System and method to authenticate a user utilizing a time-varying auxiliary code
First Claim
Patent Images
1. A method to authenticate a user, comprising:
- A. identifying the user by creating a user identifier and a time-varying auxiliary code, at least the code provided by a server in a central electronic authentication system;
B. storing the user identifier with the code in an electronic database in the central electronic authentication system;
C. providing a communications interface through which the user manually retrieves the code from the central electronic authentication system using a fungible communications device, the user retrieving the code prior to his initiation of a transaction, the code not being a one-time password;
D. providing an electronic user interface to present the user with a means to input manually at least his code to the central electronic authentication system;
E. the user manually inputting at least his code to the central electronic authentication system;
F. conveying the user-input code from the user interface to the central electronic authentication system, wherein circuitry in the authentication server in the central electronic authentication system authenticates the user if the user input code matches the stored code.
0 Assignments
0 Petitions
Accused Products
Abstract
A system and method to authenticate a user utilizing a time-varying auxiliary code. The code may be appended to a fixed password, but that is not required. The code is generated by a central electronic authentication system. The user retrieves it manually using a fungible communications device such as a telephone or a computer connected to the Internet. The user must learn the code because he inputs it manually, thereby authenticating himself. The present invention performs the same function as inventions with tokens, that is, it provides an extension to the PIN or password, but it eliminates the token and the synchronization required with such a token.
99 Citations
20 Claims
-
1. A method to authenticate a user, comprising:
-
A. identifying the user by creating a user identifier and a time-varying auxiliary code, at least the code provided by a server in a central electronic authentication system; B. storing the user identifier with the code in an electronic database in the central electronic authentication system; C. providing a communications interface through which the user manually retrieves the code from the central electronic authentication system using a fungible communications device, the user retrieving the code prior to his initiation of a transaction, the code not being a one-time password; D. providing an electronic user interface to present the user with a means to input manually at least his code to the central electronic authentication system; E. the user manually inputting at least his code to the central electronic authentication system; F. conveying the user-input code from the user interface to the central electronic authentication system, wherein circuitry in the authentication server in the central electronic authentication system authenticates the user if the user input code matches the stored code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for authenticating a user, comprising:
-
A. an identification subsystem, comprising a user identifier and a time-varying auxiliary code, at least the code provided by a central electronic authentication system, both the identifier and the code stored in an electronic database in the authentication system; B. a communications interface through which the user manually retrieves the code using a fungible communications device, the user retrieving the code prior to his initiation of a transaction, the code not being a one-time password; C. an electronic user interface that presents the user with a means to input manually at least his code to the central electronic authentication system; D. circuitry in the central electronic authentication system to i) compare the user input conveyed to the authentication system through the user interface with the stored information, and ii) to authenticate the user if the user input code matches the stored code. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification