Secure authentication system and method
First Claim
Patent Images
1. A method comprising:
- receiving, a Purchase Authentication Page by a computer from a control server over a communications network, the Purchase Authentication Page having a user response posting field to receive a response from a user to authenticate the user; and
providing, a returned Purchase Authentication Page by the computer to the control server over the communications network, the returned Purchase Authentication Page having a user response disposed in the user response posting field and a secure datum received from a verification token associated with the computer, wherein the control server thereaftercompares at least a portion of the received user response to a stored user response to make a first determination of whether a match exists,compares the received secure datum to a stored secure datum to make a second determination of whether a match exists, andgenerates a Payer Authentication Response message based on at least the first and second determinations.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems pertaining secure transaction systems are disclosed. In one implementation, a computer with a verification token associated with a computer can send user authentication data as well as a secure datum to a control server. The verification token may obtain the secure datum from a validation entity. The control server can validate the secure datum and authentication data and can generate a payer authentication response.
765 Citations
20 Claims
-
1. A method comprising:
-
receiving, a Purchase Authentication Page by a computer from a control server over a communications network, the Purchase Authentication Page having a user response posting field to receive a response from a user to authenticate the user; and providing, a returned Purchase Authentication Page by the computer to the control server over the communications network, the returned Purchase Authentication Page having a user response disposed in the user response posting field and a secure datum received from a verification token associated with the computer, wherein the control server thereafter compares at least a portion of the received user response to a stored user response to make a first determination of whether a match exists, compares the received secure datum to a stored secure datum to make a second determination of whether a match exists, and generates a Payer Authentication Response message based on at least the first and second determinations. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer comprising:
-
a processor; and a computer readable medium, the computer readable medium comprising code, executable by the processor, to implement a method comprising; receiving, a Purchase Authentication Page from a control server over a communications network, the Purchase Authentication Page having a user response posting field to receive a response from a user to authenticate the user; and providing, a returned Purchase Authentication Page to the control server over the communications network, the returned Purchase Authentication Page having a user response disposed in the user response posting field and a secure datum received from a verification token associated with the computer, wherein the control server thereafter compares at least a portion of the received user response to a stored user response to make a first determination of whether a match exists, compares the received secure datum to a stored secure datum to make a second determination of whether a match exists, and generates a Payer Authentication Response message based on at least the first and second determinations. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method comprising:
-
receiving, by a computer from an control server, a Purchase Authentication Page with page display parameters that cause the Purchase Authentication Page to not be visible or to not be fully visible on a display of the computer if a risk assessment performed by the control server is below a threshold value; and receiving, by the computer from the control server, the Purchase Authentication Page with page display parameters that cause the Purchase Authentication Page to be visible on the display of the computer if the risk assessment is above the threshold value. - View Dependent Claims (17, 18, 19, 20)
-
Specification