USER AUTHENTICATION
3 Assignments
0 Petitions
Accused Products
Abstract
User Authentication A mobile user authentication application is operable to perform one or more of the following operations: •authenticate a user in a voice call to a telephony service, by passing an authentication code to the telephony service within the voice call [FIGS. 2, 2c]; •validate a user instruction during a secure messaging session [FIG. 3]; and •authenticate a user at a physical local service by obtaining a challenge code at that local service, validating the challenge code with a remote authentication service, obtain a confirmation code from the authentication service and presenting the confirmation code for validation at the local service [FIGS. 4, 4a and 4b].
60 Citations
71 Claims
-
1-38. -38. (canceled)
-
39. A method of user authentication by a mobile device, the method comprising the steps of:
-
a) generating a challenge code independently of any user authentication session; b) presenting the challenge code so as to be accessible to the mobile device; c) capturing the challenge code at the mobile device; d) sending a response code derived from the challenge code from the mobile device to an authentication service, e) validating the response code at the authentication service and sending a confirmation code to the mobile device if the response code is validated; f) outputting the confirmation code at the mobile device; g) capturing the confirmation code from the mobile device; and h) authenticating the user by the confirmation code. - View Dependent Claims (40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58)
-
-
59. A method of user authentication by an application on a mobile telephony device, the method comprising the steps of:
-
a) registering the application on the mobile telephony device with a remote authentication service, to generate one or more cryptographic keys for secure communication between the application and the remote authentication service; b) authenticating the user by interaction with the application, to receive a call identifier from the remote authentication service; c) initiating a telephone call to a remote telephony service, and after the telephone call has been connected to the remote telephony service, d) sending the call identifier within the telephone call to the remote telephony service, by which the user is authenticated to the remote telephony service. - View Dependent Claims (60, 61, 62, 63, 64, 65, 66, 67, 68, 69)
-
-
70. A system comprising:
-
a) a mobile device running a mobile application; and b) a local service; wherein the local service presents a challenge code; and the mobile application captures the challenge code, and outputs a confirmation code in response to a validation of the challenge code; and the local service captures and validates the confirmation code. - View Dependent Claims (71)
-
Specification