| 摘要 |
A device fingerprinting system provides an additional factor of authentication. A user device may be redirected, along with user ID parameters, to authentication system. The user device may be sent instructions to execute that collect and send back device characteristic information to the authentication system. The authentication can create a unique fingerprint of the device, and determine if the fingerprint has been seen before. If seen before, the authentication system may send back an authentication token indicating the additional factor of authentication was a success. If the fingerprint has not been seen previously, the authentication system may conduct a one-time password authentication as the additional factor. If successful, the fingerprint may be stored in association with the user device for future authentication as an additional factor. |
| 主权项 |
1. A computerized fingerprint-based authentication system comprising:
one or more hardware processors configured to cause the fingerprint-based authentication system to:
receive, over a network, a request for authentication of a user computing device associated with a user, the request resulting from a redirection operation sent to the user computing device from a network service requiring additional authentication in addition to a password;send, over the network, to the user computing device, capture instructions, the capture instructions configured to cause the user computing device to collect a first plurality of characteristic values of the user computing device, the first plurality of the characteristic values representing at least two attributes of the user computing device;receive, over the network, the first plurality of characteristic values of the user computing device;compare the first plurality of characteristic values of the user computing device to a second plurality of characteristic values, the second plurality of characteristic values previously stored by the computerized fingerprint-based authentication system;determine a device certainty score based on a comparison of the first plurality of characteristic values of the user computing device to the second plurality of characteristic values; andwhen a determination is made that the device certainty score is above a threshold update score:
update the second plurality of characteristic values in data storage to include the first plurality of characteristic values, andtransmit an authentication token to the user computing device, the authentication token indicating that the user computing device was authenticated by a fingerprinting mechanism. |
