COMPUTER PROGRAM AND METHOD FOR ADMINISTERING SECURE TRANSACTIONS USING SECONDARY AUTHENTICATION

US 20130239173A1
Filed: 03/12/2012
Published: 09/12/2013
Est. Priority Date: 03/12/2012
Status: Abandoned Application

First Claim

Patent Images

1. A non-transitory computer-readable storage medium with an executable program stored thereon for administering secure transactions using secondary authentication, wherein the program instructs a processor to perform the following steps:

receiving a transaction request from a user using a first client device;

determining whether the requested transaction is a type of transaction that is already approved;

determining whether one or more current parameters of the transaction are within limits that are already established if the type of transaction is already approved;

transmitting a secondary authentication request to the user to approve the transaction if the current parameters are outside of already established limits or if the type of transaction is not already approved;

receiving a response to the secondary authentication request from the user;

determining from the response whether the user approved the transaction;

aborting the transaction if the user denies the transaction; and

performing the transaction if the user approves the transaction or if the type of transaction is already approved and the current parameters are within already established limits.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Administering secure transactions using secondary authentication includes receiving a transaction request from a user using a first client device, determining whether the requested transaction is a type of transaction that is already approved, determining whether one or more current parameters of the transaction are within limits that are already established if the type of transaction is already approved, transmitting a secondary authentication request to the user to approve the transaction if the current parameters are outside of already established limits or if the type of transaction is not already approved, receiving a response to the secondary authentication request from the user, determining from the response whether the user approved the transaction, aborting the transaction if the user denies the transaction, and performing the transaction if the user approves the transaction or if the type of transaction is already approved and the current parameters are within already established limits.

45 Citations

View as Search Results

22 Claims

1. A non-transitory computer-readable storage medium with an executable program stored thereon for administering secure transactions using secondary authentication, wherein the program instructs a processor to perform the following steps:
- receiving a transaction request from a user using a first client device;
  
  determining whether the requested transaction is a type of transaction that is already approved;
  
  determining whether one or more current parameters of the transaction are within limits that are already established if the type of transaction is already approved;
  
  transmitting a secondary authentication request to the user to approve the transaction if the current parameters are outside of already established limits or if the type of transaction is not already approved;
  
  receiving a response to the secondary authentication request from the user;
  
  determining from the response whether the user approved the transaction;
  
  aborting the transaction if the user denies the transaction; and
  
  performing the transaction if the user approves the transaction or if the type of transaction is already approved and the current parameters are within already established limits.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The computer-readable storage medium of claim 1, wherein the transaction request is received on a first communications channel and the secondary authorization request is transmitted on a second communications channel, different from the first communications channel.
  - 3. The computer-readable storage medium of claim 2, wherein the first communications channel utilizes a first type of data encryption and the second communications channel utilizes a second type of data encryption.
  - 4. The computer-readable storage medium of claim 2, wherein the first communications channel carries data transmissions and the second communications channel carries voice transmissions.
  - 5. The computer-readable storage medium of claim 2, wherein the first communications channel includes a first communications software application executing on the first client device and the second communications channel includes a second communication software application executing on the first client device.
  - 6. The computer-readable storage medium of claim 1, wherein the secondary authorization request is transmitted so that the user receives the request on a second client device.
  - 7. The computer-readable storage medium of claim 1, wherein the secondary authorization request includes a verbal description of the requested transaction.
  - 8. The computer-readable storage medium of claim 1, wherein the secondary authorization request includes a short message service text description of the requested transaction.
  - 9. The computer-readable storage medium of claim 1, wherein the secondary authorization request includes a phone call transmitted to a phone of the user.

10. A method of administering secure transactions using secondary authentication, the method comprising the steps of:
- receiving, with a server device, a transaction request from a user using a first client device;
  
  determining whether the requested transaction is a type of transaction that is already approved;
  
  determining whether one or more current parameters of the transaction are within limits that are already established if the type of transaction is already approved;
  
  transmitting a secondary authentication request to the user to approve the transaction if the current parameters are outside of already established limits or if the type of transaction is not already approved;
  
  receiving a response to the secondary authentication request from the user;
  
  determining from the response whether the user approved the transaction;
  
  aborting the transaction if the user denies the transaction; and
  
  performing the transaction if the user approves the transaction or if the type of transaction is already approved and the current parameters are within already established limits.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The method of claim 10, wherein the transaction request is received on a first communications channel and the secondary authorization request is transmitted on a second communications channel, different from the first communications channel.
  - 12. The method of claim 11, wherein the first communications channel utilizes a first type of data encryption and the second communications channel utilizes a second type of data encryption.
  - 13. The method of claim 11, wherein the first communications channel carries data transmissions and the second communications channel carries voice transmissions.
  - 14. The method of claim 11, wherein the first communications channel includes a first communications software application executing on the first client device and the second communications channel includes a second communications software application executing on the first client device.
  - 15. The method of claim 10, wherein the secondary authorization request is transmitted so that the user receives the request on a second client device.
  - 16. The method of claim 10, wherein the secondary authorization request includes a verbal description of the requested transaction.
  - 17. The method of claim 10, wherein the secondary authorization request includes a short message service text description of the requested transaction.
  - 18. The method of claim 10, wherein the secondary authorization request includes a phone call transmitted to a phone of the user.

19. A non-transitory computer-readable storage medium with an executable program stored thereon for automatically enrolling users for access to secure data resources, wherein the program instructs a processor to perform the following steps:
- receiving a user enrollment request from a requester;
  
  preparing a verification request that includes a plurality of usernames and a plurality of contact identifiers, each username corresponding to a user and associated with one contact identifier;
  
  transmitting the verification request to a third party server device;
  
  receiving verification results from the third party server device; and
  
  enrolling users whose username and contact identifier were verified by the third party server device.
- View Dependent Claims (20, 21, 22)
- - 20. The computer-readable storage medium of claim 19, further including the step of not enrolling users whose username and contact identifier were not verified by the third party server device.
  - 21. The computer-readable storage medium of claim 20, further including the step of reporting to the requester the users who were enrolled and the users that were not enrolled.
  - 22. The computer-readable storage medium of claim 19, wherein the contact identifier includes a telephone number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Dispensa, Stephen T.

Application Number

US13/418,043
Publication Number

US 20130239173A1
Time in Patent Office

Days
Field of Search
US Class Current

726/2
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 21/43   wireless channels

G06Q 20/401   Transaction verification

G06Q 20/405   Establishing or using trans...

G06Q 20/42   Confirmation, e.g. check or...

COMPUTER PROGRAM AND METHOD FOR ADMINISTERING SECURE TRANSACTIONS USING SECONDARY AUTHENTICATION

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

45 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

COMPUTER PROGRAM AND METHOD FOR ADMINISTERING SECURE TRANSACTIONS USING SECONDARY AUTHENTICATION

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

45 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links