Single Action Authentication via Mobile Devices
First Claim
Patent Images
1. A computer-implemented method for authenticating a user, the method comprising:
- receiving at a relying party from a user at least one first factor, wherein the first factor includes at least one from the group of a user identifier, a user password, a user One Time Password, a digital signature and user biometric data;
verifying at the relying party the at least one first factor sent from the user to the relying party;
sending a message from the relying party to the user requesting the user to contact a third party authentication service through a mobile device;
sending from the user mobile device to the third party authentication service at least one second factor, where the second factor sent to the third party authentication service includes at least one from the group of a user identifier, a user password, a user One Time Password, a digital signature and user biometric data;
verifying at the third party authentication service the at least one second factor sent to the authentication service;
sending a message from the third party authentication service to the relying party indicating whether the second factor sent to the third party authentication service has been successfully verified;
if the message received from the third party authentication service indicates that the second factor sent to the third party authentication service has been successfully verified and if the relying party successfully verifies the first factor sent to the relying party, then determining that the user is authentic.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for authenticating a user includes receiving a user identification, confirming the user identification, sending a request to the user to perform a single action on a communication device, creating a session to receive the single action from the communication device, receiving an identifier from the communication device, using the identifier to verify that the user has the communication device, and authenticating the user based on the confirmed user information and the verification that the user has the communication device. The identification can include a username and a password or can be a one time password.
176 Citations
31 Claims
-
1. A computer-implemented method for authenticating a user, the method comprising:
-
receiving at a relying party from a user at least one first factor, wherein the first factor includes at least one from the group of a user identifier, a user password, a user One Time Password, a digital signature and user biometric data; verifying at the relying party the at least one first factor sent from the user to the relying party; sending a message from the relying party to the user requesting the user to contact a third party authentication service through a mobile device; sending from the user mobile device to the third party authentication service at least one second factor, where the second factor sent to the third party authentication service includes at least one from the group of a user identifier, a user password, a user One Time Password, a digital signature and user biometric data; verifying at the third party authentication service the at least one second factor sent to the authentication service; sending a message from the third party authentication service to the relying party indicating whether the second factor sent to the third party authentication service has been successfully verified; if the message received from the third party authentication service indicates that the second factor sent to the third party authentication service has been successfully verified and if the relying party successfully verifies the first factor sent to the relying party, then determining that the user is authentic. - View Dependent Claims (2)
-
-
3. A computer-implemented method for authenticating a user, the method comprising:
-
receiving at least one credential from a group of user credentials; validating the user credential; creating a session to receive a single action from a communication device; associating a first image with the session; sending a request to a user to select the same first image on the communication device; receiving an identifier from the communication device, the identifier comprises a selected image selected by the user; using the identifier to verify that the user has the communication device; and authenticating the user based on the confirmed user information and the verification that the user has the communication device and has selected the image.
-
-
4. A computer-implemented method for authenticating a user, comprising:
-
receiving a user identification; sending a request to the user to perform a single action on a communication device; receiving a verification that the user is using the communication device; and authenticating the user based on the user information and the verification that the user is using the communication device.
-
-
5. A computer-implemented method for authenticating a user, comprising:
-
receiving a user identification; confirming the user identification; sending a request to the user to perform a single action on a communication device; creating a session to receive the single action from the communication device; receiving an identifier from the communication device; using the identifier to verify that the user has the communication device; and authenticating the user based on the confirmed user information and the verification that the user has the communication device. - View Dependent Claims (6, 7, 8, 9, 10, 11)
-
-
12. A method for authenticating a user comprising:
-
receiving an identification of a one click communication device associated with a user identification; sending to the identified single action communication device a request that the user perform a single action on the communication device; receiving an identifier from the communication device; using the identifier to verify that the user has the communication device; and authenticating the user based on the user information and the verification that the user has the communication device. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A computer-implemented method for creating a secure communication channel between a handheld communication device and an entity, the handheld communication device having an identifier and security data associated therewith, the method comprising:
-
receiving the identifier from the entity; creating a session for a transaction between the entity and the handheld communication device; associating the session with the identifier; sending a request for the identifier and the security data to the handheld communication device; receiving the identifier and the security data from the handheld communication device; authenticating the handheld communication device based, in part, on the received identifier and the received security data; and notifying the entity of the authentication of the handheld communication device. - View Dependent Claims (24, 25)
-
-
26. A computer-implemented method for authenticating a mobile communication device to an entity, the method comprising:
-
receiving, from the entity, an identifier associated with the mobile communication device; creating a session for communication between the mobile communication device and the entity; associating a first image with the session; transmitting the first image to the entity; receiving the identifier and a second image from the mobile communication device; validating the mobile communication device based, in part, on the identifier, the first image, and the second image; and communicating the validation of the mobile communication device to the entity. - View Dependent Claims (27, 28)
-
-
29. A method for creating a communication channel between a handheld communication device and an entity, the method comprising:
-
receiving, from the handheld communication device, a signal associated with initiation of a transaction; receiving, from the entity, an identifier associated with the handheld communication device; providing information associated with the transaction to the handheld communication device; receiving input from the handheld communication device; and authenticating the handheld communication device based, in part, on the identifier and the input from the handheld communication device. - View Dependent Claims (30, 31)
-
Specification