Centralized Identification and Authentication System and Method
First Claim
1. A method performed by a central-entity for authenticating a user during an electronic transaction between the user and an external-entity over a communication network, the method comprising:
- receiving electronically a request for a dynamic code for the user during the transaction between the user and the external-entity;
providing a dynamic code to the user over a communication network for authentication of the user during electronic transaction wherein the dynamic code is valid for a predefined time and becomes invalid after being used;
receiving user'"'"'s digital identity over a communication network during electronic transaction between the user and the external-entity, which digital identity includes a dynamic code;
validating said dynamic code during the electronic transaction; and
sending a result of validation to the external-entity during electronic transaction.
0 Assignments
0 Petitions
Accused Products
Abstract
A Central-Entity centralizes users'"'"' personal and financial information in a secure environment in order to prevent the distribution of user'"'"'s information in e-commerce. This information is then used to create digital identity for the users. The digital identity of each user is dynamic, non-predictable and time dependent, because it is a combination of a user name and a dynamic, non-predictable and time dependent secure code that will be provided to the user for his identification. The user provides his digital identity to an External-Entity such as merchant or service provider. The External-Entity is dependent on Central-Entity to identify the user based on the digital identity given by the user. The External-Entity forwards the user'"'"'s digital identity to the Central-Entity for identification and authentication of the user and the transaction.
-
Citations
20 Claims
-
1. A method performed by a central-entity for authenticating a user during an electronic transaction between the user and an external-entity over a communication network, the method comprising:
-
receiving electronically a request for a dynamic code for the user during the transaction between the user and the external-entity; providing a dynamic code to the user over a communication network for authentication of the user during electronic transaction wherein the dynamic code is valid for a predefined time and becomes invalid after being used; receiving user'"'"'s digital identity over a communication network during electronic transaction between the user and the external-entity, which digital identity includes a dynamic code; validating said dynamic code during the electronic transaction; and sending a result of validation to the external-entity during electronic transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for an external-entity to authenticate a user during a transaction between the user and the external-entity based on authentication result received from a central-entity, the method comprising:
-
requesting the central-entity to authenticate the user based on a digital identity including a dynamic code received from the user during the transaction wherein the dynamic code provided to the user by the central-entity during the transaction which dynamic code is valid for a predefined time and becomes invalid after being used; receiving authentication result from the central-entity during the transaction; and authenticating the user based on authentication result. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A method for a central-entity to authenticate a user during a transaction between the user and an external-entity, the method comprising:
-
providing electronically by the central-entity a dynamic code to the user and expecting the user to use the dynamic code during the transaction between the user and the external-entity for authentication purpose wherein the dynamic code is valid for a predefined time and becomes invalid after being used; receiving electronically by the central-entity a request for authenticating the user based on a digital identity including the dynamic code; authenticating by the central-entity the user during the transaction if the digital identity including the dynamic code is valid; and providing by the central-entity a result of authenticating to the external-entity. - View Dependent Claims (17, 18, 19, 20)
-
Specification