SYSTEM AND METHOD FOR PASSWORD-FREE ACCESS FOR VALIDATED USERS
First Claim
Patent Images
1. A system, comprising:
- a web service engine operable to;
provide a web service to a user online;
request validation of identity of the user when the user initiates a first request for the web service;
prompt the user with one or more of a set of personal challenge questions (PCQs) when the user initiates a second request for the web service;
accept second answers to the one or more PCQs from the user to grant or decline the second request;
a validation engine operable to;
validate the identity of the user when requested by the web service engine;
enable the user to register securely and to create a profile, the set of PCQs, and first answers to the PCQs when the identity of the user is validated;
compare the first and the second answers to the one or more PCQs from user for authorization of the second request.
4 Assignments
0 Petitions
Accused Products
Abstract
A new approach is proposed that first validates identity of a user/individual who is initiating a request for a web service for the first time. Once validated, the user is allowed to access the web service, to register securely with the provider of the web service, and to create a series of personalized questions to be used for future validation purposes. During the user'"'"'s subsequent request for the web service, the user will be asked, in addition to his/her user name, one or more of the personalized questions he/she created on rotation basis in place of a PIN or password.
98 Citations
23 Claims
-
1. A system, comprising:
-
a web service engine operable to; provide a web service to a user online; request validation of identity of the user when the user initiates a first request for the web service; prompt the user with one or more of a set of personal challenge questions (PCQs) when the user initiates a second request for the web service; accept second answers to the one or more PCQs from the user to grant or decline the second request; a validation engine operable to; validate the identity of the user when requested by the web service engine; enable the user to register securely and to create a profile, the set of PCQs, and first answers to the PCQs when the identity of the user is validated; compare the first and the second answers to the one or more PCQs from user for authorization of the second request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method, comprising:
-
accepting a first request for a web service initiated by a user online over a network; validating identity of the user based on the information provided by the user; accepting or declining the first request by the user based on the validation result of the identity of the user; enabling the user to access the web service and to create a profile, a set of personal challenge questions (PCQs), and first answers to the PCQs if the identity of the user is validated; prompting the user with one or more of the PCQs created by the user during a second request for the web service by the user; comparing the first and the second answers to the PCQs from the user; granting or declining the second the second request for the web service based on result of the comparison without prompting the user for PIN or password. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
-
-
23. A system, comprising:
-
means for accepting a first request for a web service initiated by a user online over a network; means for validating identity of the user based on the information provided by the user; means for accepting or declining the first request by the user based on the validation result of the identity of the user; means for enabling the user to access the web service and to create a profile, a set of personal challenge questions (PCQs), and first answers to the PCQs if the identity of the user is validated; means for prompting the user with one or more of the PCQs created by the user during a second request for the web service by the user; means for comparing the first and the second answers to the PCQs from the user; means for granting or declining the second the second request for the web service based on result of the comparison without prompting the user for PIN or password.
-
Specification