System and method for verifying user identity in a virtual environment
First Claim
Patent Images
1. A computer-implemented method of providing third party network user authentication for a first party user attempting to access a network service provided by a second party, said method comprising, at a third party authentication server:
- registering a network service;
registering a user device with a first user;
generating a first encryption key associated with the user device;
receiving a first encrypted check message from the user device;
generating timestamp information for the first encrypted check message;
receiving a second encrypted check message from the network service;
generating timestamp information for the second encrypted check message;
comparing the timestamp information for the first encrypted check message and the timestamp information for the second encrypted check message;
decrypting the first check message and the second check message using the first encryption key;
authorizing at least one of a network access or a network transaction between the first user and the network service based at least in part on a determination that a difference between the timestamp information for the first encrypted check message and the timestamp information for the second encrypted check message is less than a first threshold, and a comparison of the decrypted information from the first check message and the second check message; and
sending an authorization message to the network service based on said authorizing,wherein authorizing the at least one of a network access or a network transaction between the first user and the network service is further based at least in part on a determination that a time difference between timestamps included in the received first encrypted check message and the received second encrypted check message is less than a second threshold.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods for verifying user identity in a virtual environment are provided that may include the use of a trusted third party to perform identity verification. Devices may be configured such that the device is unalterably bound to a particular user via biometric data stored on the device and/or with the third party.
11 Citations
18 Claims
-
1. A computer-implemented method of providing third party network user authentication for a first party user attempting to access a network service provided by a second party, said method comprising, at a third party authentication server:
-
registering a network service; registering a user device with a first user; generating a first encryption key associated with the user device; receiving a first encrypted check message from the user device; generating timestamp information for the first encrypted check message; receiving a second encrypted check message from the network service; generating timestamp information for the second encrypted check message; comparing the timestamp information for the first encrypted check message and the timestamp information for the second encrypted check message; decrypting the first check message and the second check message using the first encryption key; authorizing at least one of a network access or a network transaction between the first user and the network service based at least in part on a determination that a difference between the timestamp information for the first encrypted check message and the timestamp information for the second encrypted check message is less than a first threshold, and a comparison of the decrypted information from the first check message and the second check message; and sending an authorization message to the network service based on said authorizing, wherein authorizing the at least one of a network access or a network transaction between the first user and the network service is further based at least in part on a determination that a time difference between timestamps included in the received first encrypted check message and the received second encrypted check message is less than a second threshold. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for providing third party user authentication for a first party user attempting to access a network service provided by a second party, said system comprising:
-
a computer processor; a network interface; and memory including instructions configured to; register a network service via the network interface; register a user device with a first user via the network interface; generate a first encryption key associated with the user device; receive a first encrypted check message from the user device via the network interface; generate timestamp information for the first encrypted check message; receive a second encrypted check message from the network service via the network interface; generate timestamp information for the second encrypted check message; compare the timestamp information for the first encrypted check message and the timestamp information for the second encrypted check message; decrypt the first check message and the second check message using the first encryption key; authorize at least one of a network access or a network transaction between the first user and the network service based at least in part on (a) a determination that a difference between the timestamp information for the first encrypted check message and the timestamp information for the second encrypted check message is less than a first threshold, and (b) a comparison of the decrypted information from the first check message and the second check message; and send an authorization message to the network service via the network interface based on said authorizing, wherein authorizing the at least one of a network access or a network transaction between the first user and the network service is further based at least in part on a determination that a time difference between timestamps included in the received first encrypted check message and the received second encrypted check message is less than a second threshold. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification