Authentication system

US 20040059952A1
Filed: 10/06/2003
Published: 03/25/2004
Est. Priority Date: 12/14/2000
Status: Abandoned Application

First Claim

Patent Images

1. An authentication service for authenticating a consumer to a client using a remote authentication service provider that is adapted to respond to authentication requests from a plurality of different clients, in which the authentication service provider carries out the steps of:

receiving an authentication request, the authentication request including a consumer name and a unique consumer code;

accessing at least one authentication data store containing consumer data associated with the consumer name;

determining the validity of the unique consumer code in dependence on the consumer data; and

, transmitting an authentication reply to the client confirming whether or not the consumer has been authenticated.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention allows clients to authenticate consumers using a trusted authentication service provider. The system addresses the concerns of consumers and business organisations alike. The objective is to assure clients of the authentication service of the true identity of the consumer. The remote authentication service provider maintains consumer data to facilitate a fast authentication of the consumer on the basis of a consumer name and a unique consumer code. In a preferred system, the unique consumer code is a one-time password (OTP) generated by a hardware token held by the consumer. The remote authentication service provider confirms that any password generated by the token is valid.

266 Citations

20 Claims

1. An authentication service for authenticating a consumer to a client using a remote authentication service provider that is adapted to respond to authentication requests from a plurality of different clients, in which the authentication service provider carries out the steps of:
- receiving an authentication request, the authentication request including a consumer name and a unique consumer code;
  
  accessing at least one authentication data store containing consumer data associated with the consumer name;
  
  determining the validity of the unique consumer code in dependence on the consumer data; and
  
  , transmitting an authentication reply to the client confirming whether or not the consumer has been authenticated.
- View Dependent Claims (2, 3)
- - 2. An authentication service according to claim 1, in which the unique consumer code is a one-time password generated by a hardware token.
  - 3. A computer program product comprising computer executable code for performing the method of claim 1 or 2.

4. An authentication engine for providing a remote authentication service for a plurality of different clients requiring authentication of consumers prior to completing a transaction or granting access to a service or application provided by the client, the authentication engine comprising:
- a communications interface for accepting an authentication request from a client, the authentication request including a consumer name and a unique consumer code;
  
  at least one authentication data store containing consumer data associated with the consumer name; and
  
  , a processing system adapted for accessing the at least one authentication data store and determining the validity of the unique personal code in dependence on the consumer data, and for generating an authentication reply to the client confirming whether or not the consumer has been authenticated.
- View Dependent Claims (5)
- - 5. An authentication service according to claim 4, in which the unique consumer cod is a one-time password generated by a hardware tok n.

6. A method of authentication in which a consumer requests a transaction or access to a service or resource provided by a client, in which the client carries out the steps of:
- obtaining a consumer name and a unique consumer code from the consumer, transmitting an authentication request to a remote authentication service provider that is accessible by a number of different clients, the authentication request including the consumer name and the unique consumer code;
  
  receiving an authentication reply from the remote authentication service provider identifying whether or not the consumer has been authenticated; and
  
  , if the consumer is authenticated, proceeding with the transaction or providing the access or service requested by the consumer.
- View Dependent Claims (7)
- - 7. A method according to claim 6, in which the unique consumer code is a one-time password generated by a hardware token.

8. A payment authorisation service in which a client transmits a payment authorisation request in respect of a consumer transaction to a remote service provider adapted to respond to payment authorisation requests from a number of different clients, in which the remote service provider carries out the steps of:
- receiving a payment authorisation request from a client, the payment authorisation request including a consumer and a unique consumer code;
  
  accessing at least one data store containing consumer data associated with the consumer name and determining the validity of the unique consumer code in dependence on the consumer data, thereby authenticating the consumer; and
  
  , executing a payment process to fulfil the payment authorisation request and thereby complete an authorised transaction.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. A payment authorisation service according to claim 8, in which the uniqu consumer code is a one-time password generated by a hardware token.
  - 10. A payment authorisation service according to claim 8 or 9, in which the manner in which payment authorisation is obtained is dependent on a payment protocol stipulated by the acquirer and/or issuer.
  - 11. A payment authorisation service according to any of claims 8 to 10, which supports a plurality of different payment protocols through a number of different payment modules.
  - 12. A payment authorisation service according to claim 11, which hosts a merchant POS payment module.
  - 13. A computer program product comprises a computer executable code for performing the method of any of claims 8 to 12.

14. A payment authorisation engine for providing a hosted remote payment authorisation service for a plurality of different clients transacting with consumers, the payment authorisation engine comprising:
- a communications interface for receiving a payment authorisation request from a client, the payment authorisation request including a consumer name and a uniqu consumer code;
  
  a number of data stores containing consumer data, including details of consumer payment cards; and
  
  a processing system including a number of payment modules that enabl authorised payments according to a predetermined protocol, the processing system being adapted for accessing at least one data store containing consumer data associated with the consumer name and determining the validity of the uniqu consumer code, thereby authenticating the consumer, and execute a payment process using a selected payment module to fulfil the payment authorisation request and thereby complete an authorised transaction.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. A payment authorisation engine according to claim 14, in which the unique consumer code is a one-time password generated by a hardware token.
  - 16. A payment authorisation engine according to claim 14 or 15, in which the manner in which payment authorisation is obtained is dependent on a payment protocol stipulated by the acquirer and/or issuer.
  - 17. A payment authorisation engine according to any of claims 14 to 16, which supports a plurality of different payment protocols through a number of different payment modules.
  - 18. A payment authorisation engine according to claim 17, which hosts a merchant POS payment module.
  - 19. A payment authorisation engine according to any of claims 14 to 18, further comprising a first database that contains data associated with respective consumer names to allow a consumer to be authenticated.
  - 20. A payment authorisation engine according to any of claims 14 to 19, further comprising a second database that contains credit and/or debit card details associated with respective consumers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Prism Technologies LLC (Prism Technologies Group, Inc.)
Original Assignee
Prism Technologies LLC (Prism Technologies Group, Inc.)
Inventors
Azari, Jian, Newport, Peter

Application Number

US10/450,755
Publication Number

US 20040059952A1
Time in Patent Office

Days
Field of Search
US Class Current

713/202
CPC Class Codes

G06F 21/34   involving the use of extern...

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3829   involving key management

G06Q 20/385   using an alias or single-us...

G06Q 20/4097   using mutual authentication...

G07C 9/20   involving the use of a pass

G07F 7/0886   the card reader being porta...

G07F 7/1008   Active credit-cards provide...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0838   using one-time-passwords

H04L 63/0884   by delegation of authentica...

H04L 9/321   involving a third party or ...

H04L 9/3228   One-time or temporary data,...

H04L 9/3234   involving additional secure...

Authentication system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

266 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

266 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links