Method and system for information authentication

US 10,325,088 B2
Filed: 06/03/2015
Issued: 06/18/2019
Est. Priority Date: 07/03/2014
Status: Active Grant

First Claim

Patent Images

1. An computer-implemented method for facilitating multi-party authentication, the method comprising:

receiving, via a communication module, a first request from a primary user to associate a plurality of authentication assistance users with an account of the primary user;

storing, in a storage device, data associating the account of the primary user with the authentication assistance users;

receiving, via the communication module, a second request from the primary user to perform an operation, wherein the second request is received subsequent to storing the data associating the account of the primary user with the authentication assistance users;

determining, by a processor, a type of the operation in the second request;

in response to determining that the type is a first predetermined type of operation which requires approval from the authentication assistance users;

sending an authentication request to each of the authentication assistance users;

in response to receiving an approval response from a first subset of the authentication assistance users, wherein the first subset is a first percentage which is less than an entirety of the authentication assistance users and greater than a predetermined threshold, allowing the second request;

in response to detecting a lack of response from a first authentication assistance user within a predetermined period of time, counting the lack of response as receiving a denial response; and

in response to receiving a denial response from a second subset of the authentication assistance users, wherein the second subset is a second percentage which is less than the entirety of the authentication assistance users and less than or equal to the predetermined threshold, denying the second request,wherein prior to receiving the denial response from the second subset, the method further comprises;

receiving, by at least one second authentication assistance user of the second subset, the authentication request;

in response to the authentication request, providing, by the at least one second authentication assistance user, a reason for the denial; and

receiving, by the communication module, the reason for the denial provided by the at least one second authentication assistance user, andwherein subsequent to receiving the denial response from the second subset, the method further comprises;

displaying, on a device associated with the primary user, the reason for the denial provided by the at least one second authentication assistance user.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system is provided for facilitating multi-party authentication. During operation, the system receives, via a communication module, an operation request from a primary user. The system then sends an authentication request to the authentication assistance user and receives a response from the authentication assistance user. Subsequently, the system allows or denies the operation request based on the response received from the authentication assistance user.

Citations

22 Claims

1. An computer-implemented method for facilitating multi-party authentication, the method comprising:
- receiving, via a communication module, a first request from a primary user to associate a plurality of authentication assistance users with an account of the primary user;
  
  storing, in a storage device, data associating the account of the primary user with the authentication assistance users;
  
  receiving, via the communication module, a second request from the primary user to perform an operation, wherein the second request is received subsequent to storing the data associating the account of the primary user with the authentication assistance users;
  
  determining, by a processor, a type of the operation in the second request;
  
  in response to determining that the type is a first predetermined type of operation which requires approval from the authentication assistance users;
  
  sending an authentication request to each of the authentication assistance users;
  
  in response to receiving an approval response from a first subset of the authentication assistance users, wherein the first subset is a first percentage which is less than an entirety of the authentication assistance users and greater than a predetermined threshold, allowing the second request;
  
  in response to detecting a lack of response from a first authentication assistance user within a predetermined period of time, counting the lack of response as receiving a denial response; and
  
  in response to receiving a denial response from a second subset of the authentication assistance users, wherein the second subset is a second percentage which is less than the entirety of the authentication assistance users and less than or equal to the predetermined threshold, denying the second request,wherein prior to receiving the denial response from the second subset, the method further comprises;
  
  receiving, by at least one second authentication assistance user of the second subset, the authentication request;
  
  in response to the authentication request, providing, by the at least one second authentication assistance user, a reason for the denial; and
  
  receiving, by the communication module, the reason for the denial provided by the at least one second authentication assistance user, andwherein subsequent to receiving the denial response from the second subset, the method further comprises;
  
  displaying, on a device associated with the primary user, the reason for the denial provided by the at least one second authentication assistance user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 19, 20, 21, 22)
- - 2. The method of claim 1, further comprising:
    - in response to determining that the type is not the first predetermined type of operation, allowing the second request.
  - 3. The method of claim 2, wherein determining whether the type is the first predetermined type of operation further comprises:
    - applying at least one predetermined rule to the received second request.
  - 4. The method of claim 3, wherein the predetermined rule is based on a payment amount.
  - 5. The method of claim 1, wherein in response to sending the authentication request to each of the authentication assistance users, the method further comprises:
    - receiving responses from each of the authentication assistance users;
      
      determining a first number of received approval responses; and
      
      allowing or denying the request based on whether a ratio of the first number to a total number of the authentication assistance users is greater than the predetermined threshold.
  - 6. The method of claim 1, wherein sending the authentication request to a respective authentication assistance user comprises sending the respective authentication assistance user a text message based on a phone number, an email, or an instant message.
  - 7. The method of claim 1, wherein denying the second request comprises sending a reason for denial to the primary user.
  - 19. The method of claim 1, wherein sending the authentication request further comprises searching for a respective authentication assistance user associated with the account through which the primary user sends the second request.
  - 20. The method of claim 1, further comprising:
    - receiving a threshold-defining request from the primary user to specify a predetermined threshold of authentication assistance users required to approve a type of operation requested by the primary user.
  - 21. The method of claim 1, further comprising:
    - receiving a third request from a user to perform a new operation, wherein the user is not an owner of the account;
      
      determining, based on conditions specified by the owner of the account, that the new operation requires approval from a respective authentication assistance user;
      
      receiving a second response from the respective authentication assistance user; and
      
      denying the third request based on the second response received from the respective authentication assistance user.
  - 22. The method of claim 1, wherein allowing or denying the second request further comprises:
    - sending a security question associated with the account to the primary user; and
      
      allowing the second request in response to receiving a correct answer to the security question from the primary user.

8. A non-transitory storage medium storing instructions, which when executed by a processor cause the processor to perform a method for facilitating multi-party authentication, the method comprising:
- receiving, via a communication module, a first request from a primary user to associate a plurality of authentication assistance users with an account of the primary user;
  
  storing, in a storage device, data associating the account of the primary user with the authentication assistance users;
  
  receiving, via the communication module, a second request from the primary user to perform an operation, wherein the second request is received subsequent to storing the data associating the account of the primary user with the authentication assistance users;
  
  determining, by the processor, a type of the operation in the second request;
  
  in response to determining that the type is a first predetermined type of operation which requires approval from the authentication assistance users;
  
  sending an authentication request to each of the authentication assistance users;
  
  in response to receiving an approval response from a first subset of the authentication assistance users, wherein the first subset is a first percentage which is less than an entirety of the authentication assistance users and greater than a predetermined threshold, allowing the second request;
  
  in response to detecting a lack of response from a first authentication assistance user within a predetermined period of time, counting the lack of response as receiving a denial response; and
  
  in response to receiving a denial response from a second subset of the authentication assistance users, wherein the second subset is a second percentage which is less than the entirety of the authentication assistance users and less than or equal to the predetermined threshold, denying the second request,wherein prior to receiving the denial response from the second subset, the method further comprises;
  
  receiving, by at least one second authentication assistance user of the second subset, the authentication request;
  
  in response to the authentication request, providing, by the at least one second authentication assistance user, a reason for the denial; and
  
  receiving, by the communication module, the reason for the denial provided by the at least one second authentication assistance user, andwherein subsequent to receiving the denial response from the second subset, the method further comprises;
  
  displaying, on a device associated with the primary user, the reason for the denial provided by the at least one second authentication assistance user.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The non-transitory storage medium of claim 8, wherein the method further comprises:
    - in response to determining that the type is not the first predetermined type of operation, allowing the second request.
  - 10. The non-transitory storage medium of claim 9, wherein determining whether the type is the first predetermined type of operation further comprises:
    - applying at least one predetermined rule to the received second request.
  - 11. The non-transitory storage medium of claim 8, wherein in response to sending the authentication request to each of the authentication assistance users, the method further comprises:
    - receiving responses from each of the authentication assistance users;
      
      determining a first number of received approval responses; and
      
      allowing or denying the request based on whether a ratio of the first number to a total number of the authentication assistance users is greater than the predetermined threshold.
  - 12. The non-transitory storage medium of claim 8, wherein denying the second request comprises sending a reason for denial to the primary user.

