System and method for authentication of network users with preprocessing

US 6,282,658 B2
Filed: 05/20/1999
Issued: 08/28/2001
Est. Priority Date: 05/21/1998
Status: Expired due to Term

- Alert
- Pin

First Claim

Patent Images

1. A method for authenticating a user of a network based on input received from the user, said method comprising:

(a) receiving the input from the user, the input comprising information stored in a plurality of fields relating to identification of the user;

(b) preprocessing at least some of the information for reliability, including performing at least one task selected from the group of tasks consisting of (1) checking format of at least some of the information;

(2) comparing at least some of the information against a record of known data; and

(3) ensuring that at least some of the information is present in the record of known data; and

(c) if the preprocessing is successful, performing authentication based on the input by comparing at least some of the information against a database comprising a record of the user'"'"'s credit history as compiled from a plurality of the user'"'"'s creditors.

View all claims

1 Assignment

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

A network authentication system provides verification of the identity or other attributes of a network user to conduct a transaction, access data or avail themselves of other resources. The user is presented with a hierarchy of queries based on wallet-type (basic identification) and non-wallet type (more private) information designed to ensure the identity of the user and prevent fraud, false negatives and other undesirable results. A preprocessing stage is employed to ensure correct formatting of the input information and clean up routine mistakes (such as missing digits, typos, etc.) that might otherwise halt the transaction. The authenticator can be configured to require differing levels of input or award differing levels of authentication according to security criteria.

409 Citations

29 Claims

1. A method for authenticating a user of a network based on input received from the user, said method comprising:
- (a) receiving the input from the user, the input comprising information stored in a plurality of fields relating to identification of the user;
  
  (b) preprocessing at least some of the information for reliability, including performing at least one task selected from the group of tasks consisting of (1) checking format of at least some of the information;
  
  (2) comparing at least some of the information against a record of known data; and
  
  (3) ensuring that at least some of the information is present in the record of known data; and
  
  (c) if the preprocessing is successful, performing authentication based on the input by comparing at least some of the information against a database comprising a record of the user'"'"'s credit history as compiled from a plurality of the user'"'"'s creditors.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein (b) is performed remotely from the location at which (c) occurs.
  - 3. The method of claim 1, wherein at least some of the information includes social security number related information.
  - 4. The method of claim 3, wherein the record of known data is a list of invalid social security numbers, further comprising ensuring that the user'"'"'s social security number is not present in the list of invalid social security numbers.
  - 5. The method of claim 3, wherein the record of known data is a list of valid telephonic area codes for a geographical location, further comprising ensuring that the user'"'"'s telephonic area code is present in the list of valid telephonic area codes for a geographical location.
  - 6. The method of claim 1, wherein (b) further comprises:
7. The method of claim 1, wherein at least some of the information includes a telephonic area code related information.
8. The method of claim 1, wherein at least some of the information includes a postal zip code related information.
9. The method of claim 8, wherein the record of known data is a list of valid postal zip codes for a geographical location, further comprising ensuring that the user'"'"'s postal zip code is present in the list of valid postal zip codes for a geographical location.
10. The method of claim 1, wherein at least some of the information includes a driver license number related information.
11. The method of claim 10, wherein the record of known data is a list of valid driver license numbers for a geographical location, further comprising ensuring that the user'"'"'s driver license number is present in the list of valid driver license numbers for a geographical location.
12. The method of claim 1, wherein the record of known data is a credit card fraud statistical model.

