System and method for authentication of users and communications received from computer systems
First Claim
1. A method of receiving information useful for logging a user into a computer system, comprising:
- providing from the computer system to the user a prompt for a user identifier; and
receiving the user identifier from the user; and
responsive to the user identifier received;
providing from the computer system to the user a prompt for confidential information; and
providing to the user customization information corresponding to the user identifier received that is perceptible to the user and can allow the user to authenticate the computer system if the customization information provided matches customization information expected by the user; and
wherein;
said customization information not being presented to the user between the providing from the computer system to the user the prompt for the user identifier step and the receiving the user identifier step; and
the correspondence of the customization information with the user identifier not ordinarily being publicly known.
15 Assignments
0 Petitions
Accused Products
Abstract
A system and method allows a user to authenticate a communication from a computer system, a computer system to authenticate a user, or both. When a user requests a web page from the web site, customization information that is recognizable to the user is provided to allow the user to authenticate the web site. A signed, encrypted persistent file stored on the user'"'"'s computer system or installed on a different computer system, or a trusted computing subsystem allows the web site to authenticate the user. If the user is using a system that will not allow that user to be authenticated, the user may instruct the system to continue providing information without the user'"'"'s customization information. The system and method may be used to allow the user to authenticate an e-mail message or its source, and Flash movies or other computer code may be used if the user'"'"'s e-mail client does not employ cookies.
-
Citations
27 Claims
-
1. A method of receiving information useful for logging a user into a computer system, comprising:
-
providing from the computer system to the user a prompt for a user identifier; and
receiving the user identifier from the user; and
responsive to the user identifier received;
providing from the computer system to the user a prompt for confidential information; and
providing to the user customization information corresponding to the user identifier received that is perceptible to the user and can allow the user to authenticate the computer system if the customization information provided matches customization information expected by the user; and
wherein;
said customization information not being presented to the user between the providing from the computer system to the user the prompt for the user identifier step and the receiving the user identifier step; and
the correspondence of the customization information with the user identifier not ordinarily being publicly known. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for receiving information useful for logging a user into a computer system, comprising:
-
a user identifier prompter for having an input/output for providing from the computer system to the user a prompt for a user identifier and for receiving the user identifier from the user, the user identifier prompter for, providing at an output, the user identifier received; and
a password prompter having an input coupled to the user identifier prompter output, the password prompter for, responsive to the user identifier received, causing via an output the following to be provided to the user;
a prompt for confidential information, and customization information corresponding to the user identifier received that is perceptible to the user and can allow the user to authenticate the computer system if the customization information provided matches customization information expected by the user; and
wherein;
said customization information not being presented to the user between the providing from the computer system to the user the prompt for the user identifier step and the receiving the user identifier step; and
the correspondence of the customization information with the user identifier not ordinarily being publicly known. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer program product comprising a computer useable medium having computer readable program code embodied therein for receiving information useful for logging a user into a computer system, the computer program product comprising computer readable program code devices configured to cause a computer system to:
-
provide from the computer system to the user a prompt for a user identifier; and
receive the user identifier from the user; and
responsive to the user identifier received;
provide from the computer system to the user a prompt for confidential information; and
provide to the user customization information corresponding to the user identifier received that is perceptible to the user and can allow the user to authenticate the computer system if the customization information provided matches customization information expected by the user; and
wherein;
said customization information not being presented to the user between the providing from the computer system to the user the prompt for the user identifier step and the receiving the user identifier step; and
the correspondence of the customization information with the user identifier not ordinarily being publicly known. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
Specification