Method and system for strong, convenient authentication of a web user
First Claim
1. A method for authenticating a web user, comprising:
- registering the user by an authenticating authority based upon identification of the user using a strong authentication technique;
providing an authenticating token to the user by the authenticating authority in connection with the user registration;
enrolling at least one web-enabled user device for the user by the authenticating authority based on presentation of the authenticating token by the user;
authenticating the user for a transaction by the authenticating authority based on presentation by the user of a user password via the enrolled user device;
wherein registering the user based upon identification of the user using the strong authentication technique further comprises registering the user based upon identification of the user using at least one of biometric information and shared secret information; and
wherein registering the user based upon identification of the user using shared secret information further comprises registering the user based upon identification of the user using a special code posted by the authenticating authority to the user that can be used only within a predetermined time frame.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for strong, convenient authentication of a web user makes use, for example, of a computing device, such as a user'"'"'s personal computer (PC), coupled over a network, such as the Internet, to one or more servers, such as the host server of an authenticating authority, as well as one or more databases of the authenticating authority. The authentication process is broken into three phases, namely a registration phase, an enrollment phase, and a transaction authentication phase, with each phase being less intrusive and less secure than the preceding phase. In the registration phase, an authenticating authority registers the user based upon identification of the user using a strong authentication technique and provides an authenticating token to the user, which can be used in the enrollment phase to enroll one or more user devices for the user. Thereafter, in the transaction authentication phase, the authenticating authority can authenticate the user for a transaction based on presentation by the user of a user password via the enrolled user device.
66 Citations
36 Claims
-
1. A method for authenticating a web user, comprising:
-
registering the user by an authenticating authority based upon identification of the user using a strong authentication technique; providing an authenticating token to the user by the authenticating authority in connection with the user registration; enrolling at least one web-enabled user device for the user by the authenticating authority based on presentation of the authenticating token by the user; authenticating the user for a transaction by the authenticating authority based on presentation by the user of a user password via the enrolled user device; wherein registering the user based upon identification of the user using the strong authentication technique further comprises registering the user based upon identification of the user using at least one of biometric information and shared secret information; and wherein registering the user based upon identification of the user using shared secret information further comprises registering the user based upon identification of the user using a special code posted by the authenticating authority to the user that can be used only within a predetermined time frame. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system for authenticating a web user, comprising:
-
means for registering the user by an authenticating authority based upon identification of the user using a strong authentication technique; means for providing an authenticating token to the user by the authenticating authority in connection with the user registration; means for enrolling at least one web-enabled user device for the user by the authenticating authority based on presentation of the authenticating token by the user; means for authenticating the user for a transaction by the authenticating authority based on presentation by the user of a user password via the enrolled user device; wherein the means for registering the user based upon identification of the user using the strong authentication technique further comprises means for registering the user based upon identification of the user using at least one of biometric information and shared secret information; and wherein the means for registering the user based upon identification of the user using shared secret information further comprises means for registering the user based upon identification of the user using a special code posted by the authenticating authority to the user that can be used only within a predetermined time frame. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
Specification