METHODS AND SYSTEMS FOR AUTHENTICATING USERS
0 Assignments
0 Petitions
Accused Products
Abstract
A method of authenticating users to reduce transaction risks includes indicating a desire to conduct a transaction, inputting information in a workstation, and determining whether the inputted information is known. Moreover, the method includes determining a state of a communications device when the inputted information is known, and transmitting a biometric authentication request from a server to an authentication system when the state of the communications device is enrolled. Additionally, the method includes obtaining biometric authentication data in accordance with a biometric authentication data capture request with the communications device, biometrically authenticating the user, generating a one-time pass-phrase and storing the one-time pass-phrase on the authentication system when the user is authenticated, comparing the transmitted one-time pass-phrase against the stored one-time pass-phrase, and conducting the transaction when the transmitted and stored one-time pass-phrases match.
310 Citations
33 Claims
-
1-20. -20. (canceled)
-
21. An apparatus for authenticating users that reduces transaction risks, said apparatus comprising:
-
means for storing biometric authentication data and personal data for each of a plurality of authorized users in an authentication system, and means for storing protected resources in a server, wherein each of the protected resources is associated with at least a corresponding one of the plurality of authorized users; means for indicating a desire to conduct at least one transaction and for determining whether the at least one transaction requires access to the protected resources, such that when the at least one transaction requires access to the protected resources information is input into a workstation by a workstation user; means for determining whether the inputted information is known and for determining a state of a communications device when the inputted information is known; means for generating a biometric authentication data capture request in response to an authentication request, and for transmitting the biometric authentication data capture request over a second communications channel from the authentication system to the communications device, wherein the communications device is included in the second channel and is associated with one of the plurality of authorized users and the one authorized user is associated with the inputted information; means for obtaining the biometric authentication data capture request transmission, for capturing biometric authentication data in accordance with the biometric authentication data capture request from the workstation user with the communications device, and for transmitting the captured biometric authentication data from the communications device to the authentication system over the second communications channel; means for validating the identity of the user by comparing the captured biometric authentication data against biometric authentication data of the one authorized user stored in the authentication system; means for generating a one-time pass-phrase, for storing the one-time pass-phrase on the authentication system and for transmitting the one-time pass-phrase to the communications device over the second communications channel when the workstation user is authenticated as the one authorized user; means for obtaining the one-time pass-phrase from the communications device and for entering the one-time pass-phrase into the workstation; means for transmitting the one-time pass-phrase from the workstation to the authentication system over the first communications channel, and for comparing the transmitted one-time pass-phrase against the stored one-time pass-phrase; and means for granting access to the protected resources of the one authorized user when the transmitted and stored one-time pass-phrases match. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification