Operation modes for user authentication system based on random partial pattern recognition
First Claim
1. A system for authentication of a client, comprising:
- a data processor including an interface to a database, an interface to a data network, and authentication system programs executable by the data processor, the system programs including, authentication logic supporting a “
what user knows”
authentication algorithm for authentication of a client based upon client credentials including an account user name and an account authentication code, and system logic supporting client account administration for the authentication algorithm, the client account administration including at least one mode of operation that presents an interface to a client via the data network having at least two tiers of security based on input by the client of information known to the client, a first tier in said at least two tiers requiring entry of one of the account user name and an email address, and a second tier in the at least two tiers requiring entry of one of client profile data sufficient to identify the client and at least a subset of said account authentication code.
2 Assignments
0 Petitions
Accused Products
Abstract
A system for authentication of a client includes logic supporting a “what user knows” algorithm for authentication of a client, such as a random partial pattern recognition algorithm, based upon client credentials including an account user name and an account authentication code. Logic supporting client account administration is operable without human intervention on the server side, and includes at least one mode of operation that presents an interface to a client via the data network having at least two tiers of security based on input by the client of secret information shared only between the client and the server. A first tier in said at least two tiers requires entry of one of the account user name and user'"'"'s email address, and a second tier in the at least two tiers requires entry of one of client profile data sufficient to identify the client and at least a subset of said account authentication code.
70 Citations
38 Claims
-
1. A system for authentication of a client, comprising:
a data processor including an interface to a database, an interface to a data network, and authentication system programs executable by the data processor, the system programs including, authentication logic supporting a “
what user knows”
authentication algorithm for authentication of a client based upon client credentials including an account user name and an account authentication code, andsystem logic supporting client account administration for the authentication algorithm, the client account administration including at least one mode of operation that presents an interface to a client via the data network having at least two tiers of security based on input by the client of information known to the client, a first tier in said at least two tiers requiring entry of one of the account user name and an email address, and a second tier in the at least two tiers requiring entry of one of client profile data sufficient to identify the client and at least a subset of said account authentication code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. A method for authentication of a client, comprising:
-
storing account client credentials, including an account user name and an account authentication code, in a database for a “
what user knows”
authentication algorithm;
presenting to a client via a data network, an account administration menu for the authentication algorithm, the account administration menu prompting selection of at least one mode of operation;
in response to input selecting one of said modes of operation for set up or modification of said account client credentials, presenting an interface to the client via the data network having at least two tiers of security based on input by the client of information known to the client, a first tier in said at least two tiers requiring entry of one of the account user name and an email address, and a second tier in the at least two tiers requiring entry of one of client profile data sufficient to identify the client and at least a subset of said account authentication code; and
accepting and storing data in said database modifying said account client credentials if said at least two tiers of security are successfully traversed. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A system for authentication of a client, comprising:
a data processor including an interface to a database, an interface to a data network, and authentication system programs executable by the data processor, the system programs including, authentication logic supporting an authentication algorithm for authentication of a client based upon client credentials including an account user name and an account authentication code comprising an ordered set of data fields, the ordered set being stored in said database, data fields in said ordered set including respective field contents, and system logic supporting client account administration for the authentication algorithm, the client account administration including at least one mode of operation that presents an interface to a client via the data network having at least two tiers of security based on input by the client of information known to the client, a first tier in said at least two tiers requiring entry of one of the account user name and an email address, and a second tier in the at least two tiers requiring entry of one of client profile data sufficient to identify the client and a random subset of said data fields from said account authentication code. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29)
-
30. A method for authentication of a client, comprising:
-
storing account client credentials, including an account user name and an account authentication code, in a database for an authentication algorithm, the account authentication code comprising an ordered set of data fields, the ordered set being stored in said database, data fields in said ordered set including respective field contents;
presenting to a client via a data network, an account administration menu for the authentication algorithm, the account administration menu prompting selection of at least one mode of operation;
in response to input selecting one of said modes of operation for set up or modification of said account client credentials, presenting an interface to the client via the data network having at least two tiers of security based on input by the client of information known to the client, a first tier in said at least two tiers requiring entry of one of the account user name and an email address, and a second tier in the at least two tiers requiring entry of one of client profile data sufficient to identify the client and a random subset of said ordered set of data fields of said account authentication code; and
accepting and storing data in said database modifying said account client credentials if said at least two tiers of security are successfully traversed. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38)
-
Specification