SYSTEM AND METHOD FOR AUTHENTICATING A PERSON'S IDENTITY USING A TRUSTED ENTITY

US 20080184351A1
Filed: 11/21/2007
Published: 07/31/2008
Est. Priority Date: 05/16/2006
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a person'"'"'s identity to a transactional entity using a trusted entity with a secure repository of a person'"'"'s personal identity information, comprising:

accessing a person'"'"'s account on the trusted entity'"'"'s server using a user identifier and a password;

granting the person a key, associated with a person identifier to form a unique code, the key being obtained from the trusted entity;

delivering the unique code to the transactional entity via the person;

verifying the person'"'"'s identity to the transactional entity by confirming the unique code using the trusted entity'"'"'s server.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method are provided for authenticating a person'"'"'s identity to a business using a trusted entity with a secure repository to store and protect the person'"'"'s identity information. The person accesses their account on the trusted entity'"'"'s server using a user name and a password. Then, the trusted entity grants the person a unique code so the person can authenticate their identity to the business. The person delivers the unique code to the transactional entity. The business makes a request to verify the unique code with the trusted entity. The trusted entity verifies the unique code, which authenticates the person'"'"'s identity to the business.

Citations

26 Claims

1. A method for authenticating a person'"'"'s identity to a transactional entity using a trusted entity with a secure repository of a person'"'"'s personal identity information, comprising:
- accessing a person'"'"'s account on the trusted entity'"'"'s server using a user identifier and a password;
  
  granting the person a key, associated with a person identifier to form a unique code, the key being obtained from the trusted entity;
  
  delivering the unique code to the transactional entity via the person;
  
  verifying the person'"'"'s identity to the transactional entity by confirming the unique code using the trusted entity'"'"'s server.

2. A method for authenticating a person'"'"'s identity to a transactional entity using a trusted entity with a secure repository of a person'"'"'s personal identity information, comprising:
- accessing a person'"'"'s account on the trusted entity'"'"'s server using a user identifier and a password;
  
  granting the person a single-use key, associated with a person identifier to form a unique code, the key being obtained from the trusted entity;
  
  delivering the unique code from the person to the transactional entity;
  
  verifying the person'"'"'s identity to the transactional entity by confirming the unique code using the trusted entity'"'"'s server.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 3. The method as in claim 2, wherein the single-use key expires after a predetermined time period.
  - 4. The method as in claim 2, wherein the user identifier is a person'"'"'s name, social security number, unique user name, or second password.
  - 5. The method as in claim 2, wherein the person identifier is a person'"'"'s name, social security number, or unique identifying name.
  - 6. The method as in claim 2, further comprising the steps of recording and storing information on accesses to the person'"'"'s account on the trust entity'"'"'s server, which can be displayed to the person.
  - 7. The method as in claim 2, further comprising the steps of recording and storing the information on granting or denying the single-use key on the trust entity'"'"'s server, which can be displayed to the person.
  - 8. The method as in claim 2, wherein accessing a person'"'"'s account further requires correctly responding to predetermined inquiries on the person'"'"'s personal identity information stored in the trusted entity'"'"'s secure repository.
  - 9. The method as in claim 2, wherein granting the person a single-use key further requires correctly responding to predetermined inquiries on the person'"'"'s personal identity information stored in the trusted entity'"'"'s secure repository.
  - 10. The method as in claim 2, further comprising the steps of:
    - authenticating the person'"'"'s identity initially by the trusted entity using trusted data and other trusted entities;
      
      creating a person'"'"'s account at the trusted entity with a user identifier and a password;
      
