Abstract: A system or method of image-based login authentication of a user on an access device using a mobile device registered to the user can include receiving login information at the access device, displaying an image reference at the access device, the image reference being one among a plurality of image references provisioned at the mobile device and an authentication authority, displaying the image reference selected by the authentication authority along with other image references, and receiving an authentication token at the authentication authority from the mobile device corresponding to a selection at the mobile device of one of the plurality of image references provisioned at the mobile device. The method can further include receiving validation by the access device of a completed authentication if the selection matches the image reference displayed at the access device and allowing login at the access device if the authentication token is validated.

Abstract: A server accesses a user identifier associated with a first user device and a reference image as a first image set, to be displayed. The server sends to a second user device an image, as a second image set, to be displayed, and a user request to select an image within the first image set. The second user device displays the second image set and the user request. The user of the first user device selects at least one displayed first image, the selected first image matching an image visually selected within the displayed second image set, according to a rule known to the user and the server. The first user device sends to the server the first user device identifier accompanied with data relating to the selected first image. If the data relating to the selected first image matches the data relating to the first reference image the server authenticates the user.

Abstract: A server accesses a user identifier associated with a first user device and a reference image, as a first image set, to be displayed. The server sends to a second user device an image, as a second image set, to be displayed, and a user request to select an image within the first image set. The second user device displays the second image set and the user request. The user of the first user device selects at least one displayed first image, the selected first image matching an image visually selected within the displayed second image set, according to a rule known to the user and the server. The first user device sends to the server the first user device identifier accompanied with data relating to the selected first image. If the data relating to the selected first image matches the data relating to the first reference image, the server authenticates the user.

Abstract: A mechanism for using a mobile device connected to a security device to authenticate a user to a service provider using a security device operating according to an applet without storing keys or user interface text on the security device or the mobile device. Registration and authentication messages to the mobile device are routed to a security device. These messages include a nonce. The security device encrypts responses from the user using the nonce and transmits an encrypted response message including the encrypted response to the authentication server, wherein the nonce is unique for each communication between the authentication server and the security device. Other systems and methods are disclosed.