Methods and systems for using data processing systems in order to authenticate parties

US 20070079136A1
Filed: 09/30/2005
Published: 04/05/2007
Est. Priority Date: 09/30/2005
Status: Active Grant

First Claim

Patent Images

1. A method of using a data processing system, the method comprising:

receiving biometric data from a user during a session;

successfully authenticating the user at a first time during the session; and

sending a request to the user to resubmit biometric data during the session after authenticating the user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems perform authentication based at least in part of the context of the transaction. In one embodiment, the context can be determined and trigger different rules with regard to access to the information or ability to immediately execute the transaction. In another embodiment, a method can include registering a device as a trusted device. The device can include a biometric input module. Biometric data can be used to authenticate a user, and the user may be requested to resubmit biometric data during the same session. In a further embodiment, a hacker may obtain unauthorized access to a victim'"'"'s account information. The hacker may not be authenticated because he would not have access to a currently valid credential.

140 Citations

30 Claims

1. A method of using a data processing system, the method comprising:
- receiving biometric data from a user during a session;
  
  successfully authenticating the user at a first time during the session; and
  
  sending a request to the user to resubmit biometric data during the session after authenticating the user.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the user is a requestor of a product or a provider of the product.
  - 3. The method of claim 1, further comprising successfully authenticating the user at a second time during the session, wherein successfully authenticating the user at the second time is performed using different biometric data as compared to successfully authenticating the user at a first time.
  - 4. The method of claim 1, further comprising successfully authenticating the user at a second time during the session, wherein successfully authenticating the user at the second time is performed using a different technique as compared to successfully authenticating the user at a first time.
  - 5. The method of claim 1, further comprising:
    - registering information associated with a device with a third party system, wherein the device includes a biometric input system; and
      
      sending a credential associated with the user from the device to a provider of a product requested by the user in order for the third party system to authenticate the user.
  - 6. The method of claim 1, wherein sending the request is performed after a predetermined time has passed after receiving the biometric data or successfully authenticating the user.

7. A method of using a data processing system, the method comprising:
- sending account information associated with a first party from a second party to a third party that is not authorized to have access to the account information; and
  
  receiving the account information in order to authenticate the first party, wherein;
  
  the account information is received by the second party from the third party in connection with a transaction request; and
  
  a valid credential associated with the first party is not received by the second party from the third party.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The method of claim 7, wherein:
    - the first party is a victim;
      
      the second party is a provider that is in possession of the account information associated with the first party;
      
      the third party is a computer hacker; and
      
      the fourth party is an authentication clearinghouse.
  - 9. The method of claim 7, further comprising:
    - sending the account information received from the third party to a fourth party, wherein;
      
      the fourth party is to perform an authentication procedure; and
      
      the valid credential associated with the first party is not sent to the fourth party by the second party; and
      
      receiving notification that the first party is not authenticated, wherein such notification is received at least in part because the valid credential associated with the first party was not received by the fourth party; and
      
      denying a transaction requested by the third party.
  - 10. The method of claim 7, wherein a credential associated with the first party can be issued by a fourth party and not issued by the first party, the second party, or the third party.
  - 11. The method of claim 7, wherein the valid credential associated with the first party can be used only one time, has a limited time period for which it can be used, or any combination thereof.

12. A method of performing a transaction, the method comprising:
- determining a context of the transaction between a provider of a product and a requestor of the product;
  
  determining a plurality of rules to be used to authenticate the provider and the requester based at least in part on the context of the transaction; and
  
  authenticating the provider, the requester, or any combination thereof based at least in part on the plurality of rules.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The method of claim 12, wherein the product includes an object, a service, or a combination thereof.
  - 14. The method of claim 12, wherein determining the context comprises:
    - determining a first security quality level of the provider; and
      
      determining a second security quality level of the requester.
  - 15. The method of claim 12, wherein:
    - determining the context comprises;
      
      determining that the provider has not been previously registered;
      
      determining that the requestor is at the provider'"'"'s location; and
      
      the method further comprises;
      
      receiving a user identifier, password, and biometric data from the requestor using a mobile, biometrically-enabled device; and
      
      receiving a one-time credential at least partly in response to the requestor providing biometric data.
  - 16. The method of claim 12, wherein:
    - determining the context includes determining that a device used by the requestor is not a previously registered device; and
      
      authenticating comprises authenticating the requestor based at least in part on an identifier and a password of the requestor to the transaction, and not based on biometric data of the requestor.
  - 17. The method of claim 12, wherein:
    - determining the context comprises determining that biometric data is unavailable or will not be used to authenticate the requestor; and
      
      authenticating comprises;
      
      providing a series of prompts to solicit input from the requester; and
      
      receiving a one-time credential in response to input from the requester.

