of the device, and wherein the component is selected from the group comprising a power supply unit, a processor, a sensor, and a memory.
17 . The method of claim 14 , wherein the characteristic data of the credential comprises data generated during processing the credential by the user device or data indicating a motion when performing the identity authentication using the credential.
18 . The method of claim 8 , wherein the identity-proofing confidence score is determined further based on a location where the identity document is presented.
19 . The method of claim 8 , further comprising supplying, by an insurance provider, the insurance coverage plan to a user and/or an entity involved in a transaction with the user, wherein the insurance coverage plan provides coverage for the user and/or the entity against a loss resulting from the identity of the counterpart in the transaction being different than the identified person, persons, or entity.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.