Process for authenticating an identity of a user

US 10,051,468 B2
Filed: 05/21/2014
Issued: 08/14/2018
Est. Priority Date: 05/24/2013
Status: Active Grant

First Claim

Patent Images

1. A process for authenticating an identity of a user accessing a location in a secure manner using a communications device that is in direct communication with an independent server and in secondary communication with a second server, wherein the communications device has a user interface and an input module, the process including the steps of:

i. hosting device information on the independent server for validation;

ii. generating and sending a user prompt from the device to the independent server, which prompt is validated by comparing the user prompt to the device information, and, if validated as correct, creating a device ID and transaction ID as indexes to identify the device on the database;

iii. generating a randomised keypad on the user interface;

iv. inserting and submitting a pass code by way of the randomized keypad;

v. relaying said pass code to the second server; and

vi. generating a second validation at the second server, using the pass code and thereby authenticating both user and device;

and wherein the randomized keypad is re-generated on each occasion that the user is required to provide user credentials, and where values of keypad keys are encrypted by the second server and communicated to the communication device via the independent server.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention provides a process for authenticating an identity of a user accessing a location in a secure manner using a communications device that is in direct communication with an independent server and in secondary communication with a second server, the communications device having a user interface and an input module, the process including the steps of hosting device information on the independent server for validation; generating and sending a user prompt from the device to the independent server for validation, and if validated as correct, creating a device ID and transaction ID as indexes to identify the device on the database; generating a randomised keypad on the user interface; inserting and submitting a pass code by way of the randomised keypad; relaying said pass code to the second server; and generating a second validation at the second server, using the pass code and thereby authenticating both user and device.

Citations

20 Claims

1. A process for authenticating an identity of a user accessing a location in a secure manner using a communications device that is in direct communication with an independent server and in secondary communication with a second server, wherein the communications device has a user interface and an input module, the process including the steps of:
- i. hosting device information on the independent server for validation;
  
  ii. generating and sending a user prompt from the device to the independent server, which prompt is validated by comparing the user prompt to the device information, and, if validated as correct, creating a device ID and transaction ID as indexes to identify the device on the database;
  
  iii. generating a randomised keypad on the user interface;
  
  iv. inserting and submitting a pass code by way of the randomized keypad;
  
  v. relaying said pass code to the second server; and
  
  vi. generating a second validation at the second server, using the pass code and thereby authenticating both user and device;
  
  and wherein the randomized keypad is re-generated on each occasion that the user is required to provide user credentials, and where values of keypad keys are encrypted by the second server and communicated to the communication device via the independent server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The process for authenticating an identity of a user as claimed in claim 1, wherein device information includes one or more of user name, user SIM card number (including mobile number attached to the SIM card), device make, device model, device OS platform, device serial number, device MAC address, device IP address, user location (geographical code), device IMEI, ICCID and System Identification Number of the communication device.
  - 3. The process for authenticating an identity of a user as claimed in claim 1, wherein if device information is validated as either new or incorrect, as in step ii), the process including the further steps of:
    - A. generating a request to the user to submit security information;
      
      B. inputting and transferring security information and the device information from the device to the independent server and the second server;
      
      C. storing the device information on the independent server;
      
      D. validating security information by the second server;
      
      E. if security information is validated as existing on second server the second server generating and communicating a request for user identity validation;
      
      F inputting user identity information, which if validated as correct, generating and sending a request to confirm device information with user;
      
      G. inputting device information via the device to the second server, which if correct, storing said device information on the independent server as authenticated; and
      