      storing the person'"'"'s personal identity information, prior to access of a person'"'"'s account with the trusted entity.
  - 11. The method as in claim 2, wherein the person'"'"'s personal identity information is selected from the group consisting of:
    - A person'"'"'s name, social security number, birthday, address, employment information, financial information, biographical information, biometric data, personal information only known by the person, secrets only known by the person, and a combination thereof.
  - 12. The method as in claim 11, wherein the biometric data is selected from the group consisting of:
    - Handwriting, signature, fingerprints, voiceprints, retinal scans, iris scans, DNA or blood sample, facial recognition, hand geometry, vascular patterns, dental records, and a combination thereof.
  - 13. The method as in claim 2, further comprising the steps of displaying a photograph of the person stored with the person'"'"'s personal identity information in the trusted entity'"'"'s secure repository to the transactional entity after the person'"'"'s identity has been verified using the unique code, whereby the photograph is a secondary verification to the unique code.
  - 14. The method as in claim 2, wherein the transactional entity verifies the person'"'"'s unique code on the trusted entity'"'"'s server using a transactional entity user interface.
  - 15. The method as in claim 2, wherein the transactional entity is selected from the group consisting of:
    - A bank, a financial institution, a business, an insurance company, a health care facility, a government entity, and another entity desiring the person'"'"'s entity to be authentic.
  - 16. The method as in claim 2, wherein the transactional entity verifies the person'"'"'s unique code using the trusted entity'"'"'s server by using the transactional entity'"'"'s account with the trusted entity.
  - 17. The method as in claim 2, wherein delivering the unique code, accessing a person'"'"'s account, granting the unique code, and verifying the person'"'"'s identity uses a computer network, automated telephone network, telephone network with a human operator accessing the person'"'"'s account on trusted entity'"'"'s server for the person and granting the unique code, physical delivery mechanism, or combination thereof.
  - 18. The method as in claim 2, further comprising the step of specifying the transactional entity for which the unique code will be generated, wherein the unique code only authenticates the person'"'"'s identity when the transactional entity specified by the person verifies the unique code.
  - 19. The method as in claim 2, wherein a portion or all of the person'"'"'s personal identity information is not accessible or viewable to the person after the information is stored in the secure repository, whereby that portion of the person'"'"'s personal identity information cannot be viewed or accessed by an identity thief if the identity thief obtains the person'"'"'s user identifier and password.
  - 20. The method as in claim 2, further comprising the step of printing the unique code on a certificate after granting the unique code.

21. A method for generating a single-use key used for authenticating a person'"'"'s identity using a trusted entity with a secure repository of a person'"'"'s personal identity information comprising:
- assessing a transactional entity'"'"'s account on the trusted entity'"'"'s server, wherein the transactional entity is accessing the transactional entity'"'"'s account;
  
  selecting types of inquiries to use to authenticate the person'"'"'s identity, wherein a verifying entity selects the types of inquiries;
  
  accessing a person'"'"'s account on the trusted entity'"'"'s server using a user identifier and a password, wherein the person is accessing the person'"'"'s account;
  
  responding to the inquiries selected by the transactional entity so the person'"'"'s identity can be authenticated, wherein the person is responding to the inquiries;
  
  comparing the person'"'"'s responses to the inquiries with the person'"'"'s personal identity information stored on the trusted entity'"'"'s secure repository by the trusted entity;
  
  generating a single-use key, associated with a person identifier to form a unique code, generated from the trusted entity and granted to the person for use by the transactional entity if the person'"'"'s responses match the person'"'"'s personal identity information stored on the trusted entity'"'"'s secure server.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The method as in claim 21, further comprising the step of specifying the transactional entity for which the unique code will be generated after accessing a person'"'"'s account on the trusted entity'"'"'s server.
  - 23. The method as in claim 21, wherein the selected inquiries are randomly generated.
  - 24. The method as in claim 21, wherein the secure repository is a server.
  - 25. The method as in claim 21, wherein the verifying entity comprises the transactional entity or the trusted entity.

26. A system for authenticating a person'"'"'s identity to a transactional entity using a trusted entity, comprising:
- a client module with a person input device for a person to enter a user identifier and a password, a person processing unit connected to the person input device to prompt the person for the user identifier and the password, and a person display unit connected to the person processing unit to display the key associated with a person identifier to form a unique code to the person;
  
  a transactional processing module with an transactional input device for the transactional entity to enter the key, a transactional processing unit connected to the transactional input device to prompt the transactional entity for the key, and a transactional display unit connected to the transactional processing unit to display a message to the transactional entity authenticating the person'"'"'s identity;
  
  a trusted entity server with a trusted entity processing unit to process requests from the client module and the transactional processing module using a network, and a database accessible to the trusted entity processing unit to store the user identifier, the password, the unique code, and a person'"'"'s personal identity information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
TransactionSecure, L.L.C.
Inventors
Gephart, Brian R., Mitchell, Bradley W., Dobson, Michael F., Larsen, Reed H.

Granted Patent

US 8,738,921 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06F 21/31   User authentication

G06F 21/33   using certificates

G06F 2221/2115   Third party

H04L 63/08   for authentication of entit...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0846   using time-dependent-passwo...

H04L 63/123   received data contents, e.g...

H04L 63/1416   Event detection, e.g. attac...

H04L 9/3226   using a predetermined code,...

SYSTEM AND METHOD FOR AUTHENTICATING A PERSON'S IDENTITY USING A TRUSTED ENTITY

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR AUTHENTICATING A PERSON'S IDENTITY USING A TRUSTED ENTITY

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links