System and method to authenticate a user utilizing a time-varying auxiliary code

US 7,694,130 B1
Filed: 09/12/2008
Issued: 04/06/2010
Est. Priority Date: 09/12/2008
Status: Expired due to Fees

First Claim

Patent Images

1. A method to authenticate a user, comprising:

A. identifying the user by creating a user identifier and a time-varying auxiliary code, at least the code provided by a server in a central electronic authentication system;

B. storing the user identifier with the code in an electronic database in the central electronic authentication system;

C. providing a communications interface through which the user manually retrieves the code from the central electronic authentication system using a fungible communications device, the user retrieving the code prior to his initiation of a transaction, the code not being a one-time password;

D. providing an electronic user interface to present the user with a means to input manually at least his code to the central electronic authentication system;

E. the user manually inputting at least his code to the central electronic authentication system;

F. conveying the user-input code from the user interface to the central electronic authentication system, wherein circuitry in the authentication server in the central electronic authentication system authenticates the user if the user input code matches the stored code.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method to authenticate a user utilizing a time-varying auxiliary code. The code may be appended to a fixed password, but that is not required. The code is generated by a central electronic authentication system. The user retrieves it manually using a fungible communications device such as a telephone or a computer connected to the Internet. The user must learn the code because he inputs it manually, thereby authenticating himself. The present invention performs the same function as inventions with tokens, that is, it provides an extension to the PIN or password, but it eliminates the token and the synchronization required with such a token.

99 Citations

View as Search Results

20 Claims

1. A method to authenticate a user, comprising:
- A. identifying the user by creating a user identifier and a time-varying auxiliary code, at least the code provided by a server in a central electronic authentication system;
  
  B. storing the user identifier with the code in an electronic database in the central electronic authentication system;
  
  C. providing a communications interface through which the user manually retrieves the code from the central electronic authentication system using a fungible communications device, the user retrieving the code prior to his initiation of a transaction, the code not being a one-time password;
  
  D. providing an electronic user interface to present the user with a means to input manually at least his code to the central electronic authentication system;
  
  E. the user manually inputting at least his code to the central electronic authentication system;
  
  F. conveying the user-input code from the user interface to the central electronic authentication system, wherein circuitry in the authentication server in the central electronic authentication system authenticates the user if the user input code matches the stored code.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein said electronic user interface is an electronic input device selected from the group consisting of a keypad of a terminal, a computer, and a touch-tone telephone.
  - 3. The method of claim 1, wherein said fungible communications device is an electronic communications device selected from the group consisting of computers connected to the Internet, and touch-tone telephones.
  - 4. The method of claim 1, wherein said user identifier is selected from the group consisting of debit card numbers, ATM card numbers, and credit card numbers.
  - 5. The method of claim 1, wherein said user identifier is a cashier'"'"'s check number.
  - 6. The method of claim 1, wherein said user identifier is a bank account number.
  - 7. The method of claim 1, wherein said user identifier is a prescription number.
  - 8. The method of claim 1, wherein:
    - A. the identifying the user step further comprises creating an authentication key in the form of a fixed password;
      
      B. the storing the user identifier step further comprises storing the authentication key in the form of a fixed password with code in an electronic database in the authentication system;
      
      C. the providing a user interface step further comprises presenting the user with a means to input manually at least his password with his code;
      
      D. the manually inputting step further comprises manually inputting his password; and
      
      E. the conveying the user input step further comprises conveying the user-input password with the code through the user interface to the authentication system, wherein circuitry in the authentication system authenticates the user if the user input password and code match the stored password and code.
  - 9. The method of claim 8, wherein said electronic user interface is an electronic input device selected from the group consisting of a keypad of a terminal, a computer, and a touch-tone telephone.
  - 10. The method of claim 1, wherein said time-varying code changes every twenty-four hours.

11. A system for authenticating a user, comprising:
- A. an identification subsystem, comprising a user identifier and a time-varying auxiliary code, at least the code provided by a central electronic authentication system, both the identifier and the code stored in an electronic database in the authentication system;
  
  B. a communications interface through which the user manually retrieves the code using a fungible communications device, the user retrieving the code prior to his initiation of a transaction, the code not being a one-time password;
  
  C. an electronic user interface that presents the user with a means to input manually at least his code to the central electronic authentication system;
  
  D. circuitry in the central electronic authentication system to i) compare the user input conveyed to the authentication system through the user interface with the stored information, and ii) to authenticate the user if the user input code matches the stored code.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The system of claim 11, wherein said user interface is an electronic input device selected from the group consisting of a keypad of a terminal, a computer, and a touch-tone telephone.
  - 13. The system of claim 11, wherein said fungible communications device is an electronic communications device selected from the group consisting of a computers connected to the Internet, and touch-tone telephones.
  - 14. The system of claim 11, wherein said user identifier is selected from the group consisting of debit card numbers, ATM card numbers, and credit card numbers.
  - 15. The system of claim 11, wherein said user identifier is a cashier'"'"'s check number.
  - 16. The system of claim 11, wherein said user identifier is a bank account number.
  - 17. The method of claim 11, wherein said user identifier is a prescription number.
  - 18. The system of claim 11, wherein:
    - A. the identification subsystem further comprises a fixed password, stored in the authentication system;
      
      B. the circuitry in the authentication system further comprises circuitry to i) compare the user input conveyed to the authentication system through the user interface with the stored information where the user input includes at least his fixed password and his code, and ii) to authenticate the user if the user input password and code match the stored password and code; and
      
      C. an electronic user interface that presents the user with a means to input manually at least his code and his password to the central electronic authentication system.
  - 19. The system of claim 18, wherein said user interface is an electronic input device selected from the group consisting of a keypad of a terminal, a computer, and a touch-tone telephone.
  - 20. The system of claim 11, wherein said time-varying code changes every twenty-four hours.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Michael Anthony Martinez
Original Assignee
Michael Anthony Martinez
Inventors
Martinez, Michael Anthony
Primary Examiner(s)
Cervetti; David Garcia

Application Number

US12/209,856
Publication Number

US 20100070757A1
Time in Patent Office

571 Days
Field of Search

713/155, 713/183, 713/184, 726/5
US Class Current

713/155
CPC Class Codes

H04L 63/0846 using time-dependent-passwo...

System and method to authenticate a user utilizing a time-varying auxiliary code

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

99 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

System and method to authenticate a user utilizing a time-varying auxiliary code

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

99 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others