Method for computer identification verification

US 20030229782A1
Filed: 06/07/2002
Published: 12/11/2003
Est. Priority Date: 06/07/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method for verifying that a sign-in user computer is the same computer originally used to set up an account at a network website, said method comprising the steps of:

obtaining setup information from a setup user, said setup information including machine specific information about the computer being utilized by the setup user to convey said setup information;

encrypting said setup information and storing said encrypted information in a cookie file on said computer being utilized by the setup user to convey said setup information;

receiving sign-in information from the sign-in user, said sign-in information including machine specific information about the computer being utilized by the sign-in user to sign in, and the cookie file from the computer being utilized by the sign-in user to convey said sign-in information;

decrypting said cookie file from the computer being utilized by the sign-in user to convey said sign-in information to obtain decrypted setup information; and

comparing said decrypted setup information to said sign-in information to predict whether said sign-in user computer is the same computer originally used to set up the account.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for verifying over a network that a user attempting to sign in and access an account (a sign-in user) is the same individual that originally set up the account (i.e. the setup user) includes the step of receiving machine specific information during account setup. The website then encrypts the received machine specific information and sends the encryption back to the setup user'"'"'s computer for incorporation in the cookie file located on the computer'"'"'s hard drive. When a user attempts to sign in to access the account, the website acquires the cookie file located on the sign-in user'"'"'s computer and machine specific information about the sign-in user'"'"'s computer. The cookie is decrypted to reveal the machine specific information acquired during setup, and this information is compared to the machine specific information acquired from the sign-in user'"'"'s computer to generate a probability that the sign-in user is the setup user.

Citations

20 Claims

1. A method for verifying that a sign-in user computer is the same computer originally used to set up an account at a network website, said method comprising the steps of:
- obtaining setup information from a setup user, said setup information including machine specific information about the computer being utilized by the setup user to convey said setup information;
  
  encrypting said setup information and storing said encrypted information in a cookie file on said computer being utilized by the setup user to convey said setup information;
  
  receiving sign-in information from the sign-in user, said sign-in information including machine specific information about the computer being utilized by the sign-in user to sign in, and the cookie file from the computer being utilized by the sign-in user to convey said sign-in information;
  
  decrypting said cookie file from the computer being utilized by the sign-in user to convey said sign-in information to obtain decrypted setup information; and
  
  comparing said decrypted setup information to said sign-in information to predict whether said sign-in user computer is the same computer originally used to set up the account.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A method as recited in claim 1 wherein said setup information includes the setup user'"'"'s name and a setup user'"'"'s password.
  - 3. A method as recited in claim 1 wherein said machine specific information about the computer being utilized by the setup user to convey said setup information comprises the computer name.
  - 4. A method as recited in claim 1 wherein said machine specific information about the computer being utilized by the setup user to convey said setup information comprises the IP address.
  - 5. A method as recited in claim 1 wherein said machine specific information about the computer being utilized by the setup user to convey said setup information comprises the computer time and date offset from GST.
  - 6. A method as recited in claim 1 wherein said machine specific information about the computer being utilized by the setup user to convey said setup information comprises the network card ID.
  - 7. A method as recited in claim 1 wherein said machine specific information about the computer being utilized by the setup user to convey said setup information comprises an alphabetical list of cookies found on the computer being utilized by the setup user to convey said setup information.
  - 8. A method as recited in claim 1 wherein said machine specific information about the computer being utilized by the setup user to convey said setup information comprises the number of cookies stored on the computer being utilized by the setup user to convey said setup information.
  - 9. A method as recited in claim 1 wherein said step of comparing said setup information to said sign-in information to predict whether said sign-in user computer is the same computer originally used to set up the account utilizes fuzzy logic routines.

10. A method for verifying that a sign-in user computer is the same computer originally used to set up an account at a network website, comprising the steps of:
- maintaining a cookie file on the setup user'"'"'s computer, said cookie file including machine specific information about the setup user'"'"'s computer;
  
  receiving sign-in information from the sign-in user, said sign-in information including machine specific information about the computer being utilized by the sign-in user to sign in, and the cookie file from the computer being utilized by the sign-in user to convey said sign-in information; and
  
  comparing said setup information to said sign-in information to predict whether said sign-in user computer is the same computer originally used to set up the account.
- View Dependent Claims (11, 12)
- - 11. A method as recited in claim 10 wherein the step of maintaining a cookie file on the setup user'"'"'s computer includes the steps of:
    - receiving setup information from the setup user, said setup information including machine specific information about the computer being utilized by the setup user to convey said setup information;
      
      encrypting said setup information and storing said encrypted information in a cookie file on said computer being utilized by the setup user to convey said setup information; and
      
      updating the cookie file in response to information received during sign-in events wherein the sign-in user computer has been verified to be the same computer originally used to set up the account.
  - 12. A method as recited in claim 10 wherein said machine specific information about the computer being utilized by the setup user to convey said setup information comprises the computer time and date offset from GST, as well as changes in machine specific information and the rates of these changes.

13. A method for verifying that a sign-in user computer is the same computer originally used to set up an account, said method comprising the steps of:
- storing machine specific information about the computer being utilized by the setup user to convey setup information in the cookie file at the setup user'"'"'s computer;
  
  establishing a comparison algorithm;
  
  inputting machine specific information about the computer being utilized by the sign-in user into said comparison algorithm;
  
  inputting information from the cookie file stored on the computer being utilized by the sign-in user into said comparison algorithm; and
  
  running said comparison algorithm to generate a probability that the sign-in user computer is the same computer originally used to set up the account.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. A method as recited in claim 13 wherein said comparison algorithm uses fuzzy logic techniques.
  - 15. A method as recited in claim 13 further comprising the steps of:
    - storing information received from a plurality of setup users and a plurality of sign-in users in a database; and
      
      using said database to update said comparison algorithm.
  - 16. A method as recited in claim 13 further comprising the steps of:
    - receiving from said sign-in user a request to perform a specific account activity;
      
      generating a minimum match probability for said specific account activity; and
      
      comparing said minimum match probability to said probability that the sign-in user computer is the same computer originally used to set up the account to determine whether to allow said sign-in user to perform said specific account activity.
  - 17. A method as recited in claim 13 wherein said machine specific information about the computer being utilized by the setup user to convey said setup information comprises the computer time and date offset from GST.
  - 18. A method as recited in claim 13 wherein the step of storing machine specific information about the computer being utilized by the setup user to convey setup information in the cookie file at the setup user'"'"'s computer comprises the step of encrypting said machine specific information about the setup user'"'"'s computer.
  - 19. A method as recited in claim 16 wherein said receiving step is performed at a first website and said comparing step is performed at a second website.
  - 20. A method as recited in claim 16 wherein said receiving step and said comparing step are performed at the same website.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
900Pennies Incorporated
Original Assignee
900Pennies Incorporated
Inventors
Bible, Robert Jr., Burnett, Mark Steven

Application Number

US10/165,514
Publication Number

US 20030229782A1
Time in Patent Office

Days
Field of Search
US Class Current

713/155
CPC Class Codes

G06F 21/31 User authentication

Method for computer identification verification

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method for computer identification verification

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links