Method and apparatus for user authentication
First Claim
1. In a system for providing user services electronically using a communications network, a method comprising the steps of:
- (a) entering a user'"'"'s personal identification string of two or more characters;
(b) determining a character position of the user'"'"'s personal identification string;
(c) generating a code;
(d) combining the code with the user'"'"'s personal identification string at the determined character position to generate a user identification code; and
(e) transmitting the user identification code along with a user'"'"'s service request over the communications network.
1 Assignment
0 Petitions
Accused Products
Abstract
A user authentication service is disclosed which is both highly secure and user friendly. To access a particular service, a user simply enters a personal identification type number (PIN) using a portable terminal device which encodes the PIN. More specifically, a character position of the user'"'"'s PIN is determined, and a random code having a length selectable at each service transaction by the user is generated. The user'"'"'s PIN is encrypted using one of plural available, pseudo-randomly encrypting algorithms to provide an encrypted PIN. The encrypted PIN is then combined with the code at the determined position before being transmitted over a communications network. When received, the encoded PIN is decoded using an analogous procedure to determine if the user is authorized. A plurality of security levels are provided with each level having a plurality of encryption algorithms and with each increasing level providing encryption algorithms of increasing complexity and sophistication. A user may also change a current PIN from the portable device easily and securely without having to contact a service center.
-
Citations
54 Claims
-
1. In a system for providing user services electronically using a communications network, a method comprising the steps of:
-
(a) entering a user'"'"'s personal identification string of two or more characters; (b) determining a character position of the user'"'"'s personal identification string; (c) generating a code; (d) combining the code with the user'"'"'s personal identification string at the determined character position to generate a user identification code; and (e) transmitting the user identification code along with a user'"'"'s service request over the communications network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A user service requesting device for permitting a user to request user services electronically over a communications network, comprising:
-
a keypad for entering a request for a particular user service and a user'"'"'s personal identification string; a memory for storing a user authentication program and plural encoding algorithms; data processing circuitry for performing the steps of; (a) determining a character position of the user'"'"'s personal identification string; (b) generating a code; (c) encoding the user'"'"'s personal identification string using one of the encoding algorithms to provide an encoded identification string; and (d) combining the code with the encoded identification string at the determined character position to generate a user identification code; and communications circuitry for providing the user identification code along with the user'"'"'s service request to the communications network. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A user authentication service for authenticating an identity of a user requesting a service over a communications network, comprising the steps of:
-
(a) storing for each of a plurality of subscribers a subscriber identification number along with a corresponding personal identification character string; (b) receiving a request to authenticate an identity of a user requesting a service over a communications network and determining a subscriber identification number corresponding to the user; (c) prompting the user over the communications network to enter a personal identification character string and receiving an encoded character string; (d) determining a code length based on a difference between the retrieved string and the encoded string to provide a number of code characters; (e) determining a character position; (f) removing the number of code characters beginning at the determined character position leaving a reduced character string; (g) decoding the reduced character string using one of plural decoding algorithms to provide a user entered personal identification character string; and (h) comparing the user entered character string with the stored character string corresponding to the determined subscriber identification number. - View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45)
-
- 46. A user authentication service providing a user with a plurality of different security levels in conducting electronic service requests including for each security level one or more memories storing a plurality of encryption algorithms wherein the user selects a security level and a number of encryption algorithms from the plurality of encryption algorithms corresponding to the selected level.
-
49. A method of encrypting a personal identification string, comprising:
-
(a) entering a personal identification string, and (b) inserting a random code in between characters in the personal identification string at a predetermined position that varies each time the personal identification string is entered. - View Dependent Claims (50, 52, 53, 54)
-
-
51. A method of encrypting a personal identification string, comprising:
-
(a) entering a personal identification string, and (b) inserting a random code in between characters in the personal identification string, wherein a length of the code may vary each time the personal identification string is entered.
-
Specification