Methods and systems for authenticating users

摘要

A method of authenticating users to reduce transaction risks includes indicating a desire to conduct a transaction, inputting information in a workstation, and determining whether the inputted information is known. Moreover, the method includes determining a state of a communications device when the inputted information is known, and transmitting a biometric authentication request from a server to a workstation when the state of the communications device is enrolled. Additionally, the method includes obtaining biometric authentication data in accordance with a biometric authentication data capture request with the communications device, biometrically authenticating the user, generating a one-time pass-phrase and storing the one-time pass-phrase on the authentication system when the user is authenticated, comparing the transmitted one-time pass-phrase against the stored one-time pass-phrase, and conducting the transaction when the transmitted and stored one-time pass-phrases match.

主权项

1. A method of authenticating users to reduce transaction risks comprising:
generating a merchant authentication request using a merchant system for a payment transaction and transmitting the merchant authentication request to a service provider server, the service provider server being different than the merchant system and the merchant authentication request including at least a unique user identifier for completing the transaction; transmitting a biometric authentication request from the service provider server over a first communications channel to a workstation, the biometric authentication request including at least a risk level of the payment transaction; in response to receiving the biometric authentication request at the workstation, invoking a security application stored in a communications device; initiating communications over a second communications channel by transmitting the biometric authentication request to an authentication system from the communications device over the second communications channel; extracting a risk level from the biometric authentication request; determining a biometric authentication data requirement corresponding to the extracted risk level; generating a biometric authentication data capture request in response to the biometric authentication request, and transmitting the biometric authentication data capture request from the authentication system to the communications device; validating the identity of a user; generating a one-time pass-phrase, storing the one-time pass-phrase on the authentication system and transmitting the one-time pass-phrase to the communications device over the second communications channel when the user is validated as one of a plurality of authorized users; obtaining the one-time pass-phrase from the communications device and inputting the one-time pass-phrase into the workstation; transmitting the one-time pass-phrase from the workstation to the authentication system over the first communications channel, and comparing the transmitted one-time pass-phrase against the stored one-time pass-phrase; and completing the payment transaction with the unique user identifier when the identity of the user is validated, the transmitted and stored one-time pass-phrases match, and the stored one-time pass-phrase has not expired.