Method and apparatus for user authentication using a cellular telephone and a transient pass code

US 20040203595A1
Filed: 08/12/2002
Published: 10/14/2004
Est. Priority Date: 08/12/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method of using a password in a password access controlled system comprising the steps of:

calling using a cell phone an authentication system;

verifying caller identification, the authentication system voice responding with a password; and

using the password to access the system.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Authentication system 10 is used to store a user'"'"'s existing passwords; alternatively, the authentication system creates on demand a transient random pass code that is good for a limited duration. When the user has forgotten the password in a traditional system, alternatively, without the need to create or remember passwords, user can use transient pass codes. The user retrieves the password or the pass code via a cell telephone 800 call to the authentication system, before logging on to the system.

69 Citations

View as Search Results

24 Claims

1. A method of using a password in a password access controlled system comprising the steps of:
- calling using a cell phone an authentication system;
  
  verifying caller identification, the authentication system voice responding with a password; and
  
  using the password to access the system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method as in claim 1, comprising the step of:
    - verifying caller identification by matching telephone company provided caller ID and a user selected personal identification number with pre-stored data.
  - 3. The method as in claim 1, comprising the steps of:
    - calling the system itself when the authentication system is embedded in the system.
  - 4. The method as in claim 1 comprising the step of:
    - limiting the time the password is good for to access the system.
  - 5. The method as in claim 1 comprising the step of:
    - responding with a password, wherein the password had been pre-stored by a user.
  - 6. The method as in claim 1 comprising the step of:
    - selecting the system for which password is desired and the authentication system responding with the password for the selected system.
  - 7. The method as in claim 1 comprising the step of:
    - responding with a randomly generated pass code.
  - 8. The method as in claim 7, comprising the steps of:
    - sending the pass code and a pre-stored user ID to the system;
      
      updating by the system existing password by the pass code.
  - 9. The method as in claim 8, comprising the steps of:
    - sending a null pass code and the pre-stored user id, after waiting a set time, to the system;
      
      updating by the system the password by the null pass code, ending the life of the pass code.
  - 10. The method as in claim 9, comprising the step of:
    - specifying the set time at the time of pre-storing the user ID in the authentication system.
  - 11. The method as in claim 10, comprising the step of:
    - specifying the set time from a group of 15 seconds, 30 seconds, 45 seconds, 60 seconds, one hour, one day, one month, and three month.

12. A method of user authentication to a system comprising the steps of:
- calling, using a cell phone an authentication system with pre-stored caller identification, system identification and corresponding user identification;
  
  verifying caller identification, the authentication system creating a time-limited pass code;
  
  communicating, the authentication system to the cell phone via voice response the time-limited pass code;
  
  communicating, the authentication system to the system using the system identification and the user identification the time-limited pass code;
  
  using, via a system interface, the user identification and the time-limited pass code to access the system; and
  
  deleting, by the system, the time-limited pass code on occurrence of a first access to the system or expiry of a time limit.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The method as in claim 12, comprising further step of:
    - selecting the system from a group of;
      
      customer bank on-line computer system, employer'"'"'s business system, consumer resource system, and facility access system.
  - 14. The method as in claim 12, comprising the step of:
    - verifying caller identification by matching telephone company provided caller id and user selected personal identification number with pre-stored data.
  - 15. The method as in claim 12, the step of creating a time-limited pass code comprising the step of:
    - creating a random number numeral.
  - 16. The method as in claim 12, the step of communicating with the system comprising the step of:
    - communicating a time limit for the pass code.
  - 17. The method as in claim 12, the step of communicating with the cell phone comprising the step of:
    - communicating a text message time-limit pass code.
  - 18. The method as in claim 12, the step of using system interface comprising step of:
    - using from a group of a point of sale terminal at a merchant, an automated teller machine, a personal computer system, and a facility access control system.

19. An authentication system to authenticate a user to a system for user access comprising:
- first means that enable the authentication system to receive communication from the user and verify the user;
  
  second means that enable the authentication system to create a time-limited passkey;
  
  third means that enable the authentication system to communicate in real time the passkey to the user and the system;
  
  fourth means that enable the system to grant access to the user by comparing the passkeys and discarding the passkey on first access or on expiration of time limit.
- View Dependent Claims (20, 21, 22, 23, 24)
- - 20. The authentication system as in claim 19, wherein the first means comprising:
    - user calling via a cellular telephone, wherein the system verifies the user by matching caller ID with pre-stored user data.
  - 21. The authentication system as in claim 19, wherein the second means comprising:
    - the passkey being sufficient to both identity and verify the user to the system.
  - 22. The authentication system as in claim 21, wherein the passkey comprising:
    - embedded within the passkey a unique user identification and a random number.
  - 23. The authentication system as in claim 22, wherein the passkey comprising:
    - the unique user identification is the user cell telephone number.
  - 24. The authentication system as in claim 19, wherein the fourth means comprising:
    - the system having a firewall to filter incoming data, wherein the firewall rejecting data packets that do not have a matching passkey.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tara Chand Singhal
Original Assignee
Tara Chand Singhal
Inventors
Singhal, Tara Chand

Application Number

US10/217,287
Publication Number

US 20040203595A1
Time in Patent Office

Days
Field of Search
US Class Current

455/411
CPC Class Codes

G06Q 20/322   Aspects of commerce using m...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/4014   Identity check for transact...

G06Q 20/425   using two different network...

G07F 7/10   together with a coded signa...

G07F 7/1008   Active credit-cards provide...

G07F 7/1083   Counting of PIN attempts

Method and apparatus for user authentication using a cellular telephone and a transient pass code

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

69 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for user authentication using a cellular telephone and a transient pass code

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

69 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links