13. A system for authenticating a user on a network, said the system comprising:
- a server capable of being accessed through the network from at least one user input device, wherein said server includes (a) a computer-readable memory, the computer-readable memory having a plurality of software modules, which enable said server to preprocess an input received from said at least one input device before performing an authentication of the user, (b) at least one input device for receiving the input from said at least one user input device, the input comprising information stored in a plurality of fields relating to identification of the user;
  
  (c) a processor capable of preprocessing at least some of the information for reliability, including performing at least one task selected from the group of tasks consisting of (1) checking format of at least some of the information;
  
  (2) comparing at least some of the information against a record of known data; and
  
  (3) ensuring that at least some of the information is present in the record of known data; and
  
  if the preprocessing is successful, performing authentication based on the input by comparing at least some of the information against a database comprising a record of the user'"'"'s credit history as compiled from a plurality of the user'"'"'s creditors.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 14. The system of claim 13, wherein the processor is capable of assigning at least one of the tasks from the group of task to be performed at the at least one user input device.
  - 15. The system of claim 13, wherein the at least one user input device connects to the network by using a transmission link select from the following group consisting of (1) a dial up connection;
    - (2) a local area network (LAN);
      
      (3) a T1 digital line;
      
      (4) a T3 digital line;
      
      (5) an integrated service digital network (ISDN) digital line;
      
      (6) a wide area network;
      
      (7) an Ethernet connection;
      
      (8) a digital subscriber line (DSL) connection; and
      
      (9) a wireless connection.
  - 16. The system of claim 13, wherein at least some of the information is a social security number.
  - 17. The system of claim 13, wherein the record of known data is a list of invalid social security numbers.
  - 18. The system of claim 13, wherein the record of known data is a dictionary.
  - 19. The system of claim 13, wherein at least some of the information is a telephonic area code.
  - 20. The system of claim 13, wherein the record of known data is a list of valid telephonic area codes for a geographical location.
  - 21. The system of claim 13, wherein at least some of the information is a postal zip code.
  - 22. The system of claim 13, wherein the record of known data is a list of valid postal zip codes for a geographical location.
  - 23. The system of claim 13, wherein at least some of the information is a driver license number.
  - 24. The system of claim 13, wherein the record of known data is a list of valid driver license numbers for a geographical location.
  - 25. The system of claim 13, wherein the record of known data is a credit card fraud statistical model.

26. A method for authenticating a user of a network based on response received from the user, said method comprising:
- (a) soliciting from the user information related to a credit file;
  
  (b) receiving the response from the user, the response comprising data stored in a plurality of fields;
  
  (c) preprocessing at least some of the data for reliability, including performing at least one task selected from the group of tasks consisting of (1) checking format of at least some of the information;
  
  (2) comparing at least some of the information against a record of known data; and
  
  (3) ensuring that at least some of the information is present in the record of known data;
  
  (d) if the preprocessing is successful, comparing at least some of the data against information in the credit file; and
  
  (e) determining whether the user should be authenticated based on the result from step (d).
- View Dependent Claims (27, 28, 29)
- - 27. The method of claim 26, wherein (a) further comprises
- 28. The method of claim 27, wherein there is only one correct answer for the multiple-choice question.
- 29. The method of claim 26 further comprising:
  - (g) if checking format returns failure, performing at least one task selected from the group of tasks consisting of (1) prompting the user to reenter the information; and
    
    (2) correcting the information to conform to the format.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Equifax, Inc.
Original Assignee
Equifax, Inc.
Inventors
Wilder, Jone, French, Jennifer
Primary Examiner(s)
Black, Thomas
Assistant Examiner(s)
CHEUNG, MARY DA ZHI WANG

Application Number

US09/315,130
Publication Number

US 20010001877A1
Time in Patent Office

831 Days
Field of Search

713/200, 713/201, 713/202, 713/182-186, 713/187-194, 380/25, 705/38, 705/44
US Class Current

726/7
CPC Class Codes

G06F 21/31   User authentication

G06F 21/40   by quorum, i.e. whereby two...

G06F 2221/2113   Multi-level security, e.g. ...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4097   using mutual authentication...

G06Q 40/03   Credit; Loans; Processing t...

G07F 7/1008   Active credit-cards provide...

System and method for authentication of network users with preprocessing

First Claim

1 Assignment

Litigations

0 Petitions

Accused Products

Abstract

409 Citations

29 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for authentication of network users with preprocessing

First Claim

1 Assignment

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

409 Citations

29 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links