Establishing a secure channel with a human user
First Claim
1. A method of establishing a secure channel between a user and a computer application comprising:
- rendering to the user a randomly selected identifier;
receiving input from the user based on both the randomly selected identifier and a secret identifier associated with the user;
determining, based on the input whether the user demonstrates knowledge of the secret identifier; and
authenticating or not authenticating the user based upon the outcome of said determining step.
4 Assignments
0 Petitions
Accused Products
Abstract
A method of establishing a secure channel between a human user and a computer application is described. A secret unique identifier (“PIN”) is shared between a user and an application. When the user makes a request that involves utilizing the PIN for authentication purposes, the application renders a randomly selected identifier. The randomly selected identifier is in a format that is recognizable to a human but is not readily recognizable by an automated agent. The randomly selected identifier is then presented to the human user. The user identifies the relationship between the randomly selected identifier and the PIN. If the user'"'"'s input reflects the fact that the user knows the PIN, then the user is authenticated.
-
Citations
18 Claims
-
1. A method of establishing a secure channel between a user and a computer application comprising:
-
rendering to the user a randomly selected identifier;
receiving input from the user based on both the randomly selected identifier and a secret identifier associated with the user;
determining, based on the input whether the user demonstrates knowledge of the secret identifier; and
authenticating or not authenticating the user based upon the outcome of said determining step. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for authenticating a user with a secure application in an insecure environment comprising the steps of:
-
generating a PIN that is associated with the user, the PIN being known by both the secure application and the user;
requesting an operation such that the secure application renders a randomly generated identifier;
sending the randomly generated identifier to a display device, which displays the randomly generated identifier to the user;
receiving input in the form of at least one command such that at least one value is attributed to the at least one command, the at least one value having a relationship to the PIN;
sending the at least one value to the secure application, wherein the secure application compares the at least one value to the PIN to determine if the at least one value corresponds to the PIN; and
if the user input demonstrates knowledge of the PIN authenticating the user; and
if the user input does not demonstrate knowledge of the PIN not authenticating the user. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A system for establishing a secure channel from a user to an application over which a PIN can be submitted comprising:
-
a display;
a memory for storing information concerning the PIN;
a processor configured for executing instructions stored in the memory wherein the memory stores instructions that;
generating a random identifier in response to a request using the PIN;
rendering the random identifier to the user;
receive information from the user;
determine if the information received sufficiently demonstrates knowledge of the PIN. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification