Authentication request management

摘要

The different illustrative embodiments provide a method, computer program product, and apparatus for managing an authentication request. A determination is made whether additional authentication is to be performed responsive to receiving the authentication request to access an application from a mobile device. A phone number to call is sent to the mobile device responsive to a determination that the additional authentication is to be performed. A determination is made whether an incoming call to the phone number is from the mobile device and within a selected period of time. The authentication request to access the application from the mobile device is granted responsive to a determination that the incoming call to the phone number is from the mobile device and within the selected period of time.

主权项

1. A computer program product comprising:
a non-transitory computer readable storage medium; program instructions, stored on the computer readable storage medium, for determining whether additional authentication is to be performed using a policy responsive to receiving an authentication request to access an application from a mobile device, wherein the policy comprises criteria for determining whether the additional authentication is to be performed; program instructions, stored on the computer readable storage medium, for sending a phone number to call to the mobile device responsive to a determination that the additional authentication is to be performed; program instructions, stored on the computer readable storage medium, for determining whether an incoming call to the phone number is from the mobile device and within a selected period of time; and program instructions, stored on the computer readable storage medium, for granting the authentication request to access the application from the mobile device responsive to a determination that the incoming call to the phone number is from the mobile device and within the selected period of time, wherein the granting of the authentication request to access the application is for a limited period of time, wherein the authentication request is a first authentication request, the phone number is a first phone number, the selected period of time is a first selected period of time, the incoming call is a first incoming call, and wherein the first phone number is in a plurality of phone numbers, and further comprising: program instructions, stored on the computer readable storage medium, for sending a message to the mobile device that further authentication is required responsive to expiration of the limited period of time; program instructions, stored on the computer readable storage medium, for sending a second phone number in the plurality of phone numbers to the mobile device responsive to receiving a second authentication request and a determination that the additional authentication is to be performed using the policy; and program instructions, stored on the computer readable storage medium, for determining whether a second incoming call is received from the mobile device at the second phone number and the second incoming call is received within a second selected period of time.