Unlocking passkey adoption (DEAL 668)

This lot is generally related to an authentication system that authenticates users by combining bearer tokens such as passwords or biometrics with a public-private key pair to ensure that the public key is never stored to protect bearer tokens even if the back-end is breached. Disclosed is a multifactor authentication system that enhances application security by using a combination of asymmetric cryptography and ephemeral tokens during the user’s registration and authentication. During the user registration phase, the system’s front end sends bearer tokens to the back end. The system combines the token with a public key, stores a registration-phase tag, and deletes the public key and tokens. The system authenticates the user by receiving the public key and new bearer tokens from the front end and assigns a corresponding authentication-phase tag. The system compares the stored registration tag with the authentication-phase tag to validate the user identity. The technology may be implemented in financial services, healthcare systems, defense apps, e-voting systems, etc.