Secure data entry and visual authentication system and method
First Claim
1. A secure data entry system for entering data into a computer-based system, comprising:
- a server subsystem adapted for generating display image information for a display image, said display image containing a plurality of icons, at least one of said plurality of icons being associated with corresponding icon location information within said display image and with data, said server subsystem including means for processing said display image information, means for storing said icon location information and said associated data for said display image, means for comparing said icon location information with selected icon location information associated with input data, and means for varying the icon location information for display images generated;
a client subsystem adapted for generating said display image from said display image information, said client subsystem including means for generating said display image, means for displaying said display image, and means for receiving input data from a user, including selection by said user of at least one of said plurality of icons within said display image; and
means for communicating said display image information from said server subsystem to said client subsystem and icon location information for said selected at least one icon from said client subsystem to said server subsystem;
said server subsystem comparing said selected icon location information to said stored icon location information and associated data for said display image in said server subsystem.
11 Assignments
0 Petitions
Accused Products
Abstract
The present invention is a secure data entry and visual authentication system that allows a user to securely input and communicate data, including passwords. The system includes a client subsystem (100), a server subsystem (200) and a communication subsystem (300). Server subsystem (200) generates a pseudorandomly arranged display image (250) including a plurality of icons associated with data, and transmits said display image to client subsystem (100) for display on a display device (104). A user consecutively selects at least one said icons corresponding to data desired to be input. Selected icon location information for those selected icons is communicated by client subsystem (100) to server subsystem (200), which then compares that selected icon location information to icon location information and associated data stored in memory (210) to ascertain the data input by the user.
427 Citations
31 Claims
-
1. A secure data entry system for entering data into a computer-based system, comprising:
-
a server subsystem adapted for generating display image information for a display image, said display image containing a plurality of icons, at least one of said plurality of icons being associated with corresponding icon location information within said display image and with data, said server subsystem including means for processing said display image information, means for storing said icon location information and said associated data for said display image, means for comparing said icon location information with selected icon location information associated with input data, and means for varying the icon location information for display images generated;
a client subsystem adapted for generating said display image from said display image information, said client subsystem including means for generating said display image, means for displaying said display image, and means for receiving input data from a user, including selection by said user of at least one of said plurality of icons within said display image; and
means for communicating said display image information from said server subsystem to said client subsystem and icon location information for said selected at least one icon from said client subsystem to said server subsystem;
said server subsystem comparing said selected icon location information to said stored icon location information and associated data for said display image in said server subsystem.- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A secure data entry system for entering data into a computer-based system, comprising:
-
a first computer-based subsystem adapted for generating display image information for a display image, each said display image containing a plurality of icons, at least one of said plurality of icons being associated with corresponding icon location information within said display image and with data, said first computer-based subsystem including a memory capable of storing said icon location information and said associated data for said display image, and further adapted for comparing said icon location information with location information associated with said input data and for varying the icon location information for display images generated;
a second computer-based subsystem adapted for generating said display image from said display image information, for displaying said display image, and for receiving input data from a user, said input data including selection by said user of at least one icon from said plurality of icons within said display image; and
a communications subsystem for communicating said display image information from said first computer-based subsystem to said second computer-based subsystem and icon location information for said selected at least one icon from said second computer-based subsystem to said first computer-based subsystem;
said first computer-based subsystem comparing said selected icon location information to said stored icon location information and associated data for said display image.
