Multifactor authentication system

US 20070203850A1
Filed: 02/14/2007
Published: 08/30/2007
Est. Priority Date: 02/15/2006
Status: Abandoned Application

First Claim

Patent Images

1. A system for authenticating the identity of a user attempting a financial transaction comprising:

a multifactor authentication engine; and

an instruction set operable to provide at least one instruction to the multifactor authentication engine to process electronic data according to a selected multifactor authentication paradigm,wherein the multifactor authentication paradigm comprises the verification of a mobile communications device and the verification of a personal identification number or code delivered using the mobile communications device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are provided to allow for multifactor authentication of automatic teller machines (ATM) transactions and transactions at a merchant'"'"'s point of sale. In an illustrative implementation, a secondary PIN request is delivered to participating users, and/or a one-time use, randomly generated secondary PIN to a customer'"'"'s mobile phone via a text message when the customer initiates a transaction at an ATM. The customer then replies with a text message to the secondary PIN request with the customer'"'"'s PIN or inputs the secondary PIN into the ATM before the transaction may proceed. In an illustrative implementation, the customer'"'"'s mobile phone is allowed to be used as a mobile PIN terminal for various payments devices used at a merchant'"'"'s point of sale system. Also, an additional level of customer authentication using the ubiquitous mobile phone can be allowed, thereby increasing the security of ATM transactions and non-cash payments.

Citations

20 Claims

1. A system for authenticating the identity of a user attempting a financial transaction comprising:
- a multifactor authentication engine; and
  
  an instruction set operable to provide at least one instruction to the multifactor authentication engine to process electronic data according to a selected multifactor authentication paradigm,wherein the multifactor authentication paradigm comprises the verification of a mobile communications device and the verification of a personal identification number or code delivered using the mobile communications device.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system as recited in claim 1 wherein multifactor authentication engine comprises a computing environment.
  - 3. The system as recited in claim 2 wherein the instruction set comprises a computing application operable on a computing environment.
  - 4. The system as recited in claim 3 further comprising a data store cooperating with the multifactor authentication engine to verify a mobile communications device and a personal identification number or code delivered using the mobile communications device.
  - 5. The system as recited in claim 4 further comprising one or more communications networks selected from the following group:
    - a fixed wire network, a wireless network, a mobile communications network, a debit network, a credit network, a network used for processing electronic payments and the Internet.
  - 6. The system as recited in claim 1 wherein the multifactor authentication engine is operated by a payments processor, a financial institution, a credit reporting agency or by an entity which has contracted with a payments processor, a financial institution or a credit reporting agency.

7. A method for authenticating the identity of a user attempting a financial transaction comprising:
- receiving a submitted first data set from a user attempting a financial transaction;
  
  authenticating the submitted first data set against a known first data set, wherein the known first data set contains information associated with the user, rejecting the financial transaction should the authentication of the submitted first data set fail;
  
  submitting a request for a second data set to the user;
  
  receiving a submitted second data set from the user;
  
  authenticating the submitted second data set against a known second data set, wherein the known second data set contains information associated with the user, rejecting the financial transaction should the authentication of the submitted second data set fail; and
  
  allowing the financial transaction to proceed should the submitted first data set and the submitted second data be properly authenticated.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The method as recited in claim 7 in which the financial transaction comprises any of a transaction undertaken at an automated teller machine, accessing a user account through an online banking portal, a transaction undertaken at a point of sale system, and a transaction undertaken with a credit reporting agency.
  - 9. The method as recited in claim 7 in which the submitted first data set is delivered an instrumentality comprising any of a credit card, a debit card, a barcode, a magnetic stripe, a near-field communications device, a radio frequency identification device, an Internet webpage, and by the submission of user-identification data known to a credit reporting agency.
  - 10. The method as recited in claim 7 in which the request for a second data set is submitted to the user using one or more instrumentalities comprising a text message delivered by the short message service and a multimedia message delivered by the multimedia message service.
  - 11. The method as recited in claim 7 in which the submitted second data set is submitted by the user using one or more instrumentalities comprising a text message delivered by the short message service, a multimedia message delivered by the multimedia message service, and as a one-time use personal identification number inputted into an automated teller machine or a point of sale device.
  - 12. The method as recited in claim 7 in which the submitted second data set comprises a personal identification number.
  - 13. The method as recited in claim 7 in which the submitted second data set comprises data identifying the user'"'"'s mobile phone.

14. A computer readable medium having computer readable instructions to instruct a computer to perform a method for authenticating the identity of a user attempting a financial transaction comprising:
- receiving a submitted first data set from a user attempting a financial transaction;
  
  authenticating the submitted first data set against a known first data set, wherein the known first data set contains information associated with the user, rejecting the financial transaction should the authentication of the submitted first data set fail;
  
  submitting a request for a second data set to the user;
  
  receiving a submitted second data set from the user;
  
  authenticating the submitted second data set against a known second data set, wherein the known second data set contains information associated with the user, rejecting the financial transaction should the authentication of the submitted second data set fail; and
  
  allowing the financial transaction to proceed should the submitted first data set and the submitted second data be properly authenticated.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The computer readable medium as recited in claim 14 in which the financial transaction is a transaction comprises any of a transaction undertaken at an automated teller machine, accessing a user account through an online banking portal, a transaction undertaken at a point of sale system, and a transaction undertaken with a credit reporting agency.
  - 16. The computer readable medium as recited in claim 14 in which the submitted first data set is delivered by one or more instrumentalities comprising a credit card, a debit card, a barcode, a magnetic stripe, a near-field communications device, a radio frequency identification device, an Internet webpage, and the submission of user-identification data known to a credit reporting agency.
  - 17. The computer readable medium as recited in claim 14 in which the request for a second data set is submitted to the user using one or more instrumentalities comprising a text message delivered by the short message service, and a multimedia message delivered by the multimedia message service.
  - 18. The computer readable medium as recited in claim 14 in which the submitted second data set is submitted by the user using one or more instrumentalities comprising a text message delivered by the short message service, a multimedia message delivered by the multimedia message service, and a one-time use personal identification number inputted into an automated teller machine or a point of sale device.
  - 19. The computer readable medium as recited in claim 14 in which the submitted second data set comprises a personal identification number.
  - 20. The computer readable medium as recited in claim 14 in which the submitted second data set comprises data identifying the user'"'"'s mobile phone.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
MPOWER Mobile, Inc.
Original Assignee
MPOWER Mobile, Inc.
Inventors
Singh, Moneet, Racho, Jeffrey, Rasansky, Richard A.

Application Number

US11/706,667
Publication Number

US 20070203850A1
Time in Patent Office

Days
Field of Search
US Class Current

705/67
CPC Class Codes

G06Q 20/327   Short range or proximity pa...

G06Q 20/347   Passive cards

G06Q 20/3674   involving authentication

G07F 19/207   Surveillance aspects at ATMs

G07F 7/10   together with a coded signa...

G07F 7/1008   Active credit-cards provide...

G07F 7/1025   Identification of user by a...

G07F 7/1075   PIN is checked remotely

Multifactor authentication system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Multifactor authentication system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links