18. A data processing system comprising:
- a context module to determine a context of a transaction between a provider of a product and a requestor of the product;
  
  a rules module rules to be used to authenticate parties to the transaction based at least in part on the context; and
  
  an authentication process module to performed authentication based at least in part on the rules.
- View Dependent Claims (19, 20, 21, 22)
- - 19. The data processing system of claim 18, wherein the context module is configured to determine a first security quality level of the provider and a second security quality level of the requester.
  - 20. The data processing system of claim 19, wherein the context module is configured to determine:
    - a reputation level of the provider;
      
      a transactions history of the provider;
      
      authentication procedures that can be performed by the provider;
      
      an ability or inability to use biometric data to validate the requestor;
      
      a credential of the requestor;
      
      whether the requestor is using a registered device;
      
      or any combination thereof.
  - 21. The data processing system of claim 18, further comprising a credential transmission module to send or receive a credential to be used to authenticate the provider or the requester.
  - 22. The data processing system of claim 18, wherein information used during determining the context is used to personalize a display, content, a constraint, or any combination thereof for other information made available to the requester, the provider, or a combination thereof.

23. A data processing system readable medium having data to carry out a method of performing a transaction, wherein the data is embodied within the data processing system readable medium, the data comprising:
- an instruction to determine a context of the transaction between a provider of a product and a requestor of the product;
  
  an instruction to determine a plurality of rules to be used to authenticate the provider and the requestor based at least in part on the context of the transaction;
  
  an instruction to authenticate the provider and the requestor based at least in part on the plurality of rules.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30)
- - 24. The data processing system readable medium of claim 23, wherein the product includes an object, a service, or a combination thereof.
  - 25. The data processing system readable medium of claim 23, wherein the instruction to determine the context comprises:
    - an instruction to determine a first security quality level of the provider; and
      
      an instruction to determine a second security quality level of the requestor.
  - 26. The data processing system readable medium of claim 23, wherein:
    - the instruction to determine the first security quality level comprises;
      
      an instruction to determine a reputation level of the provider;
      
      an instruction to review a transactions history of the provider;
      
      an instruction to determine which authentication procedures can be performed by the provider;
      
      or any combination thereof; and
      
      the instruction to determine the second security quality level comprises;
      
      an instruction to determine whether biometric data can be used to validate the requester;
      
      an instruction to determine whether a credential of the requester is correct;
      
      an instruction to determine whether the requestor is using a registered device;
      
      or any combination thereof.
  - 27. The data processing system readable medium of claim 23, wherein the plurality of rules comprises:
    - a first rule that is defined by the provider;
      
      a second rule that is defined by the requester; and
      
      a third rule that is defined by a party other than the provider and the requestor.
  - 28. The data processing system readable medium of claim 23, wherein each rule within the plurality of rules comprises a policy, an authentication process, or a right that can be exercised by the requestor or the provider.
  - 29. The data processing system readable medium of claim 23, wherein each of the provider and the requestor is acting on behalf of a business entity, an organization, or a governmental agency.
  - 30. The data processing system readable medium of claim 23, further comprising:
    - an instruction to access first registration information associated with a biometrically-enabled device of a party to a transaction before determining the context; and
      
      an instruction to access second registration information associated with an Internet site or an entity that controls or owns the Internet site before determining the context, wherein the instruction to determine the context comprises an instruction to determine that each of (1) the biometrically-enabled device is registered and (2) the Internet site or an entity that controls or owns the Internet site is registered.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sbc Knowledge Ventures, L.P.
Original Assignee
Sbc Knowledge Ventures, L.P.
Inventors
Suryanarayana, Lalitha, Vishik, Claire

Granted Patent

US 7,849,501 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/186
CPC Class Codes

G06F 21/335   for accessing specific reso...

G06F 21/41   where a single sign-on prov...

G06Q 20/0855   involving a third party

H04L 2209/56   Financial cryptography, e.g...

H04L 9/321   involving a third party or ...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3271   using challenge-response

Methods and systems for using data processing systems in order to authenticate parties

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

140 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for using data processing systems in order to authenticate parties

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

140 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links