System and Method of Generating and Using Bilaterally Generated Variable Instant Passwords

US 20150319159A1
Filed: 06/12/2015
Published: 11/05/2015
Est. Priority Date: 04/02/2007
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a USER and a SERVICE PROVIDER using variable passwords, the method comprising:

storing an authentication device comprised of a primary variable character set and at least one secondary variable character set that is a derivative of the primary variable character set in the memory of at least one device;

the primary variable character set is comprised of at least one member of a group consisting of a master variable character set, and a variable character set;

the secondary variable character set is comprised of at least one member of a group consisting of a variable character set, a sub variable character set, and a sub variable character set of level 2 or more;

the primary character set and the at least one secondary variable character set are comprised of a plurality of character units, each of the plurality of character units is associated with a unique character unit serial number;

establishing a connection between a USER and a SERVICE PROVIDER;

requesting a USER name from the USER;

in response to the USER name entered by the USER, the SERVICE PROVIDER identifies the primary variable character set and the at least one secondary variable character set associated with the USER name and issues a CALL to the USER, wherein the CALL is comprised of two or more randomly selected character unit serial numbers selected from the secondary variable character set;

in response to the CALL, the USER enters a password comprised of the character units associated with the character unit serial numbers of the CALL;

verifying the password entered by the USER by comparing the character units thereof against the character units associated with the character unit serial numbers of the secondary variable character set used for the CALL; and

authenticating the USER upon receiving a valid password.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Implementations of a system and method of generating and using bilaterally generated variable instant passwords are provided. In some implementations, the Bilaterally Generated Variable Instant Password System is a Password generation and authentication system that may be used to secure electronic transactions (e.g., a stock market transaction). The system works by authenticating a user at the beginning of a session and at the initiation of any subsequent transactions that occur during the same session. The initial password is entered by the user while additional passwords required to authenticate subsequent transactions are generated by the system without any effort on the part of the user. The passwords are used as encryption keys to encrypt each transaction and may be used to limit a user'"'"'s access to specific portions of a service providers system. A variety of authentication devices may be used to generate system passwords.

17 Citations

View as Search Results

22 Claims

1. A method of authenticating a USER and a SERVICE PROVIDER using variable passwords, the method comprising:
- storing an authentication device comprised of a primary variable character set and at least one secondary variable character set that is a derivative of the primary variable character set in the memory of at least one device;
  
  the primary variable character set is comprised of at least one member of a group consisting of a master variable character set, and a variable character set;
  
  the secondary variable character set is comprised of at least one member of a group consisting of a variable character set, a sub variable character set, and a sub variable character set of level 2 or more;
  
  the primary character set and the at least one secondary variable character set are comprised of a plurality of character units, each of the plurality of character units is associated with a unique character unit serial number;
  
  establishing a connection between a USER and a SERVICE PROVIDER;
  
  requesting a USER name from the USER;
  
  in response to the USER name entered by the USER, the SERVICE PROVIDER identifies the primary variable character set and the at least one secondary variable character set associated with the USER name and issues a CALL to the USER, wherein the CALL is comprised of two or more randomly selected character unit serial numbers selected from the secondary variable character set;
  
  in response to the CALL, the USER enters a password comprised of the character units associated with the character unit serial numbers of the CALL;
  
  verifying the password entered by the USER by comparing the character units thereof against the character units associated with the character unit serial numbers of the secondary variable character set used for the CALL; and
  
  authenticating the USER upon receiving a valid password.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1, further comprising a CALL being issued to the SERVICE PROVIDER by the USER, wherein the CALL is comprised of two or more randomly selected character unit serial numbers selected from the secondary variable character set;
    - in response to the CALL initiated by the USER, the SERVICE PROVIDER enters a password comprised of the character units associated with the character unit serial numbers of the secondary variable character set used for the CALL received from the USER.
  - 3. The method of claim 1, wherein the password entered by the USER further comprises an identifier for the secondary variable character set used by the SERVICE PROVIDER to issue the CALL, the identifier is comprised of one or more characters.
  - 4. The method of claim 1, wherein the number of randomly selected character unit serial numbers used during any CALL does not exceed the total number of character unit serial numbers found on the secondary variable character set.
  - 5. The method of claim 1, further comprising the application of font property variations to one or more basic characters of each character unit identified in the CALL after an agreement between the USER and the SERVICE PROVIDER has occurred.
  - 6. The method of claim 5, wherein the font property variations applied to the basic characters include at least one member of a group consisting of font type change, bold, underline, color change, font size, and italics.
  - 7. The method of claim 1, further comprising a step of transforming the character units of the secondary variable character set into new character units and therefrom creating a new secondary variable character set, the transformation of the secondary variable character set occurring in response to a CALL after an agreement between the USER and the SERVICE PROVIDER has occurred.
  - 8. The method of claim 1, wherein the SERVICE PROVIDER uses a master variable character set as the primary variable character set and the USER uses a sub variable character set.
  - 9. The method of claim 1, wherein the chance of a sequence of character unit serial numbers used during any first CALL being repeated during a subsequent CALL may be calculated by the following relationship, 1/(C6̂
    - C7)=X, where,X is the chance of a sequence of character unit serial numbers being repeated;
      
