Multifactor authentication system
First Claim
1. A system for authenticating the identity of a user attempting a financial transaction comprising:
- a multifactor authentication engine; and
an instruction set operable to provide at least one instruction to the multifactor authentication engine to process electronic data according to a selected multifactor authentication paradigm,wherein the multifactor authentication paradigm comprises the verification of a mobile communications device and the verification of a personal identification number or code delivered using the mobile communications device.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided to allow for multifactor authentication of automatic teller machines (ATM) transactions and transactions at a merchant'"'"'s point of sale. In an illustrative implementation, a secondary PIN request is delivered to participating users, and/or a one-time use, randomly generated secondary PIN to a customer'"'"'s mobile phone via a text message when the customer initiates a transaction at an ATM. The customer then replies with a text message to the secondary PIN request with the customer'"'"'s PIN or inputs the secondary PIN into the ATM before the transaction may proceed. In an illustrative implementation, the customer'"'"'s mobile phone is allowed to be used as a mobile PIN terminal for various payments devices used at a merchant'"'"'s point of sale system. Also, an additional level of customer authentication using the ubiquitous mobile phone can be allowed, thereby increasing the security of ATM transactions and non-cash payments.
-
Citations
20 Claims
-
1. A system for authenticating the identity of a user attempting a financial transaction comprising:
-
a multifactor authentication engine; and an instruction set operable to provide at least one instruction to the multifactor authentication engine to process electronic data according to a selected multifactor authentication paradigm, wherein the multifactor authentication paradigm comprises the verification of a mobile communications device and the verification of a personal identification number or code delivered using the mobile communications device. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for authenticating the identity of a user attempting a financial transaction comprising:
-
receiving a submitted first data set from a user attempting a financial transaction; authenticating the submitted first data set against a known first data set, wherein the known first data set contains information associated with the user, rejecting the financial transaction should the authentication of the submitted first data set fail; submitting a request for a second data set to the user; receiving a submitted second data set from the user; authenticating the submitted second data set against a known second data set, wherein the known second data set contains information associated with the user, rejecting the financial transaction should the authentication of the submitted second data set fail; and allowing the financial transaction to proceed should the submitted first data set and the submitted second data be properly authenticated. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A computer readable medium having computer readable instructions to instruct a computer to perform a method for authenticating the identity of a user attempting a financial transaction comprising:
-
receiving a submitted first data set from a user attempting a financial transaction; authenticating the submitted first data set against a known first data set, wherein the known first data set contains information associated with the user, rejecting the financial transaction should the authentication of the submitted first data set fail; submitting a request for a second data set to the user; receiving a submitted second data set from the user; authenticating the submitted second data set against a known second data set, wherein the known second data set contains information associated with the user, rejecting the financial transaction should the authentication of the submitted second data set fail; and allowing the financial transaction to proceed should the submitted first data set and the submitted second data be properly authenticated. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification