Dynamic user authentication for access to online services

摘要

A dynamic authentication system that makes authentication stronger, while reducing the cost to business and the burden to users. The system includes a service that provides centralized, non-federated, proxied authentication. The system uses a two-pass authentication process that first receives a supposed identity of the user and then determines one or more authentication criteria for proving that supposed identity. When the user attempts to use an online service that relies on the dynamic authentication system for authentication, the service requests the user's identity. The system dynamically determines authentication criteria for the user to prove the provided identity belongs to the user. In the second pass, the service receives a response from the user containing additional authentication information, and forwards the received response to the system for verification. If verification succeeds, the service allows the user to access the requested resources.