Enhanced network server authentication using a physical out-of-band channel

US 20080091618A1
Filed: 09/30/2006
Published: 04/17/2008
Est. Priority Date: 09/30/2006
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a web site using an in-band electronic communications channel and authentication comprising:

receiving a communication including web site authentication data including challenge data and response data through an out-of-band physical delivery communications channel;

sending the challenge data to the web site using the in-band electronic communications channel;

receiving reply response data from the web site using the in-band electronic communications channel; and

comparing the reply response data with the response data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for increasing user trust by authenticating an electronic commerce server over an electronic communications channel using information received through an out-of-band communication in a physical communications channel are described. In one configuration, a paper bill is sent to a user by physical mail delivery and it includes challenge and response data used to authenticate the electronic commerce server over the electronic communications channel.

Citations

20 Claims

1. A method for authenticating a web site using an in-band electronic communications channel and authentication comprising:
- receiving a communication including web site authentication data including challenge data and response data through an out-of-band physical delivery communications channel;
  
  sending the challenge data to the web site using the in-band electronic communications channel;
  
  receiving reply response data from the web site using the in-band electronic communications channel; and
  
  comparing the reply response data with the response data.
- View Dependent Claims (2, 3, 4, 18)
- - 2. The method of claim 1 wherein the out-of-band physical delivery channel is the United States Postal Service system.
  - 3. The method of claim 1 wherein the web site is controlled by an entity and the communication is a statement from the web site controlling entity.
  - 4. The method of claim 1 wherein the web site is controlled by an entity and the communication is a statement from a financial institution including a charge from the web site controlling entity.
  - 18. The method of claim 1 wherein the communication includes communication authentication indications.

5. A method for providing web site authentication data to a user in response to a challenge from the user using an in-band electronic communications channel comprising:
- receiving a challenge from the user through the in-band communications channel;
  
  determining the appropriate response data associated with the challenge authentication data received from the user; and
  
  sending the determined reply response data to the user using the in-band electronic communications channel, whereinthe authentication data was sent to the user in a communication through an out-of-band delivery channel.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 19, 20)
- - 6. The method of claim 5 further comprising:
    - generating the response data using an appropriate key.
  - 7. The method of claim 6 wherein the key is a symmetric key.
  - 8. The method of claim 5 wherein the out-of-band delivery channel is a physical delivery channel.
  - 9. The method of claim 8 wherein the out-of-band delivery channel is the United States Postal Service system.
  - 10. The method of claim 5 wherein the web site is controlled by an entity and the communication is a statement from the web site controlling entity.
  - 11. The method of claim 5 wherein the web site is controlled by an entity and the communication is a statement from a financial institution including a charge from the web site controlling entity.
  - 19. The method of claim 5 further comprising:
    - obtaining pre-computed response data associated the challenge for use in providing reply response data in response to the challenge;
  - 20. The method of claim 5 wherein the user is authenticated to the web site.

12. A method for providing electronic commerce vendor web site authenticating data to a user through an out-of-band physical channel comprising:
- obtaining challenge/response pair data for use in providing an out-of-band communication to the user;
  
  receiving statement data for the user from the vendor;
  
  generating a statement including the challenge/response pair data; and
  
  inducting the statement into the out-of-band physical channel directed toward the user.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The method of claim 12 wherein each challenge/response pair is associated with a particular user.
  - 14. The method of claim 12 further comprising:
    - receiving additional vendor information for at least one additional vendor; and
      
      wherein the challenge/response pair data included in the statement includes challenge/response pair data for the vendor and the at least one additional vendor.
  - 15. The method of claim 14 wherein the statement is a financial vendor statement including at least one charge.
  - 16. The method of claim 15 wherein the at least one additional vendor is associated with at least one charge listed on the statement.
  - 17. The method of claim 14 wherein the at least one additional vendor is associated with at least one charge to the financial institution by the user in a previous billing cycle.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Pitney Bowes Incorporated (Böwe Systec AG)
Original Assignee
Pitney Bowes Incorporated (Böwe Systec AG)
Inventors
Macdonald, George M., Hansen, Gary G., Obrea, Andrei, Campagna, Matthew J., Parkos, Arthur J.

Granted Patent

US 8,560,457 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/76
CPC Class Codes

G06F 21/31   User authentication

G06F 21/42   using separate channels for...

G06F 2221/2103   Challenge-response

G06Q 20/3821   Electronic credentials

Enhanced network server authentication using a physical out-of-band channel

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Enhanced network server authentication using a physical out-of-band channel

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links