Techniques are described herein for providing an extra layer of security for a Multi-Factor Authentication (MFA) application (e.g., a device health application) installed on a user’s machine to ensure that the data payload being sent to authentication servers came from the authenticating user’s machine. The application may be enrolled with a cryptographic keypair stored in the hardware of the user’s machine. The key may be used to sign health data payloads sent to the MFA servers.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Bammel, Jen; Matteson, David; Mills, Kyle; Gower, Claire; Chapman, Todd; and Goodman, Adam, "SECURING DATA PAYLOADS SENT FROM A CLIENT MACHINE WITH MINIMAL USER OR ADMINISTRATOR INTERACTION", Technical Disclosure Commons, (November 04, 2022)