Dialect independent multi-dimensional integrator using a normalized language platform and secure controlled access
First Claim
1. A universal aggregator for disparate services and channels to allow for secure transactions involving authentication and/or authorization of a user with regard to a service or channel in one or more than one network comprising:
- a connection of the user from a portal through which the user communicates a message containing a request to initiate a transaction at a destination in which one or more than one of an authorization or an authentication indicia is required and where access to the destination is determined by predetermined criteria associated with the request;
means for transmitting the message from the portal to a switch, the switch having means capable of determining a session key associated with the user and the user'"'"'s relationship with the destination, the destination comprising a predetermined activity in a network, device or system, the switch establishing a cache associated with the message, the cache being associated with the session key, the session key being selected from the group consisting of an existing session key and/or a new session key;
the switch comprising a processor interconnected with the means for transmitting, one or more than one network, device, or system, and a security service having means to verify the user, the verification comprising a comparison of a component contained in the message to preexisting data associated with the user, the request and the portal associated with an index of services and/or channels, devices or networks, and in which comparison,
1) if validation does not occur, the request is denied, and
2) if validation occurs, a credential is created which is thereupon transferred to the session cache, and upon verification, means to transfer one of the session key maintained in the cache, the new session key maintained in the cache, an existing credential, or the credential created in the verification to the destination associated with the request; and
means for transmitting a signal representing a determination of whether validation has occurred for the request to one or more than one of the user and the destination.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method of aggregating and integrating authentication and/or authorization protocols of a user or a user'"'"'s information across a wide range of related or nonrelated channels and exchange services. An interface is provided that allows multi-credential, multi-service, multi-role, and multi-channel based routing to multiple authorization and authentication providers in a secure system. Using a standardized language, the system creates a framework to enable entities to communicate and perform transactions instantly or nearly instantly, and seamlessly. The systems supports trusted and untrusted connections as well as multiple levels of encryption.
97 Citations
29 Claims
-
1. A universal aggregator for disparate services and channels to allow for secure transactions involving authentication and/or authorization of a user with regard to a service or channel in one or more than one network comprising:
-
a connection of the user from a portal through which the user communicates a message containing a request to initiate a transaction at a destination in which one or more than one of an authorization or an authentication indicia is required and where access to the destination is determined by predetermined criteria associated with the request;
means for transmitting the message from the portal to a switch, the switch having means capable of determining a session key associated with the user and the user'"'"'s relationship with the destination, the destination comprising a predetermined activity in a network, device or system, the switch establishing a cache associated with the message, the cache being associated with the session key, the session key being selected from the group consisting of an existing session key and/or a new session key;
the switch comprising a processor interconnected with the means for transmitting, one or more than one network, device, or system, and a security service having means to verify the user, the verification comprising a comparison of a component contained in the message to preexisting data associated with the user, the request and the portal associated with an index of services and/or channels, devices or networks, and in which comparison,
1) if validation does not occur, the request is denied, and
2) if validation occurs, a credential is created which is thereupon transferred to the session cache, and upon verification, means to transfer one of the session key maintained in the cache, the new session key maintained in the cache, an existing credential, or the credential created in the verification to the destination associated with the request; and
means for transmitting a signal representing a determination of whether validation has occurred for the request to one or more than one of the user and the destination. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 22, 23, 24, 25, 26, 29)
-
-
10. A language independent integrator of related or unrelated services and channels to perform secure transactions requiring one or more authorization and authentication indicia in one or more than one network comprising:
-
a connection of the user to a network from a portal through which the user communicates a message containing a request to initiate a transaction at a destination in which one or more than one of an authorization or an authentication indicia is required and where access to the destination is determined by predetermined criteria associated with the request;
one or more than one adapter connected to the network, the adapter having means for translating the message from the portal into a format recognizable by the destination, the adapter further having means capable of determining a session key, the destination comprising a plurality of services in one or more than one network, the adapter establishing a cache associated with the message, the cache being associated with one of
