System and Method For Dynamic Multifactor Authentication

US 20080307515A1
Filed: 12/20/2006
Published: 12/11/2008
Est. Priority Date: 12/21/2005
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a user, the method comprising the steps of:

sending an authentication request to a remote authentication device;

generating a first piece of authentication information;

receiving at a mobile device, the first piece of authentication information from one of an access terminal or the remote authentication device;

generating, within the mobile device of the user, a second piece of authentication information which is at least partially based on the received first piece of authentication information;

sending the second piece of authentication information to the remote authentication device;

validating the second piece of authentication information; and

if the second piece of authentication information is successfully validated, generating an authentication signal.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of authenticating a user. The method comprises the step of sending an authentication request to a remote authentication device and generating a first piece of authentication information. A mobile device receives the first piece of authentication information from either an access terminal or the remote authentication device. The mobile device of the user generating a second piece of authentication information which is at least partially based on the received first piece of authentication information. The second piece of authentication information is sent to the remote authentication devices and the second piece of authentication information validated. If the second piece of authentication information is successfully validated an authentication signal is generated.

Citations

28 Claims

1. A method of authenticating a user, the method comprising the steps of:
- sending an authentication request to a remote authentication device;
  
  generating a first piece of authentication information;
  
  receiving at a mobile device, the first piece of authentication information from one of an access terminal or the remote authentication device;
  
  generating, within the mobile device of the user, a second piece of authentication information which is at least partially based on the received first piece of authentication information;
  
  sending the second piece of authentication information to the remote authentication device;
  
  validating the second piece of authentication information; and
  
  if the second piece of authentication information is successfully validated, generating an authentication signal.
- View Dependent Claims (2, 3, 5, 7, 8, 9, 10, 11, 12, 25, 26)
- - 2. The method of claim 1, wherein the first piece of authentication information contains an authentication code.
  - 3. The method of claim 2, wherein the first piece of authentication information contains transactional information related to a transaction which the user wishes to make.
  - 5. The method of claim 1, wherein the first piece of authentication information is received via a wireless data communication means.
  - 7. The method of claim 1, wherein the first piece of authentication information is received using a local wired or wireless data communication means.
  - 8. The method of claim 1, wherein the first piece of authentication information is captured from the access terminal using one of an audio or visual data acquiring module of the mobile device.
  - 9. The method of claim 8, wherein the authentication information is captured from the access terminal using a digital camera on the mobile device.
  - 10. The method of claim 1, wherein the step of generating the second piece of authentication information is done using one of International Mobile Equipment Identity (IMEI), information relating to the Subscriber Identity Module (SIM) or information specific to the mobile device of the user.
  - 11. The method of claim 10, wherein the information specific to the mobile device includes an encryption key.
  - 12. The method of claim 1, wherein the second piece of authentication information comprises biometric data.
  - 25. The method of claim 5, wherein the wireless data communication means comprises one of Short Message Service (SMS) or Multimedia Message Service (MMS).
  - 26. The method of claim 7, wherein the data communication means comprises one of Bluetooth™
    - or Universal Serial Bus (USB).

4. (canceled)

6. (canceled)

13. A system for authenticating a user, the system comprising:
- sending means for sending an authentication request to a remote authentication device;
  
  generating means for generating a first piece of authentication information;
  
  receiving means for receiving at a mobile device, the first piece of authentication information from one of an access terminal or the remote authentication device;
  
  generating means for generating, within the mobile device of the user, a second piece of authentication information which is at least partially based on the received first piece of authentication information;
  
  sending means for sending the second piece of authentication information to the remote authentication device;
  
  validating means for validating the second piece of authentication information; and
  
  generating means for generating an authentication signal if the second piece of authentication information is successfully validated by the validating means.
- View Dependent Claims (14, 15, 17, 19, 20, 21, 22, 23, 24, 27, 28)
- - 14. The system of claim 13, wherein the first piece of authentication information contains an authentication code.
  - 15. The system of claim 14, wherein the first piece of authentication information contains transactional information related to a transaction which the user wishes to make.
  - 17. The system of claim 13, wherein the system is arranged such that the first piece of authentication information is received via a wireless data communication means.
  - 19. The system of claim 13, wherein the system is arranged such that the first piece of authentication information is received using a local wired or wireless data communication means.
  - 20. The system of claim 13, wherein the system is arranged such that the first piece of authentication information is captured from the access terminal using an audio or visual data acquiring module of the mobile device.
  - 21. The system of claim 20, wherein the system is arranged such that the authentication information is captured from the access terminal using a digital camera on the mobile device.
  - 22. The system of claim 13, wherein the system is arranged such that the generating means generates the second piece of authentication information using one of the International Mobile Equipment Identity (IMEI), information relating to the Subscriber Identity Module (SIM) or information specific to the mobile device of the user.
  - 23. The system of claim 22, wherein the system is arranged such that the information specific to the mobile device includes an encryption key.
  - 24. The system of claim 13, wherein the second piece of authentication information comprises biometric data.
  - 27. The system of claim 17, wherein the wireless data communication means comprises one of a Short Message Service (SMS) or a Multimedia Message Service (MMS).
  - 28. The system of claim 19, wherein the data communication means comprises Bluetooth™
    - or Universal Serial Bus (USB).

16. (canceled)

18. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Onespan North America Incorporated (OneSpan, Inc.)
Original Assignee
Cronto Limited (OneSpan, Inc.)
Inventors
Tahar, Emmanuel, Drokov, Igor, Punskaya, Elena

Granted Patent

US 8,943,548 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06Q 20/3224   Transactions dependent on l...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4093   Monitoring of device authen...

H04L 2463/082   applying multi-factor authe...

H04L 63/0442   wherein the sending and rec...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04L 63/18   using different networks or...

H04W 12/06   Authentication

H04W 12/65   Environment-dependent, e.g....

H04W 12/71   Hardware identity

System and Method For Dynamic Multifactor Authentication

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

System and Method For Dynamic Multifactor Authentication

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links