-
-
14. A secure data entry system for entering input data into a computer-based system, said data entry system comprising:
-
a first computer-based subsystem adapted for generating icon location information for a display image, said icon location information for said display image associated with at least one of a plurality of icons contained in said display image, and further associated with data, said first computer-based subsystem being further adapted for storing said icon location information and associated data for said display image, and for varying the icon location information for display images generated;
a second computer-based subsystem adapted for generating said display image from said icon location information, for displaying said display image and for receiving input data from a user, including selection of at least one icon from said display image; and
a communications subsystem for communicating said icon location information from said first computer-based subsystem to said second computer-based subsystem, and icon location information for said selected at least one icon from said second computer-based subsystem to said first computer-based subsystem, said first computer-based subsystem comparing said selected icon location information to said stored icon location information and associated data. - View Dependent Claims (15, 16)
-
-
17. A server subsystem for a secure data entry system, said server subsystem comprising:
-
means for generating display image information for a display image, said display image containing a plurality of icons, at least one of said plurality of icons being associated with corresponding icon location information within said display image, and further associated with data;
means for storing said icon location information and said associated data for said display image;
means for comparing said stored icon location information with selected icon location information received from a client subsystem by means of a commmunications subsystem, said selected icon location information reflecting selection of at least one icon from said display image by a user through said client subsystem, and said communications subsystem transmitting said display image information from said server subsystem to said client subsystem, and said selected icon location information from said client subsystem to said server subsystem for comparison with said stored icon location information and associated data for said display image; and
means for varying the icon location information for display images generated.
-
-
18. A client subsystem for a secure data entry system, said client subsystem comprising:
-
means for generating display images from display image information received from a server subsystem for each said display image, each said display image containing a plurality of icons, at least one of said plurality of icons being associated with corresponding icon location information within said display image and further associated with data, said server subsystem varying the icon location information for display images generated;
means for displaying said display image;
means for receiving input data from a user, including selection by said user of at least one of said plurality of icons within said display image; and
means for transmitting over a communications subsystem said selected icon location information to said server subsystem, for comparison with said at least one icon associated with corresponding icon location information and associated data for said display.
-
-
19. A communications subsystem for a secure data entry system, comprising:
-
means for communicating display image information for display images from a server subsystem to a client subsystem, and for communicating selected icon location information from said client subsystem to said server subsystem;
each said display image containing a plurality of icons, at least one of said plurality of icons being associated with corresponding icon location information within said display image and further associated with data;
said client subsystem generating said display image from said display image information, displaying said display image, receiving input from a user, including selection by said user of at least one icon from said plurality of icons within said display image; and
said server subsystem comparing said selected icon location information with said icon location information and data associated with said display image, and varying the icon location information for display images generated.
-
-
20. A method for entering data into a secure data entry system for a computer-based system, comprising:
-
(a) generating a display image, said display image containing a plurality of icons;
(b) associating at least one of said plurality of icons with corresponding icon location information within said display image, and with data;
(c) displaying said display image;
(d) receiving input data from a user reflecting said user'"'"'s selection of at least one icon from said plurality of icons in said display image;
(e) comparing said selected icon location information to said associated icon location information and associated data for said display image; and
(f) repeating steps (a) through (e) for a plurality of display images and at least one user, wherein the icon location information associated with said plurality of icons is varied for display images generated;
wherein at least one of the steps of the method is performed in a server subsystem of the computer-based system and the other steps are performed in a client subsystem of the computer-based system, said server subsystem and said client subsystem communicating by means of a communications subsystem.
-
-
21. A method for entering input data into a server subsystem of a secure data entry system, comprising:
-
(a) generating display image information for a display image, said display image containing a plurality of icons;
(b) associating at least one of said plurality of icons with corresponding icon location information within said display image, and with data;
(c) receiving from a client subsystem, by means of a communications subsystem, icon location information reflecting selection by a user of at least one of said plurality of icons;
(d) comparing said selected icon location information to said associated icon location information and associated data for said display image; and
(e) repeating steps (a) through (d) for any user, wherein the icon location information associated with said at least one icon is varied for display images generated. - View Dependent Claims (22)
-
-
23. A method for entering data into a client subsystem of a secure data entry system, comprising:
-
(a) receiving display image information for a display image from a server subsystem of said secure data entry system, said display image containing a plurality of icons, at least one of said plurality of icons being associated with corresponding icon location information within said display image and associated with data;
(b) generating said display image;
(c) displaying said display image;
(d) receiving input data from a user, said input data reflecting said user'"'"'s selection of at least one of said plurality of icons;
(e) transmitting said selected icon location information corresponding to said selection by said user of at least one of said plurality of icons from said display image to said server subsystem for comparison with said associated icon location information and associated data for said display image; and
(f) repeating steps (a) through (e) for any user, wherein the icon location information associated with said at least one icon is varied for display images generated.
