Methods For Authentication

US 20080172341A1
Filed: 01/20/2006
Published: 07/17/2008
Est. Priority Date: 01/21/2005
Status: Active Grant

First Claim

Patent Images

1. A method for generating an authentication passkey for a resource associated with a computer system, said method comprising the steps of:

providing a user account identifier for the resource to an authentication component of the computer system;

providing an identifying data element to the authentication component; and

encrypting the user account identifier by using the identifying data element as the key to encryption.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for managing access to application software contained on a computer system or network. The computer system utilizes an authentication component that is configured to receive a unique user account identifier and to generate an authentication passkey by using an identifying data element, typically called a “password”. The identifying data elements are collected from one or more input devices and used as an encryption key for the user account identifier. The generated authentication passkey is used in an authentication transaction associated with the application software instead of the identifying data element thereby reducing data security risks if the identifying data element alone were discovered due to other unknowns including the encryption elements.

Citations

28 Claims

1. A method for generating an authentication passkey for a resource associated with a computer system, said method comprising the steps of:
- providing a user account identifier for the resource to an authentication component of the computer system;
  
  providing an identifying data element to the authentication component; and
  
  encrypting the user account identifier by using the identifying data element as the key to encryption.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1 wherein the identifying data element is provided by a biometric device.
  - 3. The method of claim 1 wherein the identifying data element is provided utilizing at least one of a keyboard and pointing device.
  - 4. The method of claim 1 wherein the identifying data element is provided utilizing an independent computer program.
  - 5. The method of claim 1 wherein the identifying data element is provided by a measurement device.
  - 6. The method of claim 1 wherein the identifying data element is contained on a portable storage device.
  - 7. The method of claim 1 wherein the identifying data element is associated with a computer system component.
  - 8. The method of claim 1 further comprising the step of manipulating data elements of the user account identifier prior to encryption.
  - 9. The method of claim 1 wherein further comprising the step of manipulating data elements of the encrypted user account identifier.
  - 10. The method of claim 1 further comprising the step of combining the user account identifier with a resource identifier into a single data element before encryption.
  - 11. The method of claim 1 further comprising the step of combining the user account identifier, identifying data element and a resource identifier into a single data element before encryption.
  - 12. The method of claim 1 further comprising the step of using the user account identifier in combination with the identifying data element as the key to encryption.

13. A method of generating and registering an authentication passkey for application software associated with a computer system, said method comprising the steps of:
- providing a user account identifier for the application software to an authentication component of the computer system;
  
  providing an identifying data element to the authentication component through a mechanism associated the computer system;
  
  encrypting the user account identifier by using the identifying data element as the key to encryption for generating the passkey;
  
  determining if an authorization database contains a registration record associated with the user account identifier; and
  
  updating an application authentication database to contain the generated passkey associated with the user account identifier if no registration record for the user account identifier is located.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The method of claim 13 further comprises the step of preventing a registration transaction if the user account identifier is not located in the authorization database or if the user account identifier has been previously registered.
  - 15. The method of claim 13 comprising the steps of processing the generated passkey by a hash encryption;
    - and updating the application authentication database to contain the hash of the generated passkey.
  - 16. The method of claim 13 further comprising the step of authenticating a user application session by:
    - querying the application authentication database to determine if an account identifier record is available that matches the user account identifier; and
      
      granting access to the application software if the account identifier record contains a passkey that matches the generated passkey.
  - 17. The method of claim 16 further comprising the step of rejecting an authentication transaction when the account identifier record is not located in the application authentication database.
  - 18. The method of claim 13 further comprising the step of authenticating a user application session by:
    - querying the application authentication database to determine if an account identifier record is available that matches the user account identifier;
      
      processing the generated passkey by a hash encryption if the account identifier record is available; and
      
      granting access to the application software if the account identifier record contains a hash passkey that matches the hash of the generated passkey.

19. A method for registering a payment passkey with a payment system network comprising the steps of:
- providing the payment system with a user'"'"'s proof of identity;
  
  providing the user a user account identifier and a payment method identifier in response to receiving the proof of identity;
  
  providing the payment system with an identifying element;
  
  generating a payment passkey by encrypting the combination of the user account identifier and payment method identifier utilizing the identifying element; and
  
  registering the generated payment passkey in the payment system network.
- View Dependent Claims (20)
- - 20. The method of claim 19 further comprising the step of initiating a payment transaction with the payment system network by:
    - providing an identifying element to the payment system network;
      
      generating a payment passkey by encrypting the combination of the user account identifier and payment method identifier utilizing the identifying element;
      
      sending the payment passkey to a merchant transaction system for payment validation from the payment system; and
      
      receiving a payment authorization transaction from the merchant transaction system for approval in response to receiving the payment passkey.

21. A method for registering an application service identifier utilizing a service authentication component, said method comprising the steps of:
- generating a user service identifier upon initiating a session of using application software;
  
  providing an application identifier and the user service identifier to a service authentication component; and
  
  storing the application identifier and the user service identifier in the service authentication component.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The method of claim 21 further including the step of authenticating application software executed by the user, said steps comprising:
    - providing the generated user service identifier and the application identifier to the service authentication component;
      
      determining if the current user service identifier and application identifier match the identifiers previously stored in the service authentication component; and
      
      executing the application software if the current user service identifier and the application identifiers match the previously stored identifiers.
  - 23. The method of claim 21 further including the step of authenticating application software executed by a user prior to application user authentication, said step comprising:
    - providing the generated user service identifier and the application identifier to the service authentication component;
      
      determining if the current user service identifier and application identifier match the identifiers previously stored in the service authentication component; and
      
      initiating application user authentication if the current user service identifier and the application identifiers match the previously stored identifiers.
  - 24. The method of claim 21 further comprising the step of authenticating the application software executed by the service authentication component, said step comprising:
    - using the service authentication component to execute the application software;
      
      providing the generated user service identifier and the application identifier to the service authentication component;
      
      determining if the current user service identifier matches the service identifier previously stored in the service authentication component; and
      
      executing the application software if the current user service identifier matches the previously stored user service identifier.
  - 25. The method of claim 24 further comprising the step of using the previously stored application identifier to retrieve the previously stored user service identifier.

26. A method for generating an authentication passkey for a resource, said method comprising the steps of:
- providing a resource identifier to the authentication component;
  
  providing an identifying data element to the authentication component; and
  
  encrypting the resource identifiers by using the identifying data element as the key to encryption.
- View Dependent Claims (27, 28)
- - 27. The method of claim 26 further comprising the steps of providing at least one other resource identifier to the authentication component;
    - and encrypting the resource identifiers by using the identifying data element as the key to encryption.
  - 28. The method of claim 27 further comprising the step of combining each resource identifier with a user account identifier before encryption.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Innovative Inventions, Inc., Newport Scientific Research LLC
Original Assignee
Innovative Inventions, Inc.
Inventors
Crandell, Jeffrey L.

Granted Patent

US 8,015,116 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/75
CPC Class Codes

G06F 21/31   User authentication

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06F 21/46   by designing passwords or c...

G06Q 20/382   insuring higher security of...

G06Q 20/401   Transaction verification

Methods For Authentication

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Methods For Authentication

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links