Abstract: An authentication system with an automatic authentication mechanism and an automatic authentication method are provided. The authentication system includes a server device and a gateway device. The gateway device is coupled to the server device. The gateway device is configured to act as a fast identity online (FIDO) client to send a gateway device registration data to register the gateway device in the server device acting as a FIDO server, and then the gateway device defines itself as initialized and connected. The gateway device periodically sends data to server device for authentication to maintain a trusted connection between the server device and the gateway device.

Abstract: A unified authentication system for decentralized identity platforms is disclosed. In various embodiments, a request comprising one or more identity claims and a digital address is received. The digital address is used to verify, via a verification node associated with a digital address provider, the one or more identity claims. Access to a service is provided, in response to the request, based at least in part on a response from the verification node indicating the one or more identity claims have been verified. The verification node is configured to obtain consent, in real time, from a user with which the digital address is associated, prior to providing said response indicating the one or more identity claims have been verified.

Abstract: A system, apparatus, method, and machine readable medium are described for performing advanced authentication techniques and associated applications. For example, one embodiment of a method comprises: receiving a policy identifying a set of acceptable authentication capabilities; determining a set of client authentication capabilities; and filtering the set of acceptable authentication capabilities based on the determined set of client authentication capabilities to arrive at a filtered set of one or more authentication capabilities for authenticating a user of the client.

Abstract: Proxied cross-ledger authentication techniques are disclosed. In various embodiments, a verifier presentation requirement is determined, the verifier presentation requirement indicating a set of elements required to be provided by a client to authenticate the client. An authentication contract instance is created on a market maker ledger not associated specifically with the verifier, the authentication contract instance including at least a subset of the elements required by the verifier presentation requirement. A verifier system associated with the verifier presentation requirement is configured to read information from the authentication contract instance, obtain from an issuer associated with the client an issuer revocation data associated with the authentication contract instance, and use the information read from the authentication contract instance and the issuer revocation data to authenticate the client.

Abstract: Proxied cross-ledger authentication techniques are disclosed. In various embodiments, a verifier presentation requirement is determined, the verifier presentation requirement indicating a set of elements required to be provided by a client to authenticate the client. An authentication contract instance is created on a market maker ledger not associated specifically with the verifier, the authentication contract instance including at least a subset of the elements required by the verifier presentation requirement. A verifier system associated with the verifier presentation requirement is configured to read information from the authentication contract instance, obtain from an issuer associated with the client an issuer revocation data associated with the authentication contract instance, and use the information read from the authentication contract instance and the issuer revocation data to authenticate the client.

Abstract: An authentication system with an automatic authentication mechanism and an automatic authentication method are provided. The authentication system includes a server device and a gateway device. The gateway device is coupled to the server device. The gateway device is configured to act as a fast identity online (FIDO) client to send a gateway device registration data to register the gateway device in the server device acting as a FIDO server, and then the gateway device defines itself as initialized and connected. The gateway device periodically sends data to server device for authentication to maintain a trusted connection between the server device and the gateway device.

Abstract: Proxied cross-ledger authentication techniques are disclosed. In various embodiments, a verifier presentation requirement is determined, the verifier presentation requirement indicating a set of elements required to be provided by a client to authenticate the client. An authentication contract instance is created on a market maker ledger not associated specifically with the verifier, the authentication contract instance including at least a subset of the elements required by the verifier presentation requirement. A verifier system associated with the verifier presentation requirement is configured to read information from the authentication contract instance, obtain from an issuer associated with the client an issuer revocation data associated with the authentication contract instance, and use the information read from the authentication contract instance and the issuer revocation data to authenticate the client.

Abstract: A unified authentication system for decentralized identity platforms is disclosed. In various embodiments, a request comprising one or more identity claims and a digital address is received. The digital address is used to verify, via a verification node associated with a digital address provider, the one or more identity claims. Access to a service is provided, in response to the request, based at least in part on a response from the verification node indicating the one or more identity claims have been verified. The verification node is configured to obtain consent, in real time, from a user with which the digital address is associated, prior to providing said response indicating the one or more identity claims have been verified.

Abstract: A system, apparatus, method, and machine readable medium are described for performing advanced authentication techniques and associated applications. For example, one embodiment of a method comprises: receiving a policy identifying a set of acceptable authentication capabilities; determining a set of client authentication capabilities; and filtering the set of acceptable authentication capabilities based on the determined set of client authentication capabilities to arrive at a filtered set of one or more authentication capabilities for authenticating a user of the client.

Abstract: A system, apparatus, method, and machine readable medium are described for performing advanced authentication techniques and associated applications. For example, one embodiment of a method comprises: receiving a policy identifying a set of acceptable authentication capabilities; determining a set of client authentication capabilities; and filtering the set of acceptable authentication capabilities based on the determined set of client authentication capabilities to arrive at a filtered set of one or more authentication capabilities for authenticating a user of the client.

Abstract: A user transaction request is received at a client device. A web browser plug-in communicates the user transaction request to a server that determines whether the user transaction request is a secure transaction. Transaction data is received from the server via the web browser plug-in. If the received transaction data indicates a secure transaction, the user is prompted to provide biometric data, which is received from the user. The web browser plug-in then communicates a transaction confirmation to the server.

Abstract: A system, apparatus, method, and machine readable medium are described for performing advanced authentication techniques and associated applications. For example, one embodiment of a method comprises: receiving a policy identifying a set of acceptable authentication capabilities; determining a set of client authentication capabilities; and filtering the set of acceptable authentication capabilities based on the determined set of client authentication capabilities to arrive at a filtered set of one or more authentication capabilities for authenticating a user of the client.

Abstract: An apparatus includes a biometric sensor capable of identifying biometric information associated with a user. A storage device coupled to the biometric sensor stores user information. A biometric service is coupled to the biometric sensor and capable of communicating with the biometric sensor. A web browser application having a biometric extension communicates with the biometric sensor via the biometric service. The web browser's biometric extension is capable of communicating with multiple web servers.

Abstract: A user transaction request is received at a client device. A web browser plug-in communicates the user transaction request to a server that determines whether the user transaction request is a secure transaction. Transaction data is received from the server via the web browser plug-in. If the received transaction data indicates a secure transaction, the user is prompted to provide biometric data from a user using a biometric device and related security protocols. The web browser plug-in then communicates a transaction confirmation to the server.

Abstract: An apparatus includes a biometric sensor capable of identifying biometric information associated with a user. A storage device coupled to the biometric sensor stores user information. A biometric service is coupled to the biometric sensor and capable of communicating with the biometric sensor. A web browser application having a biometric extension communicates with the biometric sensor via the biometric service. The web browser's biometric extension is capable of communicating with multiple web servers.

Abstract: Biometric information is authenticated by a web-enabled application that identifies a biometric sensor installed in a client device. The authentication procedure reads biometric information associated with a user and compares the biometric information with a biometric template associated with that user. If the biometric information matches the biometric template, the authentication procedure retrieves credentials associated with the user and communicates those credentials to a requesting process.

Abstract: A transaction request containing transaction details from a requesting device is generated by a web-enabled application executing on the requesting device. A secure signature associated with the transaction details is calculated using a secret key. The transaction details and the secure signature associated with the transaction details are communicated to the requesting device. Confirmation information is received from the requesting device and validated. If the confirmation information is valid, the requested transaction is implemented.

Abstract: A request for a secure financial transaction is received from a user, who is authenticated with a biometric device. If the user is authenticated, an authentication token is received from the biometric device and sent to a remote device, which initiates the secure financial transaction. Upon initiation of the secure financial transaction, details related to the secure financial transaction are displayed to the user and the those details are monitored until the secure financial transaction is completed.

Abstract: A user request to implement a secure financial transaction is received and communicated to a web server capable of implementing the transaction. Transaction details signed with a secret key are received from the web server and displayed to the user. The user is requested to confirm the secure financial transaction by providing biometric data. If the user's biometric data is validated, an authentication token is received from a biometric device and the authentication token is communicated to the web server. The web server processes the secure financial transaction if the authentication token is confirmed as a valid authentication token.

Abstract: A user transaction request is received at a client device. A web browser plug-in communicates the user transaction request to a server that determines whether the user transaction request is a secure transaction. Transaction data is received from the server via the web browser plug-in. If the received transaction data indicates a secure transaction, the user is prompted to provide biometric data, which is received from the user. The web browser plug-in then communicates a transaction confirmation to the server.