Secure registration and authentication of a user using a mobile device
First Claim
Patent Images
1. A non-transitory, computer-readable medium comprising program code that, when executed by a processor of a server data processing system, causes the server data processing system to:
- receive, from a mobile device via a path including a wireless communication link, a message including a registration code and identification information of the mobile device for registration of the mobile device as associated with a user identifier for authentication of the user identifier for future authentication sessions;
determine whether the received registration code matches at least one of a registration code generated prior to the receipt of the received registration code or a function of the prior generated registration code; and
register, in response to determining that the received registration code matches at least one of the prior generated registration code or the function thereof, the mobile device as associated with the user identifier for authentication of the user identifier for future authentication sessions and storing the identification information of the mobile device,during one of the authentication sessions;
receive the user identifier via a user interface for the one authentication session,for an online authentication mode, authenticate the user identifier for the one authentication session based on receiving an authentication confirmation from the mobile device via a path including a wireless communication link rather than through the one authentication session in response to an authentication request sent to the mobile device by the server data processing system via a path including a wireless communication link,for an offline authentication mode, authenticate the user identifier for the one authentication session based on receipt, via the user interface for the one authentication session, of an authentication code identified by the mobile device, andautomatically switch from the online authentication mode to the offline authentication mode, based on at least detecting that the server data processing system is not able to connect to the mobile device based on detecting that the server data processing system is not receiving the authentication confirmation from the mobile device.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer-readable medium embodies a computer program for obtaining information for a payment transaction. The computer program comprises computer-readable program code for: generating a first message including an identifier and a request for the information, sending the first message via a first communication path, receiving a second message including the information and the identifier via a second path different from the first communication path, and processing the payment transaction using the information obtained in the second message.
159 Citations
17 Claims
-
1. A non-transitory, computer-readable medium comprising program code that, when executed by a processor of a server data processing system, causes the server data processing system to:
-
receive, from a mobile device via a path including a wireless communication link, a message including a registration code and identification information of the mobile device for registration of the mobile device as associated with a user identifier for authentication of the user identifier for future authentication sessions; determine whether the received registration code matches at least one of a registration code generated prior to the receipt of the received registration code or a function of the prior generated registration code; and register, in response to determining that the received registration code matches at least one of the prior generated registration code or the function thereof, the mobile device as associated with the user identifier for authentication of the user identifier for future authentication sessions and storing the identification information of the mobile device, during one of the authentication sessions; receive the user identifier via a user interface for the one authentication session, for an online authentication mode, authenticate the user identifier for the one authentication session based on receiving an authentication confirmation from the mobile device via a path including a wireless communication link rather than through the one authentication session in response to an authentication request sent to the mobile device by the server data processing system via a path including a wireless communication link, for an offline authentication mode, authenticate the user identifier for the one authentication session based on receipt, via the user interface for the one authentication session, of an authentication code identified by the mobile device, and automatically switch from the online authentication mode to the offline authentication mode, based on at least detecting that the server data processing system is not able to connect to the mobile device based on detecting that the server data processing system is not receiving the authentication confirmation from the mobile device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 17)
-
-
9. A server data processing system comprising:
-
a communication interface configured to receive, from a mobile device via a path including a wireless communication link, a message including a registration code and identification information of the mobile device for registration of the mobile device as associated with a user identifier for authentication of the user identifier for future authentication sessions; a processor operably connected to the communication interface, the processor configured to; determine whether the received registration code matches at least one of a registration code generated prior to the receipt of the received registration code or a function of the prior generated registration code; and register, in response to determining that the received registration code matches at least one of the prior generated registration code or the function thereof, the mobile device as associated with the user identifier for authentication of the user identifier for future authentication sessions and storing the identification information of the mobile device, wherein, during one of the authentication sessions; the communication interface is further configured to receive the user identifier via a user interface for the one authentication session, and the processor is further configured to; for an online authentication mode, authenticate the user identifier for the one authentication session based on receiving an authentication confirmation from the mobile device via a path including a wireless communication link rather than through the one authentication session in response to an authentication request sent to the mobile device via the communication interface and a path including a wireless communication link, for an offline authentication mode, authenticate the user identifier for the one authentication session based on receipt, via the user interface for the one authentication session, of an authentication code identified by the mobile device, and automatically switch from the online authentication mode to the offline authentication mode, based on at least detecting that the server data processing system is not able to connect to the mobile device based on detecting that the server data processing system is not receiving the authentication confirmation from the mobile device. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification