| CPC G06Q 20/389 (2013.01) [H04L 63/08 (2013.01)] | 20 Claims |
|
1. A method for authenticating users and devices in a network system, the method comprising:
receiving, by an authentication server from a first user device, a request to register a first user, wherein the request includes first user identification information;
storing, by the authentication server, the first user identification information in a database with at least one user credential;
selecting and assigning a first plurality of validation devices to the first user for authenticating transactions requested by the first user, wherein the selection of the first plurality of validation devices is specific to the first user, wherein at least one of the first plurality of validation devices corresponds to at least one other user of the network system different from the first user;
receiving, by an authentication server from a second user device, a request to register a second user, wherein the request includes second user identification information;
selecting and assigning a second plurality of validation devices, different from the first plurality of validation devices, to the second user for authenticating transactions requested by the second user, wherein the selection of the second plurality of validation devices is specific to the second user, and wherein at least one of the second plurality of validation devices corresponds to at least one other user of the network system different from the second user;
receiving an authentication request from the first user device, the authentication request including the at least one user credential;
in response to the authentication request:
determining whether an authentication server is available;
in response to determining that the authentication server is not available, transmitting the authentication request to each of the first plurality of assigned validation devices for authenticating the first user;
receiving a response from each of the first plurality of assigned validation devices, each of the responses indicating whether the respective first validation device validated the authentication request; and
determining whether to approve the authentication request based on the responses from the first plurality of assigned validation devices.
|