-
-
24. A method for transmitting data in a communications subsystem of a secure data entry system, comprising:
-
(a) receiving display image information for transmission, said display image information corresponding to a display image containing a plurality of icons, at least one of said plurality of icons having icon location information for said display image associated with it, and further associated with data;
(b) transmitting said display image information;
(c) receiving icon location information for at least one icon selected by a user from said plurality of icons within said display image; and
(d) repeating steps (a) through (c), wherein the icon location information associated with said at least one of said plurality of icons is varied for display images generated. - View Dependent Claims (25)
-
-
26. A method for entering password data into a computer-based system comprising:
-
(a) receiving from a user a password and icon information for at least one icon corresponding to said password;
(b) storing said password and said associated icon information;
(c) generating display image information for a display image, said display image containing a plurality of icons, at least one of said plurality of icons corresponding to said password;
(d) generating said display image;
(e) displaying said display image;
(f) receiving input data from a user, including identification information for that user and selection of at least one of said plurality of icons in said display image;
(g) comparing said selected icon location information to said stored icon location information and said associated password data for said display image;
(h) repeating steps (c) through (g) until all of the at least one icon associated with said password have been displayed to said user; and
(i) repeating steps (c) through (h) for any user, wherein the icon location information associated with said at least one icon corresponding to said password is varied for display images generated;
wherein at least one of the steps of the method is performed in a server subsystem of the computer-based system and the other steps are performed in a client subsystem of the computer-based system, said server subsystem and said client subsystem communicating by means of a communications subsystem. - View Dependent Claims (27)
-
-
28. A method for entering password data into a computer-based system comprising:
-
(a) receiving from a client subsystem a password and icon information for at least one icon corresponding to that password;
(b) storing said password and said icon information;
(c) generating display image information for a display image, said display image containing a plurality of icons, said plurality of icons containing at least one of said at least one icon corresponding to said password;
(d) generating said display image;
(e) displaying said display image;
(f) receiving input data from a user, including selection by said user of identification information for that user and selection of at least one of said plurality of icons in said display image;
(g) generating selected icon location information corresponding to said selection of at least one icon from said display image by said user;
(h) comparing said selected icon location information. to said stored icon information and said associated password;
(i) repeating steps (c) through (h) until all of the at least one icon associated with said password have been displayed to said user; and
(j) repeating steps (c) through (i) for a user, wherein the icon location information associated with said at least one icon corresponding to said password is varied for display images generated. - View Dependent Claims (29)
-
-
30. A method for entering password data into a server subsystem of a computer-based system comprising:
-
(a) receiving a password and icon information for at least one icon corresponding to that password for a user;
(b) storing said password and said icon information;
(c) generating display image information for a display image, said display image containing a plurality of icons, said plurality of icons containing at least one of said at least one icon corresponding to said password;
(d) transmitting said display image information to a client subsystem;
(e) receiving from said client subsystem input data for a user, including selected icon location information corresponding to selection by said user of at least one of said plurality of icons in said display image;
(f) comparing said selected icon location information to said stored icon information and said associated password;
(g) repeating steps (c) through (f) until all of the at least one icon associated with said password have been displayed to said user; and
(h) repeating steps (c) through (g) for a user, wherein the icon location information associated with said at least one icon corresponding to said password is varied for display images generated.
-
-
31. A method for entering password data into a client subsystem of a computer-based system comprising:
-
(a) receiving a password and icon information for at least one icon corresponding to that password for a user;
(b) transmitting said password and said icon information to a server subsystem of said secure data entry system;
(c) receiving display image information for a display image, said display image containing a plurality of icons, said plurality of icons containing at least one of said at least one icon corresponding to said password;
(d) generating said display image from said display image information;
(e) receiving input data from a user, including selection by said user of at least one of said plurality of icons in said display image;
(f) transmitting selected icon location information to said server subsystem for comparison with stored icon information and said associated password;
(g) repeating steps (c) through (f) until all of the at least one icon associated with said password have been displayed to said user; and
(h) repeating steps (c) through (g) for a user, wherein the icon location information associated with said at least one icon corresponding to said password is varied for display images generated.
-
Specification