Direct authentication system and method via trusted authenticators

US 10,083,285 B2
Filed: 12/06/2017
Issued: 09/25/2018
Est. Priority Date: 08/29/2001
Status: Expired due to Term

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method of enhancing authentication of a user attempting to access an online system via a computer network, the method comprising:

receiving by the online system, via the computer network, user-authentication information including a user-authentication code provided by an authentication system to the user via the computer network after an attempt by the user to access information of the online system, wherein;

the user-authentication code is information generated by the authentication system for authenticating the user,the user-authentication code is configured to be valid for a predetermined time,the user-authentication code is configured to become invalid after the predetermined time, andthe user-authentication code is configured to become invalid after a first use to authenticate the user;

providing by the online system, via the computer network, a user-authentication request to the authentication system, wherein the user-authentication request includes the user-authentication code and user-identification information of the user;

receiving by the online system, via the computer network, a response to the user-authentication request indicating whether the authentication system authenticated the user, wherein;

the user is authenticated using the user-authentication code and the user-identification information included in the authentication request,the response to the user-authentication request confirms authentication of the user if the user-authentication code is valid, andthe response to the user-authentication request denies authentication of the user if the user-authentication code is invalid; and

providing by the online system, via the computer network, the user access to the information of the online system.

View all claims

2 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Reexamination

Accused Products

Abstract

Systems and methods are provided for enabling online entities to determine whether a user is truly the person who he says using a “two-factor” authentication technique and authenticating customer'"'"'s identity utilizing a trusted authenticator.

Citations

30 Claims

1. A method of enhancing authentication of a user attempting to access an online system via a computer network, the method comprising:
- receiving by the online system, via the computer network, user-authentication information including a user-authentication code provided by an authentication system to the user via the computer network after an attempt by the user to access information of the online system, wherein;
  
  the user-authentication code is information generated by the authentication system for authenticating the user,the user-authentication code is configured to be valid for a predetermined time,the user-authentication code is configured to become invalid after the predetermined time, andthe user-authentication code is configured to become invalid after a first use to authenticate the user;
  
  providing by the online system, via the computer network, a user-authentication request to the authentication system, wherein the user-authentication request includes the user-authentication code and user-identification information of the user;
  
  receiving by the online system, via the computer network, a response to the user-authentication request indicating whether the authentication system authenticated the user, wherein;
  
  the user is authenticated using the user-authentication code and the user-identification information included in the authentication request,the response to the user-authentication request confirms authentication of the user if the user-authentication code is valid, andthe response to the user-authentication request denies authentication of the user if the user-authentication code is invalid; and
  
  providing by the online system, via the computer network, the user access to the information of the online system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein the user-authentication code is a SecureCode.
  - 3. The method of claim 2, wherein the SecureCode is comprised of alphabetic characters.
  - 4. The method of claim 2, wherein the SecureCode is a Personal Identification Number (PIN).
  - 5. The method of claim 2, wherein the SecureCode is comprised of numeric characters.
  - 6. The method of claim 2, wherein the online system is an online site.
  - 7. The method of claim 1, wherein the information of the online system comprises a restricted web site.
  - 8. The method of claim 1, wherein the information of the online system comprises online account information.
  - 9. The method of claim 1, wherein, after providing the user device with the access, the user-authentication code is invalid for all subsequent attempts to access information of the online system.
  - 10. The method of claim 1, wherein online system is an online site.
  - 11. The method of claim 1, wherein the user-authentication code is comprised of alphanumeric characters.
  - 12. The method of claim 1, wherein the authentication system sends the user-authentication code to the user via a private network or a public network.
  - 13. The method of claim 1, wherein the user-authentication code is variable and has different value each time the user receives it.
  - 14. The method of claim 1, wherein the computer network is a private network or a public network.
  - 15. The method of claim 1, wherein the user-authentication code includes different, non-repeating values each time the user receives it.

16. A system for enhancing authentication of a user attempting to access an online system via a computer network, the system comprising one or more computing devices configured to perform operations comprising:
- receiving by the online system, via the computer network, user-authentication information including a user-authentication code provided by an authentication system to the user via the computer network after an attempt by the user to access information of the online system, wherein;
  
  the user-authentication code is information generated by the authentication system for authenticating the user,the user-authentication code is configured to be valid for a predetermined time,the user-authentication code is configured to become invalid after the predetermined time, andthe user-authentication code is configured to become invalid after a first use to authenticate the user;
  
  providing by the online system, via the computer network, a user-authentication request to the authentication system, wherein the user-authentication request includes the user-authentication code and user-identification information of the user;
  
  receiving by the online system, via the computer network, a response to the user-authentication request indicating whether the authentication system authenticated the user, wherein;
  
  the user is authenticated using the user-authentication code and the user-identification information included in the authentication request,the response to the user-authentication request confirms authentication of the user if the user-authentication code is valid, andthe response to the user-authentication request denies authentication of the user if the user-authentication code is invalid; and
  
  providing by the online system, via the computer network, the user access to the information of the online system.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 17. The system of claim 16, wherein the user-authentication code is a SecureCode.
  - 18. The system of claim 17, wherein the SecureCode is comprised of alphabetic characters.
  - 19. The system of claim 17, wherein the SecureCode is a Personal Identification Number (PIN).
  - 20. The system of claim 17, wherein the SecureCode is comprised of numeric characters.
  - 21. The system of claim 16, wherein the information of the online system comprises a restricted web site.
  - 22. The system of claim 16, wherein the information of the online system comprises an online account of the user.
  - 23. The system of claim 16, wherein, after providing the user device with the access, the user-authentication code is invalid for all subsequent attempts to access information of the online system.
  - 24. The system of claim 16, wherein the user-authentication code is comprised of alphanumeric characters.
  - 25. The system of claim 16, wherein the computer network is a private network or a public network.
  - 26. The system of claim 16, wherein the authentication system sends the user-authentication code to the user via a private network or a public network.
  - 27. The system of claim 16, wherein the user-authentication code is variable and has different value each time the user receives it.
  - 28. The system of claim 16, wherein the user-authentication code is provided to the user from the authentication system via the computer network.
  - 29. The system of claim 16, wherein the online system is an online site.
  - 30. The system of claim 16, wherein the user-authentication code includes different, non-repeating values each time the user receives it.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Factor2 Multimedia Systems, LLC
Original Assignee
Kamran Asghari-Kamrani, Nader Asghari-Kamrani
Inventors
Asghari-Kamrani, Nader, Asghari-Kamrani, Kamran
Primary Examiner(s)
Mehrmanesh, Amir

Application Number

US15/833,909
Publication Number

US 20180107811A1
Time in Patent Office

293 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/6245   Protecting personal data, e...

G06F 2221/2115   Third party

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3823   combining multiple encrypti...

G06Q 20/4014   Identity check for transact...

G07F 7/1008   Active credit-cards provide...

H04L 2463/082   applying multi-factor authe...

H04L 63/0421   Anonymous communication, i....

H04L 63/062   for key distribution, e.g. ...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0838   using one-time-passwords

H04L 63/0892   by using authentication-aut...

Direct authentication system and method via trusted authenticators

First Claim

2 Assignments

Litigations

0 Petitions

Reexamination

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Direct authentication system and method via trusted authenticators

First Claim

2 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Reexamination

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links