ACTION VERIFICATION METHODS AND SYSTEMS
First Claim
1. A method of verifying that an action is authorised by a user, including:
- receiving a request from a first user device to a remote service via a first communications channel to perform an action at the remote service,receiving a user identifier from the first user device via the first communications channel, the user identifier identifying the user,associating the user identifier with data relating to the requested action,communicating the data to a second user device associated with the same user identifier via a second communications channel,receiving a user verification code associated with the user identifier, anddetermining if the user verification code includes the data, which is digitally signed using a code generation algorithm based on at least a key associated with the user identifier, the digitally signed data verifying that the action is authorised by the user.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to a method of verifying that an action is authorised by a user, including receiving a request from a first user device to a remote service via a first communications channel to perform an action at the remote service, receiving a user identifier from the first user device via the first communications channel, the user identifier identifying the user, associating the user identifier with data relating to the requested action, communicating the data to a second user device associated with the same user identifier via a second communications channel, receiving a user verification code associated with the user identifier, and determining if the user verification code includes the data, which is digitally signed using a code generation algorithm based on at least a key associated with the user identifier, the digitally signed data verifying that the action is authorised by the user.
14 Citations
33 Claims
-
1. A method of verifying that an action is authorised by a user, including:
-
receiving a request from a first user device to a remote service via a first communications channel to perform an action at the remote service, receiving a user identifier from the first user device via the first communications channel, the user identifier identifying the user, associating the user identifier with data relating to the requested action, communicating the data to a second user device associated with the same user identifier via a second communications channel, receiving a user verification code associated with the user identifier, and determining if the user verification code includes the data, which is digitally signed using a code generation algorithm based on at least a key associated with the user identifier, the digitally signed data verifying that the action is authorised by the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method of a user authorising an action at a remote service, including:
-
communicating a request from a first user device to a remote service via a first communications channel to perform an action at the remote service, communicating a user identifier from the first user device to the remote service via the first communications channel, the user identifier identifying the user, receiving data relating to the requested action at a second user device associated with the same user identifier via a second communications channel, executing a code generation algorithm on the second user device to digitally sign the data thereby generating a user verification code, the code generation algorithm being based on at least a key associated with the user identifier, communicating the generated user verification code to the remote service, the user verification code enabling the remote service to verify that the action is authorised by the user. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A method of verifying that an action is authorised by a user, including:
-
receiving a request from a first user device to a remote service via a first communications channel to perform an action at the remote service, receiving a user identifier from the first user device via the first communications channel, the user identifier identifying the user, associating the user identifier with data relating to the requested action, communicating the data to a second user device associated with the same user identifier via a second communications channel, executing a code generation algorithm on the second user device to digitally sign the data thereby generating a user verification code, the code generation algorithm being based on at least a key associated with the user identifier, communicating the user verification code to the remote service, the remote service determining if the user verification code includes the data, which is digitally signed using at least the key associated with the user identifier, the digitally signed data verifying that the action is authorised by the user.
-
-
30. (canceled)
-
31. (canceled)
-
32. (canceled)
-
33. A remote service system including:
-
a communications port, a processor, a memory, and software resident in memory accessible to the processor, the software including a series of instructions executable by the processor to carry out a method of verifying that an action is authorised by a user, including; receiving a request from a first user device to a remote service via a first communications channel to perform an action at the remote service, receiving a user identifier from the first user device via the first communications channel, the user identifier identifying the user, associating the user identifier with data relating to the requested action, communicating the data to a second user device associated with the same user identifier via a second communications channel, receiving a user verification code associated with the user identifier, and determining if the user verification code includes the data, which is digitally signed using a code generation algorithm based on at least a key associated with the user identifier, the digitally signed data verifying that the action is authorised by the user.
-
Specification