TWO-FACTOR AUTHENTICATION METHODS AND SYSTEMS

US 20150261948A1
Filed: 12/12/2014
Published: 09/17/2015
Est. Priority Date: 03/12/2014
Status: Abandoned Application

First Claim

Patent Images

1. A method of providing secondary authentication of a user performing a transaction comprising:

receiving a request for a secondary authentication from a target system that has received first authentication data;

identifying a user device associated with the user based on the request from the target system;

transmitting a notification to the user device;

receiving a confirmation or denial from the user device within a timeout interval; and

submitting an authorization to the target system if a confirmation is received from the user device, submitting a denial to the target system if a denial is received from the user device, or submitting a timeout signal to the target system if neither a confirmation or a denail is received from the user device within the timeout interval.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for two-factor authentication used to provide a user access to a target system. After receiving an initial login for a user, a notification is sent to a user device to confirm the transaction. The user may confirm or deny the transaction, alerting the user in real time of any possible fraudulent transactions.

52 Citations

View as Search Results

23 Claims

1. A method of providing secondary authentication of a user performing a transaction comprising:
- receiving a request for a secondary authentication from a target system that has received first authentication data;
  
  identifying a user device associated with the user based on the request from the target system;
  
  transmitting a notification to the user device;
  
  receiving a confirmation or denial from the user device within a timeout interval; and
  
  submitting an authorization to the target system if a confirmation is received from the user device, submitting a denial to the target system if a denial is received from the user device, or submitting a timeout signal to the target system if neither a confirmation or a denail is received from the user device within the timeout interval.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, further comprising determining if secondary authentication is required for a transaction initiated by a user.
  - 3. The method of claim 1, wherein identifying a user device associated with a user comprises comparing data received from the target system with one or more existing records to locate matching information.
  - 4. The method of claim 1, further comprising prompting the user for a authentication code if a timeout signal is received.
  - 5. The method of claim 1, wherein transmitting a notification to the user device comprises a network communication.
  - 6. The method of claim 1, wherein transmitting a notification to the user device comprises a short-range communication.
  - 7. The method of claim 1, wherein the notification is selected from the group consisting of Email, SMS, pop-up, and push notifications.
  - 8. The method of claim 1, further comprising submitting a provisioning request to a user and establish a record of a user and a provisioned user device.
  - 9. The method of claim 1, wherein the user device is a smartphone.
  - 10. The method of claim 9, wherein the user device includes a software application for receiving the notification and sending the confirmation.
  - 11. The method of claim 1, wherein the user device is a wearable device.
  - 12. The method of claim 1, wherein the user device is paired with a second user device and the confirmation is automatically transmitted by the user device if the second user device is within range of the user device.
  - 13. The method of claim 1, wherein the notification includes an advertisement from the target system.

14. A method of providing secondary authentication of a user accessing a target system comprising:
- receiving an access request including first authentication data into a target system;
  
  comparing the first authentication data to one or more records to find a match;
  
  identifying a user device associated with the user;
  
  transmitting a notification to the user device;
  
  receiving a confirmation or denial from the user device within a timeout interval; and
  
  permitting access to the user if a confirmation is received from the user device, denying access to the user if a denial is received from the user device, or initiating a timeout procedure if no response is received from the user device within the timeout interval.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The method of claim 14, further comprising submitting a request for secondary authentication from the target system to an authentication system and wherein identifying the user device associated with the user, transmitting the notification to the user device and receiving a confirmation or denial from the user device is performed by the authentication system.
  - 16. The method of claim 14, wherein the user performing the transaction accesses the target system by entering the first authentication data into a client that communicates with the target system and the first authentication data includes a username and password.
  - 17. The method of claim 14, wherein the timeout procedure includes the user device transmitting a one-time code to the user for input to the target system.
  - 18. The method of claim 14, wherein the access request to is to permit access to a user account.
  - 19. The method of claim 14, wherein the access request is to provide access for payment of goods or services.

20. A system providing secondary authentication of a user performing a transaction comprising:
- a target system having a target server and a target database containing one or more target user records, the target system configured to receive an input from a user client and compare the input to the one or more target user records; and
  
  an authentication system having an authentication server and an authentication database containing one or more authentication user records and a user device associated with each user record, the authentication system configured to receive data from the target system, compare the data to the one or more authentication user records, submit a notification to a user device, and receive a communication from the user device.
- View Dependent Claims (21, 22, 23)
- - 21. The system of claim 20, wherein the authentication system is configured to submit an authorization to the target system if a confirmation is received from the user device, submit a denial to the target system if a denial is received from the user device, or submitting a timeout signal to the target system if no response is received from the user device within a timeout interval.
  - 22. The system of claim 21, wherein the authentication server is configured to authenticate a one-time code if no response is received from the user device within a timeout interval.
  - 23. The system of claim 22, further comprising a first user in communication with the authentication system and a second user device paired to the first user device, the first user device configured to send a confirmation to the authentication system when the second user device is within range of the first user device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cognitas technologies, inc.
Original Assignee
Cognitas technologies, inc.
Inventors
Marra, Dario, Marra, Jorge

Application Number

US14/569,196
Publication Number

US 20150261948A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/42   using separate channels for...

H04L 2463/082   applying multi-factor authe...

H04L 63/0853   using an additional device,...

TWO-FACTOR AUTHENTICATION METHODS AND SYSTEMS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

52 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

TWO-FACTOR AUTHENTICATION METHODS AND SYSTEMS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

52 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links