Centralized Identification and Authentication System and Method

US 20130036053A1
Filed: 09/07/2012
Published: 02/07/2013
Est. Priority Date: 08/29/2001
Status: Active Grant

First Claim

Patent Images

1. A method performed by a central-entity for authenticating a user during an electronic transaction between the user and an external-entity over a communication network, the method comprising:

receiving electronically a request for a dynamic code for the user during the transaction between the user and the external-entity;

providing a dynamic code to the user over a communication network for authentication of the user during electronic transaction wherein the dynamic code is valid for a predefined time and becomes invalid after being used;

receiving user'"'"'s digital identity over a communication network during electronic transaction between the user and the external-entity, which digital identity includes a dynamic code;

validating said dynamic code during the electronic transaction; and

sending a result of validation to the external-entity during electronic transaction.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A Central-Entity centralizes users'"'"' personal and financial information in a secure environment in order to prevent the distribution of user'"'"'s information in e-commerce. This information is then used to create digital identity for the users. The digital identity of each user is dynamic, non-predictable and time dependent, because it is a combination of a user name and a dynamic, non-predictable and time dependent secure code that will be provided to the user for his identification. The user provides his digital identity to an External-Entity such as merchant or service provider. The External-Entity is dependent on Central-Entity to identify the user based on the digital identity given by the user. The External-Entity forwards the user'"'"'s digital identity to the Central-Entity for identification and authentication of the user and the transaction.

26 Citations

View as Search Results

20 Claims

1. A method performed by a central-entity for authenticating a user during an electronic transaction between the user and an external-entity over a communication network, the method comprising:
- receiving electronically a request for a dynamic code for the user during the transaction between the user and the external-entity;
  
  providing a dynamic code to the user over a communication network for authentication of the user during electronic transaction wherein the dynamic code is valid for a predefined time and becomes invalid after being used;
  
  receiving user'"'"'s digital identity over a communication network during electronic transaction between the user and the external-entity, which digital identity includes a dynamic code;
  
  validating said dynamic code during the electronic transaction; and
  
  sending a result of validation to the external-entity during electronic transaction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method according to claim 1, wherein said dynamic code is alphanumeric.
  - 3. The method according to claim 1, wherein said external-entity and said central-entity are the same entity.
  - 4. The method according to claim 1, wherein the transaction corresponds to one or more of the following;
    - a financial transaction, a non-financial transaction, access request to a restricted web-site or a restricted computer/server or restricted network.
  - 5. The method according to claim 1, wherein said the digital identity comprises said dynamic code and a user-specific information.
  - 6. The method according to claim 1, wherein said digital identity is dynamic code.
  - 7. The method according to claim 1, wherein said communication network comprises one or more of the following:
    - a public network, an internet, a wireless network, a mobile network, a satellite network, and a private network.
  - 8. The method according to claim 1, wherein said the digital identity is invalid if the dynamic code is invalid.
  - 9. The method according to claim 1, wherein said the user is authentic if the digital identity including the dynamic code is valid during the transaction.

10. A method for an external-entity to authenticate a user during a transaction between the user and the external-entity based on authentication result received from a central-entity, the method comprising:
- requesting the central-entity to authenticate the user based on a digital identity including a dynamic code received from the user during the transaction wherein the dynamic code provided to the user by the central-entity during the transaction which dynamic code is valid for a predefined time and becomes invalid after being used;
  
  receiving authentication result from the central-entity during the transaction; and
  
  authenticating the user based on authentication result.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The method according to claim 10, wherein said dynamic code is alphanumeric.
  - 12. The method according to claim 10, wherein said external-entity and said central-entity are the same entity.
  - 13. The method according to claim 10, wherein the transaction corresponds to one or more of the following;
    - a financial transaction, a non-financial transaction, access request to a restricted web-site or a restricted computer/server or restricted network.
  - 14. The method according to claim 10, wherein said the digital identity comprises said dynamic code and a user-specific information.
  - 15. The method according to claim 10, wherein said digital identity is dynamic code.

16. A method for a central-entity to authenticate a user during a transaction between the user and an external-entity, the method comprising:
- providing electronically by the central-entity a dynamic code to the user and expecting the user to use the dynamic code during the transaction between the user and the external-entity for authentication purpose wherein the dynamic code is valid for a predefined time and becomes invalid after being used;
  
  receiving electronically by the central-entity a request for authenticating the user based on a digital identity including the dynamic code;
  
  authenticating by the central-entity the user during the transaction if the digital identity including the dynamic code is valid; and
  
  providing by the central-entity a result of authenticating to the external-entity.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method according to claim 16, wherein said dynamic code is alphanumeric.
  - 18. The method according to claim 16, wherein said external-entity and said central-entity are the same entity.
  - 19. The method according to claim 16, wherein said the digital identity comprises said dynamic code and a user-specific information.
  - 20. The method according to claim 16, wherein said digital identity is dynamic code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kamran Asghari-Kamrani, Nader Asghari-Kamrani
Original Assignee
Kamran Asghari-Kamrani, Nader Asghari-Kamrani
Inventors
Asghari-Kamrani, Nader, Asghari-Kamrani, Kamran

Granted Patent

US 9,727,864 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/44
CPC Class Codes

G06F 21/31   User authentication

G06F 21/40   by quorum, i.e. whereby two...

G06F 21/6245   Protecting personal data, e...

G06F 2221/2115   Third party

G06Q 20/04   Payment circuits

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4014   Identity check for transact...

G06Q 30/0225   Avoiding frauds

G07F 7/1008   Active credit-cards provide...

H04L 63/0421   Anonymous communication, i....

H04L 63/08   for authentication of entit...

H04L 63/0838   using one-time-passwords

Centralized Identification and Authentication System and Method

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

26 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Centralized Identification and Authentication System and Method

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links