SYSTEMS AND METHODS FOR AUTHENTICATING USER FOR SECURE DATA ACCESS USING MULTI-PARTY AUTHENTICATION SYSTEM

US 20170289120A1
Filed: 04/04/2016
Published: 10/05/2017
Est. Priority Date: 04/04/2016
Status: Abandoned Application

First Claim

Patent Images

1. A method for authenticating a user for accessing secure data from a first data provider, the method comprising:

receiving, by an authentication system of a second data provider, user credentials and authentication information associated with a user of the first data provider;

storing the user credentials and authentication information in an authentication profile associated with the user at the authentication system;

receiving, by the authentication system, user credentials from the first data provider;

detecting that the stored authentication profile includes user credentials that match the received user credentials;

transmitting a challenge message to a user device associated with the user, the challenge message prompting the user device for authentication information;

receiving a challenge response from the user device, the challenge response including collected authentication information;

authenticating the user based on the authentication profile and the collected authentication information of the challenge response; and

notifying, by the authentication system, the first data provider that the user is authenticated, wherein the first data provider permits the user to access the secure data in response to the user being authenticated.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for authenticating a user for accessing secure data from a first data provider is provided. The method is implemented by an authentication system of a second data provider. The method includes receiving user credentials and authentication information associated with a user and storing the user credentials and authentication information in an authentication profile associated with the user. The method further includes receiving user credentials from the first data provider, detecting that the stored authentication profile includes user credentials that match the received user credentials and transmitting a challenge message to a user device associated with the user. The challenge message prompts the user device for authentication information. The method additionally includes receiving a challenge response including collected authentication information from the user device, authenticating the user based on the authentication profile and the collected authentication information, and notifying the first data provider that the user is authenticated.

21 Citations

View as Search Results

24 Claims

1. A method for authenticating a user for accessing secure data from a first data provider, the method comprising:
- receiving, by an authentication system of a second data provider, user credentials and authentication information associated with a user of the first data provider;
  
  storing the user credentials and authentication information in an authentication profile associated with the user at the authentication system;
  
  receiving, by the authentication system, user credentials from the first data provider;
  
  detecting that the stored authentication profile includes user credentials that match the received user credentials;
  
  transmitting a challenge message to a user device associated with the user, the challenge message prompting the user device for authentication information;
  
  receiving a challenge response from the user device, the challenge response including collected authentication information;
  
  authenticating the user based on the authentication profile and the collected authentication information of the challenge response; and
  
  notifying, by the authentication system, the first data provider that the user is authenticated, wherein the first data provider permits the user to access the secure data in response to the user being authenticated.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method in accordance with claim 1, wherein the user credentials include at least one of payment card information, a phone number, a username, and a password.
  - 3. The method in accordance with claim 1, wherein the secure data includes at least one of a medical record, a bank account, and a student record of the user.
  - 4. The method in accordance with claim 1, wherein the authentication information includes at least one of biometric data and image data received from the customer.
  - 5. The method in accordance with claim 1, wherein authentication information includes at least one of device data and a unique identifier stored on the user device.
  - 6. The method in accordance with claim 1, wherein authenticating the user based on the authentication profile further comprises:
    - comparing the authentication profile and the collected authentication information; and
      
      authenticating the user if the authentication information of the authentication profile and the collected authentication information match.
  - 7. The method in accordance with claim 1, further configured to authenticate the user if the authentication information of the authentication profile and the collected authentication information of the challenge response match.
  - 8. The method in accordance with claim 1 further comprising transmitting, by the authentication system, a token that indicates the user is authenticated to access the secure data to the user device.