1) the session key determined by the adapter and
2) a new session key;
a processor interconnected with the adapter and the one or more than one network, the processor having means to verify the user with respect to predetermined information in a data store including information associated with the user, the verification comprising a multidimensional decision determined from information in the message and preexisting data associated with an index of services and channels, and upon verification, means to transfer one of the session key maintained in the cache, the new session key maintained in the cache, an existing credential, or a credential created in the verification, to the destination associated with the request; and
means for transmitting a signal representing a determination of one or more than one authorization and authentication associated with the request to one or more than one of the user and the destination dependent upon the verification. - View Dependent Claims (21)
-
-
27. A method for allowing secure transactions involving authentication and or authorization of a user with regard to disparate services or channels in one or more than one network comprising:
-
connecting a user from a portal enabling the user to communicate a message containing a request to initiate a transaction at a destination in which one or more than one of an authorization or an authentication indicia is required and in which user access to the destination to effect a predetermined activity is determined by predetermined criteria associated with the request, transmitting the message from the portal to a processor switch capable of determining a session key associated with the user and the user'"'"'s relationship with the destination, the destination, device or system, establishing in the switch a cache associated with the message and a session key selected from the group consisting of an existing session key and/or a new session key, interconnecting the processor switch with the means for transmitting, one or more than one network, device, or system, and a security service having means to verify the user by comparing a component contained in the message to preexisting data associated with the user, the request, and the portal associated with an index of services and/or channels, devices or networks, determining from the comparison that
1) if a comparison does not match, denying the request and
2) if a comparison matches, a) creating a credential and transferring the credential to the session cache, and b) transferring one of the session key maintained in the cache, the new session key maintained in the cache, an existing credential, or the credential created in the comparison to the destination associated with the request, andtransmitting a signal representing a determination of whether match has occurred for the request to one or more than one of the user and the destination.
-
-
28. A method for validating the existence of an account and confirming the sufficiency of funds at a financial institution for a customer payment to a merchant linked to a network associated with the merchant user and the customer with regard to separate multiple channels in one or more than one network comprising:
-
connecting a merchant from a portal enabling the merchant to communicate a message containing a request to initiate a transaction at a destination institution associated with a customer in which one or more than one of an authorization or an authentication indicia is required for the customer and merchant and in which merchant access to the destination to effect a predetermined activity is determined by predetermined criteria associated with the request, transmitting the message from the portal to a processor switch capable of determining a session key associated with the merchant and the merchant'"'"'s relationship with the destination, establishing in the switch a cache associated with the message and a session key selected from the group consisting of an existing session key and/or a new session key, interconnecting the processor switch with the means for transmitting, the destination network, and a security service having means to verify the merchant by comparing a component contained in the message to preexisting data associated with the merchant, the request, and the portal with respect to an index of channels at the destination, determining from the comparison that
1) if a comparison does not match, denying the request and
2) if a comparison matches, a) creating a credential and transferring the credential to the session cache and b) transferring the credential created in the comparison to the destination associated with the request,transmitting a signal representing a determination of whether a match has occurred to an adapter for interpreting the merchant message and verifying the customer based on information stored in a database and transmitting the interpreted message to a switch, comparing the interpreted message received by the switch to determine the customer financial institution and translating the message into a format recognizable by the customer financial institution and transmitting the translated message to the financial institution, determining the existence of the customer account and sufficiency of funds at the financial institution, upon a positive determination of the existence of the account and sufficiency of funds, transmitting an authorization signal in accordance with the request of the message to the accepting institution through the network, transferring the payment amount to an accepting institution on behalf of the merchant by debiting the purchaser'"'"'s account in the amount of the payment and crediting the merchant'"'"'s account in the amount of the payment, and recording the transfer transaction in the file of the purchaser'"'"'s account and the merchant'"'"'s account.
-
Specification