13. A computer system for facilitating multi-party authentication, the computer system comprising:
- a processor;
  
  a memory coupled to the processor and storing instructions, which when executed by the processor cause the processor to perform a method, the method comprising;
  
  receiving, via a communication module, a first request from a primary user to associate a plurality of authentication assistance users with an account of the primary user;
  
  storing, in a storage device, data associating the account of the primary user with the authentication assistance users;
  
  receiving, via the communication module, a second request from the primary user to perform an operation, wherein the second request is received subsequent to storing the data associating the account of the primary user with the authentication assistance users;
  
  determining, by the processor, a type of the operation in the second request;
  
  in response to determining that the type is a first predetermined type of operation which requires approval from the authentication assistance users;
  
  sending an authentication request to each of the authentication assistance users;
  
  in response to receiving an approval response from a first subset of the authentication assistance users, wherein the first subset is a first percentage which is less than an entirety of the authentication assistance users and greater than a predetermined threshold, allowing the second request;
  
  in response to detecting a lack of response from a first authentication assistance user within a predetermined period of time, counting the lack of response as receiving a denial response; and
  
  in response to receiving a denial response from a second subset of the authentication assistance users, wherein the second subset is a second percentage which is less than the entirety of the authentication assistance users and less than or equal to the predetermined threshold, denying the second request,wherein prior to receiving the denial response from the second subset, the method further comprises;
  
  receiving, by at least one second authentication assistance user of the second subset, the authentication request;
  
  in response to the authentication request, providing, by the at least one second authentication assistance user, a reason for the denial; and
  
  receiving, by the communication module, the reason for the denial provided by the at least one second authentication assistance user, andwherein subsequent to receiving the denial response from the second subset, the method further comprises;
  
  displaying, on a device associated with the primary user, the reason for the denial provided by the at least one second authentication assistance user.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The computer system of claim 13, wherein the method further comprises:
    - in response to determining that the type is not the first predetermined type of operation, allowing the second request.
  - 15. The computer system of claim 14, wherein determining whether the type is the first predetermined type of operation further comprises:
    - applying at least one predetermined rule to the received second request.
  - 16. The computer system of claim 13, wherein in response to sending the authentication request to each of the authentication assistance users, the method further comprises:
    - receiving responses from each of the authentication assistance users;
      
      determining a first number of received approval responses; and
      
      allowing or denying the request based on whether a ratio of the first number to a total number of the authentication assistance users is greater than the predetermined threshold.
  - 17. The computer system of claim 13, wherein sending the authentication request to a respective authentication assistance user comprises sending the respective authentication assistance user a text message based on a phone number, an email, or an instant message.
  - 18. The computer system of claim 13, wherein denying the second request comprises sending a reason for denial to the primary user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Advanced New Technologies Company Limited (Ant Group Co., Ltd.)
Original Assignee
Alibaba Group Holding Ltd.
Inventors
Chen, Jinsai
Primary Examiner(s)
Wang, Harris C

Application Number

US14/730,111
Publication Number

US 20160004857A1
Time in Patent Office

1,476 Days
Field of Search

726 3
US Class Current
CPC Class Codes

G06F 21/40   by quorum, i.e. whereby two...

G06Q 20/386   using messaging services or...

G06Q 20/40   Authorisation, e.g. identif...

H04L 63/10   for controlling access to d...

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/12   Detection or prevention of ...

H04W 12/126   Anti-theft arrangements, e....

Method and system for information authentication

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for information authentication

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links