Abstract: A method of creating and applying a self-authenticating digital identity for a user having an identity is described.

Abstract: An illustrative method includes an escrow system receiving an access request from a service provider system for the service provider system to have access to a digital identity of a user when the user attempts to access a service provided by the service provider system; transmitting, based on the access request, an authorization request to a computing device associated with the user, the authorization request prompting the user to authorize sharing of the digital identity with the service provider system, the transmitting of the authorization request comprising transmitting a push notification to the computing device, and receiving, from the computing device associated with the user, authorization data indicating that the user authorizes sharing of the digital identity with the service provider system.

Abstract: An exemplary method includes maintaining encrypted identity data associated with a user, the encrypted identity data representative of a digital identity of the user, receiving an access request from a service provider system for the service provider system to have access to the digital identity of the user when the user attempts to access a service provided by the service provider system, transmitting, in response to the access request, an authorization request to a computing device associated with the user, the authorization request prompting the user to authorize sharing of the digital identity with the service provider system, receiving, from the computing device, authorization data indicating that the user authorizes sharing of the digital identity with the service provider system, and providing, in response to receiving the authorization data from the computing device, the service provider system with access to the digital identity.

Abstract: A method of creating and applying a self-authenticating digital identity for a user having an identity is described.

Abstract: A system and method for a self-authenticating identity. A self-authenticating identity is a digital identity created in an embodiment by aggregating a user's verified identity information and its public key, both of which are digitally signed by the user and an identity provider. This cryptographic binding allows the user to prove it is in fact the true party that the identity was issued to, without the need for a third party to be directly involved. The identity may also contain information that conveys how the identity was verified.

Abstract: An exemplary method includes maintaining encrypted identity data associated with a user, the encrypted identity data representative of a digital identity of the user, receiving an access request from a service provider system for the service provider system to have access to the digital identity of the user when the user attempts to access a service provided by the service provider system, transmitting, in response to the access request, an authorization request to a computing device associated with the user, the authorization request prompting the user to authorize sharing of the digital identity with the service provider system, receiving, from the computing device, authorization data indicating that the user authorizes sharing of the digital identity with the service provider system, and providing, in response to receiving the authorization data from the computing device, the service provider system with access to the digital identity.

Abstract: A system and method for a self-authenticating identity. A self-authenticating identity is a digital identity created in an embodiment by aggregating a user's verified identity information and its public key, both of which are digitally signed by the user and an identity provider. This cryptographic binding allows the user to prove it is in fact the true party that the identity was issued to, without the need for a third party to be directly involved. The identity may also contain information that conveys how the identity was verified.

Abstract: A host based security system for a computer network includes in communication with the network a credential host that is operative in concert with a local computer and a destination site. The destination site has a credential authentication policy under which credentials associated with the local computer upon being authenticated authorizes data to be communicated between each of the destination site and the local computer during a communication session over the network. The credential host stores the credentials to be used by the destination and is operative to transmit the credentials onto the network in response to a request received from the local computer. The destination site upon the credentials being received and authenticated thereat is operative to transmit session information onto the network. The local computer is then operative to commence the communication session upon receipt of said the information.

Abstract: A host based security system for a computer network includes in communication with the network a credential host that is operative in concert with a local computer and a destination site. The destination site has a credential authentication policy under which credentials associated with the local computer upon being authenticated authorizes data to be communicated between each of the destination site and the local computer during a communication session over the network. The credential host stores the credentials to be used by the destination and is operative to transmit the credentials onto the network in response to a request received from the local computer. The destination site upon the credentials being received and authenticated thereat is operative to transmit session information onto the network. In turn, the local computer is then operative to commence the communication session upon receipt of said the information.

Abstract: A method for authenticating a user based on a plurality of authentication factors includes a step of receiving a first authentication factor from a first communication device of the user. The first authentication factor includes a password. The method includes a step of receiving a second authentication factor. The second authentication factor comprises at least one of at least one device identifier of the first communication device of the user and data transmitted to or received from a second communication device of the user. The method also includes a step of authenticating the user based on at least the received plurality of authentication factors.

Abstract: A host based security system for a computer network includes in communication with the network a credential host that is operative in concert with a local computer and a destination site. The destination site has a credential authentication policy under which credentials associated with the local computer upon being authenticated authorizes data to be communicated between each of the destination site and the local computer during a communication session over the network. The credential host stores the credentials to be used by the destination and is operative to transmit the credentials onto the network in response to a request received from the local computer. The destination site upon the credentials being received and authenticated thereat is operative to transmit session information onto the network. In turn, the local computer is then operative to commence the communication session upon receipt of said the information.

Abstract: A system and method authenticates a user if the user is associated with a certificate on a device the user is using to communicate, even if other users are also associated with the same certificate and/or the user is associated with other certificates on other devices.

Abstract: A system and method allows some or all of an e-mail message, such as the sender or its contents, to be authenticated, for example, to identify a message as potential spam.

Abstract: A system and method allows a recipient to authenticate an e-mail message to ensure that the message came from its purported source and was not altered or was highly unlikely to be altered.

Abstract: A system and method authenticates an e-mail message containing a code that may be sent as part of an advertising campaign. The code is a hashed hash result of a combination of the e-mail address to which the message was sent and a pass phrase for the campaign, along with an identifier of the campaign. To authenticate the message, the user supplies the user's e-mail address and the code and the system and method parses the code to identify the campaign identifier and hashed hash result, looks up the pass phrase using the campaign identifier, hashes the campaign identifier and e-mail address and hashes that hash result. If the hashed hash results match, the system and method indicates the message is authentic and otherwise, indicates the message is not authentic.

Abstract: A system and method allows a user to authenticate a communication from a computer system, a computer system to authenticate a user, or both. When a user requests a web page from the web site, customization information that is recognizable to the user is provided to allow the user to authenticate the web site. A signed, encrypted persistent file stored on the user's computer system or installed on a different computer system, or a trusted computing subsystem allows the web site to authenticate the user. If the user is using a system that will not allow that user to be authenticated, the user may instruct the system to continue providing information without the user's customization information. The system and method may be used to allow the user to authenticate an e-mail message or its source, and Flash movies or other computer code may be used if the user's e-mail client does not employ cookies.

Abstract: A host based security system for a computer network includes in communication with the network a credential host that is operative in concert with a local computer and a destination site. The destination site has a credential authentication policy under which credentials associated with the local computer upon being authenticated authorizes data to be communicated between each of the destination site and the local computer during a communication session over the network. The credential host stores the credentials to be used by the destination and is operative to transmit the credentials onto the network in response to a request received from the local computer. The destination site upon the credentials being received and authenticated thereat is operative to transmit session information onto the network. In turn, the local computer is then operative to commence the communication session upon receipt of said the information.

Abstract: A system and method communicates information from an entity that a registry can use to authenticate the entity to a user. If the registry authenticates the entity, it displays information that represents a shared secret between the registry and the user.

Abstract: A system and method allows a user to authenticate a web site, a web site to authenticate a user, or both. When a user requests a web page from the web site, customization information that is recognizable to the user is provided to allow the user to authenticate the web site. A signed, encrypted cookie stored on the user's system allows the web site to authenticate the user.

Abstract: A system and method allows a user to authenticate a web site, a web site to authenticate a user, or both. When a user requests a web page from the web site, customization information that is recognizable to the user is provided to allow the user to authenticate the web site. A signed, encrypted cookie stored on the user's system allows the web site to authenticate the user.