Method of one time authentication response to a session-specific challenge indicating a random subset of password or PIN character positions
First Claim
1. An interactive method for authentication of a client, comprising:
- storing a client identifier for a client and an identification code for the client in a computer database, the identification code comprising a set of password or Personal Identification Number (PIN) characters with each consecutive character position number in the set associated with a particular character;
supplying to the client, using a process executed by a computer system, a prompt for entry of a client identifier;
accepting in the computer system data from the client, the data indicating the client identifier for the client, and verifying that the data indicating the client identifier matches the stored client identifier;
supplying to the client, using a process executed by the computer system, a session random subset of character position numbers from said identification code for the client particular to a session, wherein the random subset of character position numbers does not include all of the character position numbers from the identification code;
accepting input data in the computer system from the client, the input data including a random subset of characters from the identification code, wherein the random subset of characters does not include all of the identification code; and
determining in the computer system, whether the input data match characters from the stored identification code in a session random subset of character positions.
0 Assignments
0 Petitions
Accused Products
Abstract
Financial institution back office computerized transaction-processing system with embedded privacy and security layer (EPSL) enables strong transaction authentication prior to a merchant or vendor contact, based on a user account number, transaction conditions like anticipated transaction time and money, user two-factor authentication with a static transaction PIN and a transaction session-specific random partial password or PIN recognition algorithm. User enters the user name and then, challenged by server with a random session-specific subset of a password or PIN character'"'"'s consecutive position numbers, enters based on cognitive association a one time authentication response. The authentication session is interactive, transaction session-specific, and followed by either a transaction denial or an alphanumeric transaction signature generated by EPSL for this specific transaction. Then, the user submits her request to a transaction counterpart along with the transaction signature. The merchant or vendor requests an authorization session with EPSL.
36 Citations
8 Claims
-
1. An interactive method for authentication of a client, comprising:
-
storing a client identifier for a client and an identification code for the client in a computer database, the identification code comprising a set of password or Personal Identification Number (PIN) characters with each consecutive character position number in the set associated with a particular character; supplying to the client, using a process executed by a computer system, a prompt for entry of a client identifier; accepting in the computer system data from the client, the data indicating the client identifier for the client, and verifying that the data indicating the client identifier matches the stored client identifier; supplying to the client, using a process executed by the computer system, a session random subset of character position numbers from said identification code for the client particular to a session, wherein the random subset of character position numbers does not include all of the character position numbers from the identification code; accepting input data in the computer system from the client, the input data including a random subset of characters from the identification code, wherein the random subset of characters does not include all of the identification code; and determining in the computer system, whether the input data match characters from the stored identification code in a session random subset of character positions. - View Dependent Claims (2, 3, 4)
-
-
5. A transaction server, comprising:
-
a computer database storing a client identifier for a client and an identification code for the client, the identification code comprising a set of password or PiN characters with each consecutive character position number in the set associated with a particular character; a computer system coupled to the computer database, the computer system including a module to supply to the client, a prompt for entry of a client identifier; a module to accept data indicating the client identifier from the client via a data communication medium; a module to verify that the data indicating the client identifier matches the stored client identifier for the client; a module to supply to the client a session random subset of character position numbers from said identification code for the client particular to a session, wherein the random subset of character position numbers does not include all of the character position numbers from the identification code; a module to accept input data from the client, the input data including a random subset of characters from the identification code for the client, wherein the random subset of characters does not include all of the identification code; and a module to allow processing of a transaction to continue if the input data matches characters from the stored identification code for the client in the session random subset of character positions, and to interrupt the given session if the input data does not match. - View Dependent Claims (6, 7, 8)
-
Specification