      C6 is the number of character units found on the authentication device; and
      
      C7 is the number of character units uses in a password.
  - 10. The method of claim 1, wherein the character unit serial numbers used as part of the CALL have not been used in a previously issued CALL.
  - 11. The method of claim 10, further comprising the application of font property variations to one or more of the basic characters of the character units of the at least one secondary variable character set in response to the character unit serial numbers having all been used as part of previous CALLs.
  - 12. The method of claim 11, wherein the font property variations applied to the basic characters include at least one member of a group consisting of font type change, bold, underline, color change, font size, and italics.
  - 13. The method of claim 1, wherein the plurality of character units are comprised of one or more basic characters, each basic character is a letter, a symbol, or a number.
  - 14. The method of claim 1, further comprising:
    - recording the IP address of the SERVICE PROVIDER;
      
      creating an encrypted electronic folder containing at least the password for the SERVICE PROVIDER initiated CALL, the encrypted electronic folder may only be opened by the SERVICE PROVIDER from the recorded IP address of the SERVICE PROVIDER;
      
      verifying the IP address of the SERVICE PROVIDER; and
      
      allowing the SERVICE PROVIDER access to the encrypted electronic folder.
  - 15. The method of claim 2, further comprising:
    - recording the IP address of the USER;
      
      creating an encrypted electronic folder containing at least the password for the USER initiated CALL, the encrypted electronic folder may only be opened by the USER from the recorded IP address of the USER;
      
      verifying the IP address of the USER; and
      
      allowing the USER access to the encrypted electronic folder.
  - 16. The method of claim 1, further comprising:
    - recording the character unit serial numbers issued as the CALL to the USER;
      
      using a means to generate a new secondary variable character set from the recorded character unit serial numbers and the character units associated therewith; and
      
      using the new secondary variable character set in place of the secondary variable character set for future CALLs and passwords.
  - 17. The method of claim 1, wherein a computer program is used by the USER to provide PASSWORDs in response to CALLs received from the SERVICE PROVIDER, the method further comprising:
    - in response to a second CALL received from the SERVICE PROVIDER, allowing the computer program to enter a password comprised of the character units associated with the character unit serial numbers of the second CALL received from the SERVICE PROVIDER.
  - 18. The method of claim 2, wherein a computer program is used by the USER to issue additional CALLs to the SERVICE PROVIDER after the initial CALL, the method further comprising:
    - issuing a second CALL to the SERVICE PROVIDER using the computer program, wherein the second CALL is comprised of two or more randomly selected character unit serial numbers selected from the secondary variable character set; and
      
      in response to the second CALL initiated by the computer software, the SERVICE PROVIDER enters a password comprised of the character units associated with the character unit serial numbers of the second CALL received from the computer software.

19. A method of classifying a USER upon gaining access to the system of a SERVICE PROVIDER using variable passwords, the system comprising a server for controlling access to a domain and a memory device containing a USER data base, the USER connecting to the server by a network using a computer, the method comprising:
- storing an authentication device comprised of a master variable character set and a secondary variable character set that is a derivative of the master variable character set in the memory of at least one device, the secondary variable character set comprised of at least one member of a group consisting of a sub variable character set, and a sub variable character set of level 2 or more;
  
  the master variable character set and the secondary variable character set are comprised of a plurality of character units, each of the plurality of character units is associated with a unique character unit serial number;
  
  associating the secondary variable character set with a USER name;
  
  associating the USER name with a first USER group;
  
  assigning a two part identifier to the USER name, a first part of the two part identifier is used to specify the USER group to which the USER name has been associated, a second part of the two part identifier is used to identify the secondary variable character set associated with the USER name;
  
  establishing a connection between a USER and a SERVICE PROVIDER;
  
  requesting a USER name from the USER;
  
  in response to the USER name entered by the USER, the SERVICE PROVIDER identifies the master variable character set and the secondary variable character set associated with the USER name and issues a CALL to the USER, wherein the CALL is comprised of two or more randomly selected character unit serial numbers selected from the secondary variable character set and a request for the second part of the two part identifier assigned to the USER name;
  
  in response to the CALL, the USER enters a password comprised of the character units associated with the character unit serial numbers of the CALL and the second part of the two part identifier;
  
  verifying the password entered by the USER by comparing the character units thereof against the character units associated with the character unit serial numbers of the secondary variable character set sent as part of the CALL and using the second part of the two part identifier sent with the password to identify the USER group to which the USER name has been associated;
  
  authenticating the USER upon receiving a valid password; and
  
  allowing a user to access to at least one portion of the SERVICE PROVIDER'"'"'s system based on the USER group to which the USER name has been associated.

