ABDS Method and Verification Status for Authenticating Entity Access

US 20030126437A1
Filed: 01/31/2003
Published: 07/03/2003
Est. Priority Date: 08/04/2000
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a requesting entity for access to a controlled resource by communicating electronically over a communications medium to an access authentication component controlling the controlled resource, comprising the steps of,(a) the requesting entity initially opening a security account with the access authentication component, the access authentication component establishing and maintaining at least one record including information pertaining to the account and being retrievable based on a unique identifier established for the requesting entity, and for each record, associating a public key of a respective public-private key pair of the requesting entity with the record,(b) after initializing the account, the requesting entity entering personal verification data and verifying the data to form at least one verification status,(c) the requesting entity then originating an electronic message including the verification status and generating a digital signature using the private key of the requesting entity'"'"'s public-private key pair,(d) sending the digitally signed electronic message to the access authentication component with the unique identifier of the requesting entity, the access authentication component authenticating the electronic message and the verification status using the public key associated with the record identified by the requesting entity'"'"'s unique identifier included with the electronic message;

and(e) upon the successful authentication of the electronic message and the verification status, the access authentication component authenticating the requesting entity for access to the controlled resource.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Abstract of Disclosure

Authenticating an entity for access to a controlled resource by an access authentication component for the controlled resource includes the steps of: the requesting entity initially opening a security account with the access authentication component, with the access authentication component establishing and maintaining a record including information pertaining to the account and being retrievable based on a unique identifier for the requesting entity, and associating a public key of a public-private key pair with the record; the requesting entity originating an electronic message and generating a digital signature using a private key of the key pair, and sending the digitally signed electronic message to the access authentication component with the unique identifier; authenticating the electronic message using the public key associated with the record identified by the unique identifier; and upon successful authentication, authenticating access to the controlled resource. A digitally signed verification status is included with the electronic message.

170 Citations

View as Search Results

20 Claims

1. A method of authenticating a requesting entity for access to a controlled resource by communicating electronically over a communications medium to an access authentication component controlling the controlled resource, comprising the steps of,(a) the requesting entity initially opening a security account with the access authentication component, the access authentication component establishing and maintaining at least one record including information pertaining to the account and being retrievable based on a unique identifier established for the requesting entity, and for each record, associating a public key of a respective public-private key pair of the requesting entity with the record,(b) after initializing the account, the requesting entity entering personal verification data and verifying the data to form at least one verification status,(c) the requesting entity then originating an electronic message including the verification status and generating a digital signature using the private key of the requesting entity'"'"'s public-private key pair,(d) sending the digitally signed electronic message to the access authentication component with the unique identifier of the requesting entity, the access authentication component authenticating the electronic message and the verification status using the public key associated with the record identified by the requesting entity'"'"'s unique identifier included with the electronic message;
- and(e) upon the successful authentication of the electronic message and the verification status, the access authentication component authenticating the requesting entity for access to the controlled resource.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, including providing the requesting entity with a device and including the public-private key pair in the device.
  - 3. The method of claim 1, including the requesting entity establishing an account in the controlled resource.
  - 4. The method of claim 3, including an instruction regarding the controlled resource account in the electronic message.
  - 5. The method of claim 4, including executing the instruction regarding the controlled resource account contained in the electronic message.
  - 6. The method of claim 1, including granting access to the controlled resource in response to authenticating the requesting entity.
  - 7. The method of claim 1, including authenticating the electronic message after retrieving the public key from the database using the unique identifier.
  - 8. The method of claim 1, including storing the security account record in an account database.
  - 9. The method of claim 1, including personalizing the device by storing data relating to the requesting entity.

10. A method of authenticating a requesting entity for continuing access to a controlled resource by communicating electronically over a communications medium to an access authentication component for the controlled resource, the requesting entity initially entering personal verification data and verifying the data to form a verification status and having sent the verification status to the access authentication component, the access authentication component having evaluated the verification status and authenticated access to the controlled resource for the requesting entity, the access authentication component maintaining business rules and now requesting in accordance with one of the rules that the verification status be reconfirmed by the requesting entity, comprising the steps of,
- View Dependent Claims (11, 12, 13, 14)
- - 11. The method of claim 10, including providing the requesting entity with a device and including the public-private key pair in the device.
  - 12. The method of claim 10, including the requesting entity establishing an account in the controlled resource.
  - 13. The method of claim 10, including authenticating the electronic message after retrieving the public key from the database using the unique identifier.
  - 14. The method of claim 10, including storing the security account record in an account database.

15. A method of initially authenticating a requesting entity for access to a controlled resource by communicating electronically over a communications medium to an access authentication component for the controlled resource, comprising the steps of,
- View Dependent Claims (16, 17, 18, 19)
- - 16. The method of claim 15, including providing the requesting entity with a device and including the public-private key pair in the device.
  - 17. The method of claim 15, including the requesting entity establishing an account in the controlled resource.
  - 18. The method of claim 15, including authenticating the electronic message after retrieving the public key from the database using the unique identifier.
  - 19. The method of claim 15, including storing the security account record in an account database.

20. A data structure for an electronic communication from a requesting entity to an access authentication component, comprising

Specification

Resources

Litigation Campaign Assessment

Current Assignee
First Data Corporation (Fiserv Incorporated), Riverwood International Corporation
Original Assignee
First Data Corporation (Fiserv Incorporated)
Inventors
Wheeler, Anne M., WHEELER, Henry Lynn

Granted Patent

US 7,143,284 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 2221/2113   Multi-level security, e.g. ...

G06Q 20/00   Payment architectures, sche...

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/0855   involving a third party

G06Q 20/12   specially adapted for elect...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3558   Preliminary personalisation...

G06Q 20/3674   involving authentication

G06Q 20/3676   Balancing accounts

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/3823   combining multiple encrypti...

G06Q 20/3825   Use of electronic signatures

G06Q 20/3829   involving key management

G06Q 20/385   using an alias or single-us...

G06Q 20/388   using mutual authentication...

G06Q 20/4014   Identity check for transact...

G06Q 20/40145   Biometric identity checks

G06Q 20/403 : Solvency checks

G06Q 20/40975 : using encryption therefor

G06Q 50/188 : Electronic negotiation

G07F 7/0886 : the card reader being porta...

G07F 7/1008 : Active credit-cards provide...

G07F 7/1016 : Devices or methods for secu...

H04L 2209/42 : Anonymization, e.g. involvi...

H04L 2209/56 : Financial cryptography, e.g...

H04L 63/0428 : wherein the data content is...

H04L 63/0442 : wherein the sending and rec...

H04L 63/062 : for key distribution, e.g. ...

H04L 63/0823 : using certificates cryptogr...

H04L 63/083 : using passwords cryptograph...

H04L 63/12 : Applying verification of th...

H04L 9/321 : involving a third party or ...

H04L 9/3247 : involving digital signatures

View All

ABDS Method and Verification Status for Authenticating Entity Access

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

170 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

ABDS Method and Verification Status for Authenticating Entity Access

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

170 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links