Centralized identity authentication for electronic communication networks

US 7,140,036 B2
Filed: 03/02/2001
Issued: 11/21/2006
Est. Priority Date: 03/06/2000
Status: Expired due to Term

First Claim

Patent Images

1. A method of centralized identity authentication for use in connection with a communications network comprising:

(a) registering users of the communications network with a centralized agent, each registered user being associated with authentication data from which that user can be authenticated;

(b) registering with the centralized agent a plurality of different types of entities having a presence on the communications network, said plurality of different types of entities selectively engaging in a plurality of different types of transactions with registered users, said different types of entities and said different types of transactions including at least one of;

(i) a first type of entity selectively engaging in a first type of transaction, wherein the first type of entity is a merchant and the first type of transaction includes selling at least one of goods and services to a registered user; and

,(ii) a second type of entity selectively engaging in a second type of transaction, wherein the second type of entity is one that maintains personal records for registered users and the second type of transaction includes granting a registered user access to their personal records; and

,(c) authenticating each user'"'"'s identity over the communications network prior to completion of transactions between registered entities and registered users, wherein the registered users employ the same authentication data for both the first and second types of transactions.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of centralized identity authentication for use in connection with a communications network includes registering users of the communications network such that each registered user'"'"'s identity is uniquely defined and determinable, and registering a plurality of vendors having a presence on the communications network. The registered vendors selectively transact with registered users, wherein the transactions include: (i) the registered vendor selling goods and/or services to the registered user; (ii) the registered vendor granting the registered user access to personal records maintained by the registered vendor; and/or (iii) the registered vendor communicating to the registered user personal information maintained by the registered vendor. The method also includes each user'"'"'s identity being authenticated over the communications network prior to completion of transactions between registered vendors and registered users.

165 Citations

15 Claims

1. A method of centralized identity authentication for use in connection with a communications network comprising:
- (a) registering users of the communications network with a centralized agent, each registered user being associated with authentication data from which that user can be authenticated;
  
  (b) registering with the centralized agent a plurality of different types of entities having a presence on the communications network, said plurality of different types of entities selectively engaging in a plurality of different types of transactions with registered users, said different types of entities and said different types of transactions including at least one of;
  
  (i) a first type of entity selectively engaging in a first type of transaction, wherein the first type of entity is a merchant and the first type of transaction includes selling at least one of goods and services to a registered user; and
  
  ,(ii) a second type of entity selectively engaging in a second type of transaction, wherein the second type of entity is one that maintains personal records for registered users and the second type of transaction includes granting a registered user access to their personal records; and
  
  ,(c) authenticating each user'"'"'s identity over the communications network prior to completion of transactions between registered entities and registered users, wherein the registered users employ the same authentication data for both the first and second types of transactions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method according to claim 1, further comprising:
    - (d) communicating results of the authentication to at least one of the registered user and the registered entity involved in the transaction.
  - 3. The method according to claim 1, further comprising:
    - (d) authorizing the completion of transactions between registered entities and registered users.
  - 4. The method according to claim 3, wherein the user'"'"'s identity is withheld from the entity.
  - 5. The method according to claim 1, wherein the authentication is carried out using at least two-factor authentication.
  - 6. The method according to claim 1, wherein the method further comprises notifying the registered user when a non-authentic user attempts to transact with a registered vendor posing as the registered user.
  - 7. The method according to claim 1, wherein registering users comprises:
    - obtaining personal data related to the users; and
      
      ,verifying the users'"'"' identities.
  - 8. The method according to claim 7, wherein verifying the users identities is accomplished by comparing for consistency the personal data obtained with corresponding personal data maintained by registered vendors.
  - 9. The method of claim 1, wherein the authentication data includes a user id and password.
  - 10. The method of claim 1, wherein the authentication data includes data corresponding to a biometric characteristic of the user.
  - 11. The method of claim 1, further comprising:
    - transferring information in the personal records of an authenticated user maintained by one registered entity of the second type to another registered entity of the second type at the direction of the authenticated user, including reformatting the information so as to conform to a format in which personal records are maintained by the registered entity of the second type receiving the transferred information.

12. A centralized identity authentication system comprising:
- a computer connected to a communications network;
  
  means for registering user of the communications network, each registered user being associated with authentication data from which that user can be authenticated;
  
  means for registering a plurality of different types of entities having a presence on the communications network, said different types of entities including at least;
  
  a first type of entity selectively engaging in a first type of transaction, wherein the first type of entity is a merchant and the first type of transaction includes selling at least one of goods and services to a registered user; and
  
  ,a second type of entity selectively engaging in a second type of transaction, wherein the second type of entity is one that maintains personal records for registered users and the second type of transaction includes granting a registered user access to their personal records;
  
  a central database accessible by the computer, said central database containing accounts created by the registering means for each registered user and each registered vendor, said accounts including records of data collected by the registering means; and
  
  ,means for authenticating registered users'"'"' identities, said authentication means collecting authentication data from users over the communication network and comparing it to corresponding data from account records in the central database such that when there is a match the user providing the authentication data is deemed to be the registered user which holds the account, wherein the registered users employ the same authentication data for both the first and second types of transactions.
- View Dependent Claims (13, 14, 15)
- - 13. The centralized authentication system according to claim 12, wherein the communications network is the Internet.
  - 14. The centralized authentication system according to claim 12, further including means for communicating results of the authentication to at least one of respective users and vendors involved in transactions with one another.
  - 15. The centralized authentication system according to claim 12, further including means for notifying a true registered user of a failed authentication attempt carried out by the authentication means on an imposter.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CardinalCommerce Corporation (Visa, Inc.)
Original Assignee
CardinalCommerce Corporation (Visa, Inc.)
Inventors
Sherwin, Francis M., Bhagavatula, Ravishankar S., Bowman, Jeffry J., Balasubramanian, Chandra S., Keresman, Michael A. III
Primary Examiner(s)
Song, Hosuk

Application Number

US09/798,830
Publication Number

US 20010037451A1
Time in Patent Office

2,090 Days
Field of Search

713/182, 713/183, 713/150, 713/155, 713168-170, 713200-202, 709/200, 709/206, 709/224, 709/225, 709/226, 709/220, 709/203, 709/221, 709/223, 705/26, 705/27, 705/53, 705/57, 705/50, 705 67- 68, 705/70, 705 75- 79, 710/36, 710/9, 380/30, 380/270, 726 2- 9
US Class Current

726/2
CPC Class Codes

G06F 21/31   User authentication

G06F 21/445   by mutual authentication, e...

G06Q 20/4014   Identity check for transact...

G06Q 30/06   Buying, selling or leasing ...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

Centralized identity authentication for electronic communication networks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

165 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

Centralized identity authentication for electronic communication networks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

165 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others