      H. granting access of said device to step iii).
  - 4. The process for authenticating an identity of a user as claimed in claim 3, wherein step is E) is performed by an authorized representative in communication with the second server, more preferably wherein the authorised representative makes direct contact with the user telephonically.
  - 5. The process for authenticating an identity of a user as claimed in claim 3, including a further step K) following from step H), the further step K) including:
    - K. displaying a security certificate on the user interface.
  - 6. The process for authenticating an identity of a user as claimed in claim 1, wherein security information includes user'"'"'s identity number, business registration number, or any other code or detail that is unique to the user.
  - 7. The process for authenticating an identity of a user as claimed in claim 3, including the further step of terminating further communication between the independent server, the second server and the user, in the event of security information being validated as not existing, or the user identity being incorrect.
  - 8. The process for authenticating an identity of a user as claimed in claim 1, including an additional step I) provided for after step iii) wherein the step I includesI. encrypting the randomized keypad such that an encrypted value is assigned for each key on the keypad, and wherein the randomized keypad is generated digitally on the user interface.
  - 9. The process for authenticating an identity of a user as claimed in claim 8, wherein the digitally generated randomized keypad presents as a shuffling of input access keys in a configuration that is different to conventional keypads.
  - 10. The process for authenticating an identity of a user as claimed in claim 8, wherein the step I) includes additional step J), comprising:
    - J. entering and submitting a secret combination of alpha-numeric characters by the user via a software banking program on the communication device, and wherein the secret combination is a plurality of words comprising at least five characters, more preferably comprising a maximum of 20 characters.
  - 11. The process for authenticating an identity of a user as claimed in claim 1, wherein the keypad keys and the transaction ID communicated from the independent server to the communication device and displayed on the interface, whilst the keypad keys, transaction ID and device ID are communicated in real time to the second server from the independent server.
  - 12. The process for authenticating an identity of a user as claimed in claim 1, wherein the encryption includes up to five alphanumeric characters.
  - 13. The process for authenticating an identity of a user as claimed in claim 1, wherein the input module is a mouse, touch screen, stylus or trackball.
  - 14. The process for authenticating an identity of a user as claimed in claim 1, wherein the pass code is an encrypted pass code and a deciphering step is required by the second server prior to validating the pass code.
  - 15. The process for authenticating an identity of a user as claimed in claim 1, wherein the user and device are authenticated if all of a user ID, the device ID and the pass code match those defined by the second server.

16. A process for authenticating an identity of a user accessing a location in a secure manner using a communications device that is in direct communication with an independent server and in secondary communication with a second server, wherein the communications device has a user interface and an input module, the process including the steps of:
- i. hosting device information on the independent server for validation;
  
  ii. generating and sending a user prompt from the device to the independent server, which prompt is validated by comparing the user prompt to the device information, and, if validated as correct, creating a device ID and transaction ID as indexes to identify the device on the database;
  
  iii. generating a randomised keypad on the user interface;
  
  iv. inserting and submitting a pass code by way of the randomized keypad;
  
  v. relaying said pass code to the second server; and
  
  vi. generating a second validation at the second server, using the pass code and thereby authenticating both user and device,wherein if device information is validated as either new or incorrect, as in step ii), the process including the further steps of;
  
  A. generating a request to the user to submit security information;
  
  B. inputting and transferring security information and the device information from the device to the independent server and the second server;
  
  C. storing the device information on the independent server;
  
  D. validating security information by the second server;
  
  E. if security information is validated as existing on second server the second server generating and communicating a request for user identity validation;
  
  F inputting user identity information, which if validated as correct, generating and sending a request to confirm device information with user;
  
  G. inputting device information via the device to the second server, which if correct, storing said device information on the independent server as authenticated; and
  
  H. granting access of said device to step iii).
- View Dependent Claims (17, 18, 19, 20)
- - 17. The process for authenticating an identity of a user as claimed in claim 16, including the further step of terminating further communication between the independent server, the second server and the user, in the event of security information being validated as not existing, or the user identity being incorrect.
  - 18. The process for authenticating an identity of a user as claimed in claim 16, wherein step is E) is performed by an authorized representative in communication with the second server, more preferably wherein the authorised representative makes direct contact with the user telephonically.
  - 19. The process for authenticating an identity of a user as claimed in claim 16, including a further step K) following from step H), the further step K) including:
    - K. displaying a security certificate on the user interface.
  - 20. The process for authenticating an identity of a user as claimed in claim 19, wherein the security certificate includes a mark in the form of a device, word or combination thereof, and wherein the mark preferably includes at least one of a plurality of words making up a secret combination.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Prashant G. Paima
Original Assignee
Prashant G. Paima
Inventors
Paima, Prashant G.
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Almeida, Devin E

Application Number

US14/892,645
Publication Number

US 20160105798A1
Time in Patent Office

1,546 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0823   using certificates cryptogr...

H04L 63/083   using passwords cryptograph...

H04L 63/0876   based on the identity of th...

H04L 63/105   Multiple levels of security

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/71   Hardware identity

H04W 12/72   Subscriber identity

Process for authenticating an identity of a user

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Process for authenticating an identity of a user

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links