SYSTEM AND METHOD FOR USER AUTHENTICATION

US 20130081114A1
Filed: 09/20/2012
Published: 03/28/2013
Est. Priority Date: 09/22/2011
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a user, the method comprising:

generating at a validation server a unique user ID number and matching encryption key corresponding to the user;

transmitting the unique user ID number and matching encryption key to a user device;

generating a temporary access code based on the encryption key on the user device;

providing the unique user ID number and temporary access code to at least one organization server;

transmitting the unique user ID number and temporary access code to a validation server;

performing on the validation server a verification of the unique user ID number and temporary access code to obtain a validation result;

transmitting the validation result to the at least one organization server; and

authenticating the user at the at least one organization based on the validation result.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for providing authentication of a user is disclosed. The use of a non-confidential and unique user identification number and a temporary access code separates authentication of the user from transmission of any user passwords or user-identifiable data, as well as provides a ubiquitous means to authenticate the user with unrelated organizations, without any information passing between those organizations.

21 Citations

View as Search Results

15 Claims

1. A method of authenticating a user, the method comprising:
- generating at a validation server a unique user ID number and matching encryption key corresponding to the user;
  
  transmitting the unique user ID number and matching encryption key to a user device;
  
  generating a temporary access code based on the encryption key on the user device;
  
  providing the unique user ID number and temporary access code to at least one organization server;
  
  transmitting the unique user ID number and temporary access code to a validation server;
  
  performing on the validation server a verification of the unique user ID number and temporary access code to obtain a validation result;
  
  transmitting the validation result to the at least one organization server; and
  
  authenticating the user at the at least one organization based on the validation result.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, further comprising retrieving the encryption key matching the unique user ID number and generating a second code in the same fashion as the temporary access code was generated, and comparing the second code and the temporary access code to obtain either a positive or negative validation result.
  - 3. The method of claim 1, further comprising modifying a client database of the at least one organization server to provide a field for a unique user ID number for user records.
  - 4. The method of claim 1, further comprising providing to the user, from the at least one organization server, instructions to download client-based security software operable on the user device.
  - 5. The method of claim 1, further comprising performing a time synchronisation between the validation server and the user device.

6. A system for authenticating a user, the system comprising:
- a client-based security software component operable on at least one user device operable by the user;
  
  a server-based validation software component operable on at least one validation server; and
  
  at least one host organization server,wherein the server-based validation software component communicates with the client-based security software component to provide the user on the at least one user device with a unique user ID number and a corresponding encryption key, and wherein the host organization server authenticates the user by transmitting an authentication request to the at least one validation server, and wherein the server-based validation software component generates a validation result.
- View Dependent Claims (7, 8, 9, 10, 11)
- - 7. The system of claim 6, wherein the client-based security software component generates a temporary access code based on the unique user ID number and the corresponding encryption key, andwherein the user provides the unique user ID number and temporary access code to the host organization server.
  - 8. The system of claim 6, wherein the authentication request comprises the user ID number and temporary access code.
  - 9. The system of claim 6, wherein the host organization server runs a communication software component that communicates with the server-based validation software component.
  - 10. The system of claim 6, wherein the at least one device is a mobile device with computing and communication capability sufficient to operate the client-based security software component.
  - 11. The system of claim 6, wherein the device is selected from the group comprising:
    - a smartphone, a tablet computer, a laptop computer, a personal media player, a personal entertainment system, a kiosk and a smart terminal.

12. A computer readable storage medium storing instructions that, when executed on one or more computers, causes the computers to perform a method of authenticating a user, wherein said method comprises:
- generating at a validation server a unique user ID number and matching encryption key corresponding to the user;
  
  transmitting the unique user ID number and matching encryption key to a user device;
  
  generating a temporary access code based on the encryption key on the user device;
  
  providing the unique user ID number and temporary access code to at least one organization server;
  
  transmitting the unique user ID number and temporary access code to a validation server;
  
  performing on the validation server a verification of the unique user ID number and temporary access code to obtain a validation result;
  
  transmitting the validation result to the at least one organization server; and
  
  authenticating the user at the at least one organization based on the validation result.
- View Dependent Claims (13, 14, 15)
- - 13. The computer readable storage medium of claim 12, wherein said method further comprises retrieving the encryption key matching the unique user ID number and generating a second code in the same fashion as the temporary access code was generated, and comparing the second code and the temporary access code to obtain either a positive or negative validation result.
  - 14. The computer readable storage medium of claim 12, wherein said method further comprises modifying a client database of the at least one organization server to provide a field for a unique user ID number for user records.
  - 15. The computer readable storage medium of claim 12, wherein said method further comprises providing to the user, from the at least one organization server, instructions to download client-based security software operable on the user device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kinesis Identity Security System, Inc.
Original Assignee
Kinesis Identity Security System, Inc.
Inventors
BELL, Jonathan G., JENNINGS, Kenneth W.

Granted Patent

US 8,789,150 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

H04L 63/0823   using certificates cryptogr...

H04L 63/0846   using time-dependent-passwo...

H04L 63/0861   using biometrical features,...

H04L 63/0876   based on the identity of th...

H04L 63/0884   by delegation of authentica...

H04W 12/06   Authentication

SYSTEM AND METHOD FOR USER AUTHENTICATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

21 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR USER AUTHENTICATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links