Four factor authentication system and method

US 20040243856A1
Filed: 05/28/2004
Published: 12/02/2004
Est. Priority Date: 05/29/2003
Status: Abandoned Application

First Claim

Patent Images

1. A device for accessing information comprising an authenticator for verifying that a user of the device is the authorized user, the authenticator comprising:

a memory in which a verification user signal is stored;

a locator for generating a location signal indicative of the proximate location of the user at the time of authentication; and

a processor, coupled to the memory and locator, for generating a passcode including the location signal.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention comprises a system and method for accessing secure information wherein a user signal is read to verify that a user of a device for accessing the information is a valid user. Upon verification of the user, an encrypted passcode is generated and displayed to the user including location information, indicative of the user'"'"'s proximate location, and a code generated using a user specific code algorithm. The resulting passcode is forwarded to an issuer of the device and validated, thereby authorizing or denying the user access to the requested information.

36 Citations

View as Search Results

18 Claims

1. A device for accessing information comprising an authenticator for verifying that a user of the device is the authorized user, the authenticator comprising:
- a memory in which a verification user signal is stored;
  
  a locator for generating a location signal indicative of the proximate location of the user at the time of authentication; and
  
  a processor, coupled to the memory and locator, for generating a passcode including the location signal.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The device of claim 1, wherein the processor comprises:
    - a reader for reading a signal entered by the user; and
      
      a code generator for generating a unique code when the signal is equivalent to the stored verification user signal, wherein the code and the location signal are encrypted to generate the passcode.
  - 3. The device of claim 2, further comprising a display area for displaying the passcode.
  - 4. The device of claim 3, wherein the unique code is generated in accordance with a user specific algorithm.
  - 5. The device of claim 2, wherein the locator comprises a geo-locator for receiving location information over a Global Positioning System.
  - 6. The device of claim 2, wherein the locator comprises a geo-locator for receiving location information over a cellular network.
  - 7. The device of claim 3, further comprising a sensor for sensing the fingerprint of said user, wherein said user signal is a fingerprint signal.
  - 8. The device of claim 7, wherein said device is a card.
  - 9. The device of claim 7, wherein said device is a keyfob.
  - 10. The device of claim 7, wherein said device is a watch.
  - 11. A method for authorizing use of the device of claim 1, comprising the steps of:
    - reading a signal entered by the user;
      
      comparing the read signal to a stored verification user signal;
      
      if the read signal is equivalent to the verification user signal, retrieving location information relating to the proximate location of the user at the time of authentication; and
      
      generating a passcode including the location information;
      
      forwarding to an issuer, at an issuer network, the passcode; and
      
      authorizing the use of the device in response to the received passcode.
  - 12. The method of claim 11, further comprising:
    - generating a pseudo-random code for combining with said location information; and
      
      encrypting the combined location information and the pseudo-random code, thereby generating said passcode.
  - 13. The method of claim 12, wherein said authorizing step comprises:
    - retrieving user specific customer information;
      
      decrypting the received passcode;
      
      verifying that the pseudo-random code generated by said device is equivalent to a pseudo-random code generated by said issuer; and
      
      verifying that the location information from the user is within a location range set by the issuer.
  - 14. The method of claim 13, wherein the issuer network comprises:
    - a customer database having customer information for a plurality of users;
      
      an issuer code processor, responsive to said customer database, for decrypting said passcode from said user and determining whether said user is allowed access to said information; and
      
      a response generator for generating an authorization signal in response to said code processor and said database.

15. A method for authorizing use of a device, said method comprising the steps of:
- reading a signal entered by the user;
  
  comparing the read signal to a stored verification user signal;
  
  if the read signal is equivalent to the verification user signal, retrieving location information relating to the proximate location of the user at the time of authentication; and
  
  generating a passcode including the location information;
  
  forwarding to an issuer, at and issuer network, the passcode; and
  
  authorizing the use of the device in response to the received passcode.
- View Dependent Claims (16, 17)
- - 16. The method of claim 15, further comprising:
    - generating a pseudo-random code for combining with said location information; and
      
      encrypting the combined location information and the pseudo-random code, thereby generating said passcode.
  - 17. The method of claim 16, wherein said authorizing step comprises:
    - retrieving user specific customer information;
      
      decrypting said received passcode;
      
      verifying that the pseudo-random code generated by said device is equivalent to a pseudo-random code generated by said issuer; and
      
      verifying that the location information from the user is within a location range set by the issuer.

18. The method of claim 17, wherein the issuer network comprises:
- a customer database having customer information for a plurality of users;
  
  an issuer code processor, responsive to said customer database, for decrypting said passcode from said user and determining whether said user is allowed access to said information; and
  
  a response generator for generating an authorization signal in response to said code processor and said database.

18-1. A system for authorizing use of a device to access information, said system comprising:
- the device comprising an authenticator for verifying that the user of the device is an authorized user, the authenticator comprising;
  
  a memory for storing a verification user signal;
  
  a locator for generating a location signal indicative of the proximate location of a user at the time of authentication; and
  
  a processor, coupled to the memory and locator, for generating a passcode including the location signal, said passcode forwarded to an issuer network for authorizing access; and
  
  the issuer network comprising;
  
  a customer database having customer information for a plurality of users;
  
  an issuer code processor, responsive to said customer database, for decrypting said passcode from said user and determining whether said user is allowed access; and
  
  a response generator for generating an authorization signal in response to said code processor and said database.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Will Shatford
Original Assignee
Will Shatford
Inventors
Shatford, Will

Application Number

US10/856,483
Publication Number

US 20040243856A1
Time in Patent Office

Days
Field of Search
US Class Current

713/202
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06F 2221/2111   Location-sensitive, e.g. ge...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/4014   Identity check for transact...

G06Q 20/40145   Biometric identity checks

G07C 2209/63   Comprising locating means f...

G07C 9/21   having a variable access code

G07C 9/23   by means of a password

G07C 9/257   electronically G07C9/26 tak...

G07C 9/26   using a biometric sensor in...

G07F 7/1008   Active credit-cards provide...

Four factor authentication system and method

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

36 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Four factor authentication system and method

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

36 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links