METHOD AND SYSTEM FOR ABSTRACTED AND RANDOMIZED ONE-TIME USE PASSWORDS FOR TRANSACTIONAL AUTHENTICATION
First Claim
1. A method for validating a user'"'"'s authenticity to access a secure system, the method comprising:
- receiving an authentication request from the user;
generating a security matrix based on a user ID and user preference data and sending said matrix to the user;
receiving a one-time code from the user in response to the security matrix;
validating the one-time code based on the security matrix, the user ID, at least one user keyword, and user preference data;
after validating the one-time code, sending an authentication result to the user, said authentication result being based on the one-time code, the security matrix, the user ID, the user keyword, and user preferences; and
sending a success or fail message, distinct from the authentication result, to the secure system based on the authentication result.
1 Assignment
0 Petitions
Accused Products
Abstract
A security system and method for authenticating a user'"'"'s access to a system is disclosed. The security system receives an authentication request from the user and responds by generating a security matrix based on a previously stored user keyword and user preference data, the security matrix being different for each authentication request. The security system sends the security matrix to the user and awaits a one-time code in response to the security matrix. The user forms the one-time code based on the user keyword, the user preferences, and the security matrix. The security system validates the one-time code against the security matrix, the keyword, and the user preferences, and responds by sending an authentication result to the user that either permits or denies access to the system. Additionally, the security system sends a success or fail message to the system to be accessed.
-
Citations
28 Claims
-
1. A method for validating a user'"'"'s authenticity to access a secure system, the method comprising:
-
receiving an authentication request from the user; generating a security matrix based on a user ID and user preference data and sending said matrix to the user; receiving a one-time code from the user in response to the security matrix; validating the one-time code based on the security matrix, the user ID, at least one user keyword, and user preference data; after validating the one-time code, sending an authentication result to the user, said authentication result being based on the one-time code, the security matrix, the user ID, the user keyword, and user preferences; and sending a success or fail message, distinct from the authentication result, to the secure system based on the authentication result. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
19. A security system for validating a user'"'"'s authenticity to access a secure system, the security system comprising:
-
a security computer that is programmed to store a user keyword and user preference data, to receive an authentication request including a user ID from the user to access the secure system and to generate a security matrix in response to said authentication request based on stored user preference data and the user ID, to send the security matrix to the user and to receive from the user a one-time code, to validate the one-time code using the generated security matrix, the user keyword, and user preference data, and to send an authentication result based on the validation to the user, and to send a success or fail message, distinct from the authentication result, to the secure system based on the authentication result; and a client interface that enables the user to transmit to the security system an authentication request to access the secure system, receives and displays the security matrix, and enables the user to send the one-time code to the security system.
-
Specification