Methods and systems for secure user authentication
First Claim
1. A computer-implemented method for secure user authentication in electronic commerce, comprising:
- maintaining electronic information having a first aspect and a second aspect, said first aspect being accessible by a user over a first electronic communication channel in response to entry of a first credential known to the user and said second aspect being accessible by the user over the first electronic communication channel in response to entry of a second credential provided to the user;
pre-registering a delivery address on a second electronic communication channel that is different from the first electronic communication channel for providing the second credential to the user;
allowing a user a current session of access to the first aspect of the electronic information in response to entry of the first credential and providing the second credential to the user at the pre-registered delivery address via the second electronic communication channel in response to entry of a pre-determined user selection during said session of user access to the first aspect if no change has occurred in the pre-registered delivery address for the user within a pre-determined period of time; and
allowing the user a session of access to the second aspect of the electronic information via the first electronic communication channel in response to entry of the second credential during one of said current session of user access to the first aspect and a succeeding session of user access to the first aspect.
2 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method and system for secure user authentication in electronic commerce involves maintaining electronic information having a first aspect that is accessible over a first electronic communication channel in response to entry of a first credential known to the user and a second aspect that is accessible by the user over the first electronic communication channel in response to entry of a second credential provided to the user at a pre-registered delivery address on a second electronic communication channel. The second credential is provided to the user via the second electronic communication channel in response to entry of a pre-determined user selection during a current session of user access to the first aspect if no change has occurred in the pre-registered delivery address within a pre-determined period of time, and the user is allowed a session of access to the second aspect in response to entry of the second credential either during the current session of user access to the first aspect or during a succeeding session of user access to the first aspect.
-
Citations
18 Claims
-
1. A computer-implemented method for secure user authentication in electronic commerce, comprising:
-
maintaining electronic information having a first aspect and a second aspect, said first aspect being accessible by a user over a first electronic communication channel in response to entry of a first credential known to the user and said second aspect being accessible by the user over the first electronic communication channel in response to entry of a second credential provided to the user;
pre-registering a delivery address on a second electronic communication channel that is different from the first electronic communication channel for providing the second credential to the user;
allowing a user a current session of access to the first aspect of the electronic information in response to entry of the first credential and providing the second credential to the user at the pre-registered delivery address via the second electronic communication channel in response to entry of a pre-determined user selection during said session of user access to the first aspect if no change has occurred in the pre-registered delivery address for the user within a pre-determined period of time; and
allowing the user a session of access to the second aspect of the electronic information via the first electronic communication channel in response to entry of the second credential during one of said current session of user access to the first aspect and a succeeding session of user access to the first aspect. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer system for secure user authentication in electronic commerce, comprising:
-
data storage means storing electronic information having a first aspect and a second aspect;
first electronic communication channel means over which said first aspect is accessible by a user in response to entry of a first credential known to a user and over which said second aspect is accessible by the user in response to entry of a second credential provided to the user;
second electronic communication channel means that is different from the first electronic communication channel means for providing the second credential to the user at a pre-registered delivery address;
said first electronic communication channel means being adapted for allowing the user a current session of access to the first aspect of the electronic information in response to entry of the first credential and for providing the second credential to the user at the pre-registered delivery address via the second electronic communication channel in response to entry of a pre-determined user selection during said session of user access to the first aspect if no change has occurred in the pre-registered delivery address within a pre-determined period of time; and
said first electronic communication channel means being further adapted for allowing the user a session of access to the second aspect of the electronic information via the first electronic communication channel in response to entry of the second credential during one of said current session of user access to the first aspect and a succeeding session of user access to the first aspect.
-
Specification