	US 11,895,113 B2
	Collaborative risk aware authentication
Mastooreh Salajegheh, San Jose, CA (US); Shashank Agrawal, Sunnyvale, CA (US); Eric Le Saint, Los Altos, CA (US); Payman Mohassel, San Jose, CA (US); and Mihai Christodorescu, Belmont, CA (US)
Assigned to Visa International Service Association, San Francisco, CA (US)
Appl. No. 17/291,090
Filed by Visa International Service Association, San Francisco, CA (US)
PCT Filed Aug. 30, 2019, PCT No. PCT/US2019/048991 § 371(c)(1), (2) Date May 4, 2021, PCT Pub. No. WO2020/101787, PCT Pub. Date May 22, 2020.
Claims priority of provisional application 62/768,002, filed on Nov. 15, 2018.
Prior Publication US 2021/0409405 A1, Dec. 30, 2021
Int. Cl. H04L 9/40 (2022.01); H04L 9/08 (2006.01)

CPC H04L 63/0884 (2013.01) [H04L 9/085 (2013.01)]

20 Claims

1. A method comprising:

broadcasting, by an initiator device, a witness request to a plurality of authentication devices, wherein the plurality of authentication devices determine one or more assurance levels with respect to the initiator device, respectively, from a range of assurance levels and determine a token share corresponding to the one or more assurance levels, respectively;

receiving, by the initiator device from the plurality of authentication devices, a plurality of witness responses comprising a set of token shares corresponding to an assurance level among the one or more assurance levels, wherein each of the token shares is a portion of an authentication token or determined using a key share that is a fraction of a cryptographic key;

generating, by the initiator device, the authentication token, by using the token shares of the set; and

transmitting, by the initiator device, the authentication token to an authentication server, wherein the authentication server verifies the authentication token.