System and method for highly reliable multi-factor authentication

US 20070022301A1
Filed: 07/14/2006
Published: 01/25/2007
Est. Priority Date: 07/19/2005
Status: Abandoned Application

First Claim

Patent Images

1. A system that authenticates a user comprising a computer that receives a first factor and a third factor that are sent by said user using a first communication service and a second communication service, respectively, wherein said computer comprises a program that (a) generates a second factor, (b) validates said first and third factors, (c) then causes said second factor to be sent to said user using said second communication service and (d) after receipt of said second factor sent by said user, using said first communication service authenticates said user by validating said second factor.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for authenticating an online user by using different and independent communication services to enhance security. A key server validates the factors of authentication, namely a first factor (username/password) and a second factor (key). The key server generates and sends the key to the user with a different and independent communication service, e.g., telephone, SMS or email. The user then submits the key using the online communication service. A third factor, e.g., a second password or a biometric symbol of the user, can also be used. Validation of the biometric symbol can be a prerequisite to delivery of the key to the user. A plurality of the independent services can be daisy-chained.

Citations

28 Claims

1. A system that authenticates a user comprising a computer that receives a first factor and a third factor that are sent by said user using a first communication service and a second communication service, respectively, wherein said computer comprises a program that (a) generates a second factor, (b) validates said first and third factors, (c) then causes said second factor to be sent to said user using said second communication service and (d) after receipt of said second factor sent by said user, using said first communication service authenticates said user by validating said second factor.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system of claim 1, wherein said first and third factors are different from one another.
  - 3. The system of claim 2, wherein said first and third factors are selected from the group consisting of:
    - password, pass phrase, username and any combination thereof.
  - 4. The system of claim 2, wherein said third factor is a biometric symbol of said user.
  - 5. The system of claim 4, wherein said biometric symbol is selected from the group consisting of:
    - a voiceprint, an iris scan, a fingerprint, a photograph or other symbol of a physical part of said user.
  - 6. The system of claim 1, wherein said first communication service is an online service.
  - 7. The system of claim 1, wherein said second communication service is selected from the group consisting of:
    - SMS, email, telephone and page.
  - 8. The system of claim 1, wherein said second factor comprises one or more series of alphabetic characters, numeric characters or both.
  - 9. The system of claim 1, wherein said program validates said first and third factors by comparison with a repository of personal data of said user.

10. A method that authenticates a user comprising:
- using a computer to perform the steps of;
  
  receiving a first factor and a third factor that are sent by said user using a first communication service and a second communication service, respectively;
  
  generating a second factor;
  
  validating said first and third factors;
  
  then causing said second factor to be sent to said user using said second communication service; and
  
  after receipt of said second factor sent by said user using said first communication service, authenticating said user by validating said second factor.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The method of claim 10, wherein said first and third factors are different from one another.
  - 12. The method of claim 11, wherein said first and third factors are selected from the group consisting of:
    - password, pass phrase, username and any combination thereof.
  - 13. The method of claim 11, wherein said third factor is a biometric symbol of said user.
  - 14. The method of claim 13, wherein said biometric symbol is selected from the group consisting of:
    - a voiceprint, an iris scan, a fingerprint, a photograph and other symbol of a physical part of said user.
  - 15. The method of claim 10, wherein said first communication service is an online service.
  - 16. The method of claim 10, wherein said second communication service is selected from the group consisting of:
    - SMS, email, telephone and page.
  - 17. The method of claim 10, wherein said second factor comprises one or more series of alphabetic characters, numeric characters or both.
  - 18. The method of claim 10, wherein said program validates said first and third factors by comparison with a repository of personal data of said user.

19. A system comprising a computer that validates a user of an online service using a first factor and a second factor, wherein said computer sends said second factor to said user using an order of communication services other than said online service for delivery of said second factor to said user, wherein if there is a failure of delivery in a first communication service used in said order, said computer sends said second factor to said user using one of said communication services that is second in said order.
- View Dependent Claims (20, 21, 22, 23)
- - 20. The system of claim 19, wherein said first and second communication services are different than and independent of one another and said online service.
  - 21. The system of claim 19, wherein said computer automatically uses said second communication service without any input from said user.
  - 22. The system of claim 19, wherein said communication service is a member of the group consisting of:
    - SMS, email, telephone and page.
  - 23. The system of claim 19, wherein said computer authenticates said user using said first factor, said second factor and a third factor, wherein said first factor is a first password and/or username, wherein said second factor is a key and wherein said third factor is a second password.

24. A method of authenticating a user of an online service by using a computer to perform steps comprising:
- validating said user using a first factor and a second factor, sending said second factor to said user using an order of communication services other than said online service for delivery of said second factor to said user; and
  
  if there is a failure of delivery in a first communication service used in said order, sending said key to said user using one of said communication services that is second in said order.
- View Dependent Claims (25, 26, 27, 28)
- - 25. The method of claim 24, wherein said first and second communication services are different than and independent of one another and said online service.
  - 26. The method of claim 24, wherein said second communication service automatically sends said second factor without any input from said user.
  - 27. The method of claim 24, wherein said communication service is a member of the group consisting of:
    - SMS, email, telephone and page.
  - 28. The method of claim 24, wherein said user is further validated using a third factor, wherein said first factor is a first password and/or username, wherein said second factor is a key and wherein said third factor is a second password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intelligent Voice Research LLC
Original Assignee
Intelligent Voice Research LLC
Inventors
Murphy, Paul, Rothschild, Ivo, Nicholson, J.

Application Number

US11/486,880
Publication Number

US 20070022301A1
Time in Patent Office

Days
Field of Search
US Class Current

713/184
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/12   specially adapted for elect...

G06Q 20/3829   involving key management

G06Q 20/4014   Identity check for transact...

G06Q 20/425   using two different network...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/0861   using biometrical features,...

H04L 9/3215   using a plurality of channe...

H04L 9/3226   using a predetermined code,...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/50   using hash chains, e.g. blo...

System and method for highly reliable multi-factor authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for highly reliable multi-factor authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links