9. An authentication system for authenticating a user for accessing secure data from a first data provider, the authentication system comprising a processor and a memory in communication with the processor, wherein the processor is programmed to:
- receive user credentials and authentication information associated with a user of the first data provider;
  
  store the user credentials and authentication information in an authentication profile associated with the user at the authentication system;
  
  receive user credentials from the first data provider;
  
  detect that the stored authentication profile includes user credentials that match the received user credentials;
  
  transmit a challenge message to a user device associated with the user, the challenge message prompting the user device for authentication information;
  
  receive a challenge response from the user device, the challenge response including collected authentication information;
  
  authenticate the user based on the authentication profile and the collected authentication information of the challenge response; and
  
  notify the first data provider that the user is authenticated, wherein the first data provider permits the user to access the secure data in response to the user being authenticated.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The authentication system in accordance with claim 9, wherein the user credentials include at least one of payment card information, a phone number, a username, and a password.
  - 11. The authentication system in accordance with claim 9, wherein the secure data includes at least one of a medical record, a bank account, and a student record.
  - 12. The authentication system in accordance with claim 9, wherein the authentication information includes at least one of biometric data and image data received from a customer.
  - 13. The authentication system in accordance with claim 9, wherein the authentication information includes at least one of device data and unique identifier stored on the user device.
  - 14. The authentication system in accordance with claim 9, wherein the processor is further programmed to:
    - compare the authentication profile and the collected authentication information; and
      
      authenticate the user if the authentication information of the authentication profile and the collected authentication information match.
  - 15. The authentication system in accordance with claim 9, the processor further programmed to authenticate the user if the authentication information of the authentication profile and the collected authentication information of the challenge response match.
  - 16. The authentication system in accordance with claim 9, wherein the processor is further programmed to transmit the a token to the user device that indicates the user is authenticated to access the secure data.

17. A non-transitory computer-readable storage media for authenticating a user for access to secure data, the computer-readable storage media having computer-executable instructions embodied thereon, wherein, when executed by at least one processor, the computer-executable instructions cause the processor to:
- receive user credentials and authentication information associated with a user of a first data provider;
  
  store the user credentials and authentication information in an authentication profile associated with the user in a memory associated with the processor;
  
  receive user credentials from the first data provider;
  
  detect that the stored authentication profile includes user credentials that match the received user credentials;
  
  transmit a challenge message to a user device associated with the user, the challenge message prompting the user device for authentication information;
  
  receive a challenge response from the user device, the challenge response including collected authentication information;
  
  authenticate the user based on the authentication profile and the collected authentication information of the challenge response; and
  
  notify the first data provider that the user is authenticated, wherein the first data provider permits the user to access the secure data in response to the user being authenticated.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. The non-transitory computer-readable storage media in accordance with claim 17, wherein the user credentials include at least one of payment card information, a phone number, a username, and a password.
  - 19. The non-transitory computer-readable storage media in accordance with claim 17, wherein the secure data includes at least one of a medical record, a bank account, and a student record.
  - 20. The non-transitory computer-readable storage media in accordance with claim 17, wherein the authentication information includes at least one of biometric data and image data received from the customer.
  - 21. The non-transitory computer-readable storage media in accordance with claim 17, wherein the authentication information includes at least one of device data and a unique identifier stored on the user device.
  - 22. The non-transitory computer-readable storage media in accordance with claim 17, wherein the computer-executable instructions further causes the processor to:
    - compare the authentication profile and the collected authentication information; and
      
      authenticate the user if the authentication information of the authentication profile and the collected authentication information match.
  - 23. The non-transitory computer-readable storage media in accordance with claim 17, wherein the computer-executable instructions further causes the processor to authenticate the user if the authentication information of the authentication profile and the collected authentication information of the challenge response match.
  - 24. The non-transitory computer-readable storage media in accordance with claim 17, wherein the computer-executable instructions further causes the processor to transmit a token to the user device that indicates the user is authenticated to access the secure data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Original Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Inventors
Kohli, Manoneet

Application Number

US15/090,355
Publication Number

US 20170289120A1
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

H04L 63/0861   using biometrical features,...

H04L 63/102   Entity profiles

SYSTEMS AND METHODS FOR AUTHENTICATING USER FOR SECURE DATA ACCESS USING MULTI-PARTY AUTHENTICATION SYSTEM

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

21 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEMS AND METHODS FOR AUTHENTICATING USER FOR SECURE DATA ACCESS USING MULTI-PARTY AUTHENTICATION SYSTEM

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links