20. A computer implemented method of authenticated dialogue initiation between a USER and a secondary party using variable passwords, the method comprising:
- storing an authentication device comprised of a variable character set in the memory of at least one device;
  
  the variable character set is comprised of a plurality of character units, each of the plurality of character units is associated with a unique character unit serial number;
  
  making the variable character set publically available;
  
  establishing a connection between a USER and the secondary party;
  
  providing a IP address of the secondary party to the USERissuing a CALL to the secondary party, wherein the CALL is comprised of two or more randomly selected character unit serial number selected from the variable character set;
  
  in response to the CALL, the secondary party enters a password comprised of the character units associated with the character unit serial numbers of the CALL and provides the IP address;
  
  in response to receiving the password, the USER validates the password entered by the secondary party by comparing the character units thereof against the character units associated with the character unit serial numbers used for the CALL; and
  
  authenticating the secondary party upon receiving a valid password, wherein the secondary party now has access to the USER'"'"'s computer system.

21. A method of authenticating an unknown USER through an Internet Service Provider to a SERVICE PROVIDER using variable passwords, the method comprising:
- the Internet Service Provider transmitting a request to transact with the SERVICE PROVIDER received from the USER to the SERVICE PROVIDER;
  
  creating a folder containing a temporary sub variable character set for the Internet Service Provider;
  
  generating a first CALL using the temporary sub variable character set, wherein the first CALL is comprised of two or more randomly selected character unit serial numbers selected from the temporary sub variable character set for the Internet Service Provider;
  
  the temporary variable character set for the Internet Service Provider is comprised of a plurality of character units, each of the plurality of character units is associated with a unique character unit serial number;
  
  creating a sub-folder within the folder, the sub-folder containing a USER name, a temporary variable character set for the unknown USER, a second CALL, and a message, wherein the second CALL is comprised of two or more randomly selected character unit serial numbers selected from the temporary sub variable character set for the USER;
  
  the temporary variable character set for the USER is comprised of a plurality of character units, each of the plurality of character units is associated with a unique character unit serial number;
  
  transmitting the folder to the Internet Service Provider;
  
  in response to the first CALL, the Internet Service Provider enters a first password comprised of the character units associated with the character unit serial numbers of the first CALL and opens the folder;
  
  transmitting the sub-folder to the unknown USER;
  
  transmitting a third password used to open the sub-folder to the unknown USER;
  
  opening the sub-folder after entering the third password;
  
  accessing a website of the SERVICE PROVIDER and entering the USER name retrieved from the sub-folder;
  
  creating a second folder containing a second password for the second CALL retrieved from the sub-folder;
  
  transmitting the second folder to the SERVICE PROVIDER;
  
  in response to receiving the second folder, the SERVICE PROVIDER verifies the USER name of the unknown USER and verifies the second password provided by the USER by comparing the character units thereof against the character units associated with the character unit serial numbers of the temporary variable character set for the unknown USER; and
  
  authenticating the USER upon receiving a valid password and a valid USER name.
- View Dependent Claims (22)
- - 22. The method of claim 21, further comprising:
    - recording the unknown USER'"'"'s IP address;
      
      verifying the IP address of the unknown USER and allowing access to the sub-folder; and
      
      recording the SERVICE PROVIDER'"'"'s IP address;
      
      verifying the IP address of the SERVICE PROVIDER and allowing access to the second folder.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Abdul Rahman Syed Ibrahim Abdul Hameed Khan
Original Assignee
Abdul Rahman Syed Ibrahim Abdul Hameed Khan
Inventors
ABDUL HAMEED KHAN, ABDUL RAHMAN SYED IBRAHIM

Granted Patent

US 9,813,415 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/083   using passwords cryptograph...

H04L 63/0838   using one-time-passwords

H04L 63/105   Multiple levels of security

H04L 67/14   Session management for real...

H04L 67/53   using third party service p...

H04W 12/06   Authentication

H04W 12/065   Continuous authentication

H04W 12/08   Access security

H04W 12/40   Security arrangements using...

System and Method of Generating and Using Bilaterally Generated Variable Instant Passwords

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

17 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

System and Method of Generating and Using Bilaterally Generated Variable Instant Passwords

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

17 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links