SYSTEMS AND METHODS FOR PROVIDING AUTHENTICATION AND AUTHORIZATION UTILIZING A PERSONAL WIRELESS COMMUNICATION DEVICE
First Claim
1. A method for authenticating a user in a wireless communications system, comprising:
- receiving an address of a wireless communication device at a trusted server, wherein the address identifies the wireless communication device in a communications network;
locating the address of the wireless communication device among a plurality of addresses in a database, wherein the user is associated with the address in the database;
establishing, in response to the locating the address, a wireless communication link with the wireless communication device;
receiving identifying information from the wireless communication device over a communication path including the wireless communication link, wherein the identifying information is produced, at least in part, from shared information stored in a user programmable memory of the wireless communication device and the shared information includes a shared secret generated via a cryptographic key exchange between the wireless communication device and the trusted server; and
authenticating the user in response to the identifying information.
1 Assignment
0 Petitions
Accused Products
Abstract
An authorization and authentication system utilizing a mobile communication device. The authentication and authorization system enables a trusted server, in conjunction with a user controlled mobile communication device (which has been registered with the trusted site), to authorize a transaction carried out at a transaction management system. An identity of the user is authenticated by a verification that the user is in possession of the mobile communication device. In this way, the transaction management system is able to effectuate an authorized transaction with confidence that the authorization was from the user and not a third party. In variations, the authentication is a multi-factor authentication, i.e., the user must both possess the mobile communication device and information, e.g., a password.
-
Citations
22 Claims
-
1. A method for authenticating a user in a wireless communications system, comprising:
-
receiving an address of a wireless communication device at a trusted server, wherein the address identifies the wireless communication device in a communications network; locating the address of the wireless communication device among a plurality of addresses in a database, wherein the user is associated with the address in the database; establishing, in response to the locating the address, a wireless communication link with the wireless communication device; receiving identifying information from the wireless communication device over a communication path including the wireless communication link, wherein the identifying information is produced, at least in part, from shared information stored in a user programmable memory of the wireless communication device and the shared information includes a shared secret generated via a cryptographic key exchange between the wireless communication device and the trusted server; and authenticating the user in response to the identifying information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system for authenticating a user in a wireless communications system, comprising:
-
a trusted computer server disposed for communicating with a plurality of wireless communications devices in a communications network including one or more wireless communications links, including; one or more processors; and one or more memories, said one or more memories including instructions for execution on the one or more processors to; receive an address of a first wireless communication device of the plurality of wireless communications devices, wherein the address identifies the wireless communication device in a communications network; locate the address of the wireless communication device among a plurality of addresses in a database, wherein the user is associated with the address in the database; initiate establishment, in response to the locating the address, a wireless communication link with the wireless communication device; receive identifying information from the wireless communication device over a communication path including the one or more wireless communication links, wherein the identifying information is produced, at least in part, from shared information stored in a user programmable memory of the wireless communication device and the shared information includes a shared secret generated via a cryptographic key exchange between the wireless communication device and the trusted server; and authenticate the user in response to the identifying information. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
-
Specification