Abstract: A system, apparatus, method, and machine readable medium are described for transparently requesting a new random challenge from a server within an authentication framework. For example, one embodiment of a method comprises: transmitting a random challenge and an indication of a timeout period associated with the random challenge from a server to a client within the context of a network registration or authentication process using authentication devices communicatively coupled to the client; automatically detecting that the random challenge is no longer valid based on the timeout period; and responsively transmitting a request for a new random challenge from the client to a server, wherein transmitting is performed transparently to a user of the client.

Abstract: A system, apparatus, method, and machine readable medium are described for performing transaction signing within an authentication framework.

Abstract: A system, apparatus, method, and machine readable medium are described for determining the authentication capabilities. For example, one embodiment of a method comprises: receiving a policy identifying a set of acceptable authentication capabilities; determining a set of client authentication capabilities; and filtering the set of acceptable authentication capabilities based on the determined set of client authentication capabilities to arrive at a filtered set of one or more authentication capabilities for authenticating a user of the client.

Abstract: A system, apparatus, method, and machine readable medium are described for multi-device operations within an authentication framework. For example, one embodiment of a method comprises: detecting N authentication devices on a client, wherein N>1; generating a N cryptographic entities, one for each of the N authentication devices; transmitting a command to the client to register each of the N cryptographic entities into each of the N authentication devices; executing the command on the client and responsively registering each of the N cryptographic entities into each of the respective N authentication devices; and subsequently using at least one of the authentication devices and its associated cryptographic entity for authenticating a user of the client over a network.

Abstract: A user transaction request is received at a client device. A web browser plug-in communicates the user transaction request to a server that determines whether the user transaction request is a secure transaction. Transaction data is received from the server via the web browser plug-in. If the received transaction data indicates a secure transaction, the user is prompted to provide biometric data from a user using a biometric device and related security protocols. The web browser plug-in then communicates a transaction confirmation to the server.

Abstract: A user request to implement a secure transaction is received and communicated to a web server. Transaction details signed with a secret key are received from the web server and displayed to the user. The user is requested to confirm the secure transaction by providing biometric data. If the user's biometric data is validated, an authentication token is received from a biometric device and the authentication token is communicated to the web server. The web server processes the secure transaction if the authentication token is confirmed as a valid authentication token.

Abstract: An apparatus includes a biometric sensor capable of identifying biometric information associated with a user. A storage device coupled to the biometric sensor stores user information. A biometric service is coupled to the biometric sensor and capable of communicating with the biometric sensor. A web browser application having a biometric extension communicates with the biometric sensor via the biometric service. The web browser's biometric extension is capable of communicating with multiple web servers.

Abstract: A request for a secure financial transaction is received from a user, who is authenticated with a biometric device. If the user is authenticated, an authentication token is received from the biometric device and sent to a remote device, which initiates the secure financial transaction. Upon initiation of the secure financial transaction, details related to the secure financial transaction are displayed to the user and the those details are monitored until the secure financial transaction is completed.

Abstract: Biometric information is authenticated by a web-enabled application that identifies a biometric sensor installed in a client device. The authentication procedure reads biometric information associated with a user and compares the biometric information with a biometric template associated with that user. If the biometric information matches the biometric template, the authentication procedure retrieves credentials associated with the user and communicates those credentials to a requesting process.

Abstract: A user transaction request is received at a client device. A web browser plug-in communicates the user transaction request to a server that determines whether the user transaction request is a secure transaction. Transaction data is received from the server via the web browser plug-in. If the received transaction data indicates a secure transaction, the user is prompted to provide biometric data, which is received from the user. The web browser plug-in then communicates a transaction confirmation to the server.

Abstract: A web-enabled application identifies a biometric device installed in a client device. The system identifies biometric information associated with a user and creates a biometric template associated with the biometric information. The system then receives user credentials associated with the user and binds the user credentials with the biometric template.

Abstract: A transaction request containing transaction details from a requesting device is generated by a web-enabled application executing on the requesting device. A secure signature associated with the transaction details is calculated using a secret key. The transaction details and the secure signature associated with the transaction details are communicated to the requesting device. Confirmation information is received from the requesting device and validated. If the confirmation information is valid, the requested transaction is implemented.

Abstract: A user request to implement a secure financial transaction is received and communicated to a web server capable of implementing the transaction. Transaction details signed with a secret key are received from the web server and displayed to the user. The user is requested to confirm the secure financial transaction by providing biometric data. If the user's biometric data is validated, an authentication token is received from a biometric device and the authentication token is communicated to the web server. The web server processes the secure financial transaction if the authentication token is confirmed as a valid authentication token.