Abstract: A managed authentication service provides relying parties an out-sourced authentication service for verifying the identity of online visitors. The service provides real-time, managed authentication and usage monitoring, multiple identity confirmation levels and a highly scalable and secure solution for authenticating online transactions.

Abstract: The system includes receiving, from a delegator, a designation of a role and a delegate to assume the role, receiving, from a credential service provider, an indication that the designation is valid, issuing a delegation credential in response to receiving the indication, and issuing a confirmation to the delegator, which indicates that the delegation credential was issued.

Abstract: An arrangement is provided for controlled access to identification and status information or delegated credentials. A delegation, formed between a delegator and a delegate, is registered with a delegate credential service provider. The delegate requests a service from a relying party that then requests, based on the requested service and the delegation, delegated credential from the delegate credential service provider. The delegate credential service provider sends the delegated credential to the relying party. According to the received delegated credential, the relying party generates a service response and sends the response to the delegate.

Abstract: An credential verification service (CVS) authenticates digital credentials, such as, digital certificates, at the request of online service providers. The CVS stores the authentication results and transaction information in a central activity log. The transaction information can include a size of the transaction, the online service requesting the authentication, an internet protocol (IP) address of a computing device originating the transaction and the goods or services involved in the transaction. The CVS generates an activity report from the activity log that lists the authentication results and the transaction information. A fraud detection module within the CVS analyzes the activity log to identify any unusual patterns in order to identify fraudulent activities or general misuse of the digital credential.

Abstract: An credential verification service (CVS) authenticates digital credentials, such as, digital certificates, at the request of online service providers. The CVS stores the authentication results and transaction information in a central activity log. The transaction information can include a size of the transaction, the online service requesting the authentication, an internet protocol (IP) address of a computing device originating the transaction and the goods or services involved in the transaction. The CVS generates an activity report from the activity log that lists the authentication results and the transaction information. A fraud detection module within the CVS analyzes the activity log to identify any unusual patterns in order to identify fraudulent activities or general misuse of the digital credential.

Abstract: An arrangement is provided for controlled access to identification and status information or delegated credentials. A delegation, formed between a delegator and a delegate, is registered with a delegate credential service provider. The delegate requests a service from a relying party that then requests, based on the requested service and the delegation, delegated credential from the delegate credential service provider. The delegate credential service provider sends the delegated credential to the relying party. According to the received delegated credential, the relying party generates a service response and sends the response to the delegate.

Abstract: Systems for providing an authentication service through a number of authentication mechanisms associated with each user. Lists of the authentication mechanisms associated with each user are stored in a set of portfolios, one portfolio for each user. Authentication mechanisms include laptops, PCs, biometric input devices, smart card readers, proximity badge readers, magnetic stripe readers, and the like. The systems have various configurations of registration servers, authentication servers, and authorization servers. Methods for providing an authentication service include relating a user identity to a portfolio, relating a type of transaction to a level of authentication, and authenticating the user identity through one or more authentication mechanisms for the type of transaction, according to the level of authentication required.

Abstract: A method for controlling access to user information is presented. A user requests a service from a relying party. The relying party makes a request for user information. The user approves or rejects the request for user information. The verification service sends a response to the relying party. As such, the user may selectively control what information is released to, and acquired by, the relying party.

Abstract: The system includes receiving, from a delegator, a designation of a role and a delegate to assume the role, receiving, from a credential service provider, an indication that the designation is valid, issuing a delegation credential in response to receiving the indication, and issuing a confirmation to the delegator, which indicates that the delegation credential was issued.