Facilitating and authenticating transactions
First Claim
1. A method for carrying out an authentication process for authenticating a transaction with an entity by means of a data processing apparatus, in which:
- the entity generates transaction data relating to the transaction, and at least during the authentication process the data processing apparatus has operatively associated with it a selected one of a plurality of authentication storage means each for storing predetermined authentication information, the authentication storage means being registerable with a common system, the method including the step of carrying out the authentication process via a communications link with that system, the authentication process being carried out by authenticating means incorporated in the system and involving the use of the predetermined authentication information stored by the selected one authentication storage means and the transaction data, wherein in order to authenticate the transaction, the transaction data is transmitted between the data processing apparatus and the system via a transaction manager implemented by the data processing apparatus, and the predetermined authentication information is also transmitted between the authentication storage means and the system via the transaction managers.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer, such as a Windows-based PC (10), has associated with it a Subscriber Identity Module (or SIM) (12), such as of the type used in a GSM cellular telephone system. The SIM (12) can be authenticated by the telephone network (16), in the same way as for authenticating SIMs of telephone handset users in the network, and can in this way authenticate the user of the PC (10) or the PC (10) itself. Such authentication can, for example, permit use of the PC (10) in relation to a particular application (22) which is released to the PC (10) after the authentication is satisfactorily completed. The application may be released to the PC (10) by a third party after and in response to the satisfactory completion of the authentication process. A charge for the session can be debited to the user by the telecommunications network and then passed on to the third party.
78 Citations
129 Claims
-
1. A method for carrying out an authentication process for authenticating a transaction with an entity by means of a data processing apparatus, in which:
-
the entity generates transaction data relating to the transaction, and at least during the authentication process the data processing apparatus has operatively associated with it a selected one of a plurality of authentication storage means each for storing predetermined authentication information, the authentication storage means being registerable with a common system, the method including the step of carrying out the authentication process via a communications link with that system, the authentication process being carried out by authenticating means incorporated in the system and involving the use of the predetermined authentication information stored by the selected one authentication storage means and the transaction data, wherein in order to authenticate the transaction, the transaction data is transmitted between the data processing apparatus and the system via a transaction manager implemented by the data processing apparatus, and the predetermined authentication information is also transmitted between the authentication storage means and the system via the transaction managers. - View Dependent Claims (2, 3, 5, 6, 7, 11, 12, 17, 19, 20, 27, 30, 31, 32, 33, 34, 36, 37, 38, 39)
-
-
4. (canceled)
-
8-10. -10. (canceled)
-
13-16. -16. (canceled)
-
18. (canceled)
-
21. (canceled)
- 24. (canceled)
-
26. (canceled)
-
28-29. -29. (canceled)
-
35. (canceled)
-
40-51. -51. (canceled)
- 52. Data processing apparatus in combination with a selected one of a plurality of authentication storage means each for storing predetermined authentication information relating to the carrying out of an authentication process for authenticating a transaction with an entity by means of the data processing apparatus, the entity being operable to generate transaction data relating to the transaction, and the authentication storage means all being registrable with a common system, the authentication storage means when operatively associated with the data processing apparatus being operative to carry out the authentication process via a communications link with that system, the authentication process being carried out by authenticating means incorporated in the system and involving the use of the predetermined authentication information stored by the selected one authentication storage means, wherein in order to authenticate the transaction, the transaction data is transmitted between the data processing apparatus and the system via a transaction manager implemented by the data processing apparatus, and the predetermined authentication information is also transmitted between the authentication storage means and the system via the transaction manager.
-
55. (canceled)
-
59-60. -60. (canceled)
-
62-65. -65. (canceled)
-
67. (canceled)
-
70. (canceled)
-
73. (canceled)
-
75. (canceled)
-
77-78. -78. (canceled)
-
84. (canceled)
-
89-100. -100. (canceled)
- 101. A device for coupling to data processing apparatus for enabling an authentication process involving the use of separate authenticating means, the device being configured to provide a plurality of separately activatable authentication information records for use in the authentication process, the authentication information records being registered with a system including the authenticating means, the device being responsive to an input message for deriving a response dependent on the input message and on the activated authentication information record for enabling the authenticating means to carry out the authentication process via a communication link with the authenticating means in the said system whereby to authenticate a transaction.
-
110. An authentication system for authenticating transactions of users registered with that system to enable a transaction with another system to be authenticated, the authentication system including authentication means for sending an authentication message in response to an authentication request from a subscriber and for receiving and analysing a response thereto to determine if the received response corresponds to an expected response to authenticate the identity of the user;
- and security token generating means for generating a security token for use in performing a transaction with the other system.
- View Dependent Claims (111, 112, 113, 114, 115, 116, 117, 118, 119)
- 120. A system for storing user data for use in performing transactions with a plurality of service providers, wherein for each user a plurality of data records are stored for use when performing transactions with respective service providers, and wherein only a data record relevant to a particular service provider is made available in response to a request on behalf of that service provider.
- 122. A data packet for use in authenticating and performing a transaction between a client and a product or service provider, the data packet including data indicative of the product or service provider identity such that the data packet is only useable to authenticate and perform a transaction with that product or service provider.
-
125. A method of facilitating transactions between a plurality of users registered with an authentication system and plurality of product or service providers, the method including:
-
providing each user with authentication storage means storing predetermined authentication information, each authentication storage means being couplable to data processing apparatus for data exchange therewith;
generating in response to a request, made using data processing apparatus, from a user to a product or service provider a transaction request data packet including data indicative of the identity of the user and the identity of the product or service provider;
transmitting the transaction request data packet to the authentication system via the data processing apparatus;
analysing in the authentication system the transaction request data packet and extracting therefrom the identity of the user;
transmitting from the authentication system an authentication request signal to the user'"'"'s authentication storage means via the data processing apparatus;
receiving via the data processing apparatus a response from the user'"'"'s authentication storage means at the authentication system;
analysing said response at the authentication system to determine whether said response corresponds to an expected response with reference to knowledge of said predetermined authentication information for that user;
generating an authentication token and providing this to the product or service provider via the data processing apparatus, the authentication token indicating to the product and service provider that the user is authenticated by the authentication system. - View Dependent Claims (126, 127, 128)
-
-
129. A method for carrying out an authentication process for authenticating a subsequent transaction by any one of a plurality of users with an entity by means of data processing apparatus, in which:
-
the entity generates transaction data relating to the transaction, and during the authentication process the data processing apparatus has operatively associated with it a selected one of a plurality of authentication storage means respective to the users, each authentication storage means storing predetermined authentication information and being registerable with a common telecommunications system for which the users have respective telecommunications terminals;
the method including the step of carrying out the authentication process via a communications link with the common telecommunications system, the authentication process being carried out by authenticating means incorporated in the telecommunications system and involving the use of the predetermined authentication information stored by the selected one authentication storage means, the predetermined authentication information stored by each authentication storage means corresponding to information which is used to authenticate that user'"'"'s telecommunications terminal in relation to the telecommunications system but the authentication process for authenticating the transaction by that user with the data processing apparatus not requiring use of that user'"'"'s telecommunications terminal nor requiring the telecommunications terminal to be actually authenticated by that information in relation to the telecommunications system;
wherein in order to authenticate the transaction, the transaction data is transmitted between the data processing apparatus and the system via a transaction manager implemented by the data processing apparatus, and the predetermined authentication information is also transmitted between the authentication storage means and the system via the transaction manager.
-
Specification