Systems and methods for remote user authentication
First Claim
1. A method of using a password in a password access controlled system comprising the steps of:
- a. calling using a cell phone an authentication system and the authentication system identifying caller by matching telephone company provided caller ID, it having been pre-stored in an authentication database;
b. subsequent to step (a), on a prompt from the authentication system, entering a numeric personal identification number on the keypad of the cell phone and the authentication system verifying caller identification, by matching the personal identification number, it having been pre-stored in the authentication database;
c. subsequent to step (b), randomly generating a pass code by the authentication system and limiting the time the pass code is good for to access the password access controlled system;
d. voice-responding to the caller with the pass code by the authentication system;
e. subsequent to step (d), using, by the caller the voice-received pass code within the limited time to access the password access controlled system.
0 Assignments
0 Petitions
Accused Products
Abstract
Systems for methods for remote user authentication by using a cellular phone and an authentication system that generates and uses transient pass codes. The Authentication system is used to store a user'"'"'s existing passwords; alternatively, the authentication system creates on demand a transient random pass code that is good for a limited duration. The transient pass codes may also be used in the packets that enable each packet to be individually authenticated in the firewall. When the user has forgotten the password in a traditional system, alternatively, without the need to create or remember passwords, user can use transient pass codes. The user retrieves the password or the pass code via a cell telephone call to the authentication system, before logging on to the system.
-
Citations
20 Claims
-
1. A method of using a password in a password access controlled system comprising the steps of:
-
a. calling using a cell phone an authentication system and the authentication system identifying caller by matching telephone company provided caller ID, it having been pre-stored in an authentication database;
b. subsequent to step (a), on a prompt from the authentication system, entering a numeric personal identification number on the keypad of the cell phone and the authentication system verifying caller identification, by matching the personal identification number, it having been pre-stored in the authentication database;
c. subsequent to step (b), randomly generating a pass code by the authentication system and limiting the time the pass code is good for to access the password access controlled system;
d. voice-responding to the caller with the pass code by the authentication system;
e. subsequent to step (d), using, by the caller the voice-received pass code within the limited time to access the password access controlled system. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A password storage and retrieval system, that facilitates storage and retrieval of passwords to help a user use his/her existing passwords without having to memorize or safeguard them in personal papers, comprising:
-
a. a password storage server adapted with an interactive voice response system;
b. a function to identify the caller by telephone company provided caller id, and verify the caller with a secret personal number;
c. a function to retrieve an existing password from the server and voice deliver to the user by the voice response system. - View Dependent Claims (9)
-
-
10. An authentication system working in tandem with a password access controlled system, where in the authentication system comprising:
-
a. an interactive voice response server adapted with, (i) ability to receive telephone calls from telephone company systems, (ii) interface with an authentication server, (iii) a function to collect telephone company provided caller id and forward to the authentication server, (iv) a function to prompt for and receive a numeric personal number of the caller that is able to be entered on a numeric keypad generating a DTMF tone and forward to the authentication server, and (v) a function that voice delivers to a caller, a random pass code that is received from the authentication server;
b. an authentication server adapted with, (i) a function to interface with the voice server, (ii) a database that pre-stores telephone company provided caller id information and a secret personal number of the callers, (iii) a function that can identify the callers by comparing a caller id pre-stored in the database, (iv) a function that can verify the callers by the pre-stored secret number, (v) a function that generates a random pass code and stores it for later use by the password access controlled system, (vi) a function that communicates the random pass code to the voice server, whereby, the caller using a cell phone, that generates a telephone company provided caller id, calls the voice server, waits for a prompt, enters numeric personal number, waits for and receives a random pass key, and then uses the caller id and the random pass code to identify and verify the caller to access the password access controlled system.
-
-
11. A method of user authentication to a plurality of password controlled access systems (systems-to-be-accessed), where the user may have access to different systems-to-be-accessed such as, online banking, financial/stock, shopping, and work using a combination of user id and static password, comprising the steps of:
-
a. calling, using a cell phone an authentication system with pre-stored caller identification, caller verification data, systems-to-be-accessed data and their corresponding user identification;
b. entering a personal secret number subsequent to caller identification via telephone company provided caller id and on getting a prompt;
c. prompting for and entering a selection of a systems-to-be-accessed from one of pre-stored systems-to-be-accessed identifications;
d. creating a randomly generated time-limited pass code, by the authentication system;
e. communicating contemporaneously the time-limited pass code (i) to the cell phone via voice response, and (ii) to the specific system using the systems-to-be-accessed identification and the user identification;
- View Dependent Claims (12, 13, 14)
-
-
15. A system of login to a computer system comprising:
a login function that presents a login screen requiring the entry of one of sequence of data, as an alternative, from a group of, (i) user id and a random pass key just delivered to a logger via a cell phone in lieu of a traditional static password, (ii) a caller id and a random passkey just delivered to a logger via cell phone, (iii) user id and traditional static password.
-
16. An authentication system to authenticate a user to a System (system to be accessed) comprising:
-
a. a first function that enables the authentication system to receive communication from a cell phone of the user via a telephone call and verify the user by a combination of a pre-stored caller id, generated by the telephone company itself and entry of a secret personal number by the user in the cell phone, also pre-stored in the authentication system database;
b. a second function that enables the authentication system to create a randomly generated alphanumeric passkey and associate a time-limit for its use;
c. a third function that enables the authentication system to communicate in real time the passkey to the user via the cell phone, along with the time limit;
d. a fourth function that enables the authentication system to communicate the passkey and the time limit to the System, whereby enabling the System to grant access to the user by use of the passkey and discarding the passkey on first access or on expiration of time limit. - View Dependent Claims (17, 18, 19, 20)
-
Specification