System and method for authentication of users and communications received from computer systems
First Claim
1. A method of receiving information useful for logging a user into a computer system, comprising:
- causing a user identifier to be stored in a persistent file of a client system;
receiving from the user a request to log into the computer system;
responsive to the request received;
receiving the persistent file including the user identifier from the client system;
providing from the computer system to the user a prompt for the user identifier;
receiving a response from the user responsive to the prompt for the user identifier; and
determining if the response received from the user matches the user identifier received in the persistent file; and
responsive to a determination that the response received matches the user identifier received;
providing from the computer system to the user a prompt for confidential information; and
presenting to the user customization information corresponding to the user identifier received that is perceptible to the user and can allow the user to authenticate the computer system if the customization information presented matches customization information expected by the user;
said customization information being presented to the user before or during the providing from the computer system to the user the prompt for confidential information step;
said customization information not being presented to the user between the receiving the request step and the determination that the response received matches the user identifier received; and
the correspondence of the customization information with the user identifier not ordinarily being publicly known.
15 Assignments
0 Petitions
Accused Products
Abstract
A system and method allows a user to authenticate a communication from a computer system, a computer system to authenticate a user, or both. When a user requests a web page from the web site, customization information that is recognizable to the user is provided to allow the user to authenticate the web site. A signed, encrypted persistent file stored on the user'"'"'s computer system or installed on a different computer system, or a trusted computing subsystem allows the web site to authenticate the user. If the user is using a system that will not allow that user to be authenticated, the user may instruct the system to continue providing information without the user'"'"'s customization information. The system and method may be used to allow the user to authenticate an e-mail message or its source, and Flash movies or other computer code may be used if the user'"'"'s e-mail client does not employ cookies.
-
Citations
27 Claims
-
1. A method of receiving information useful for logging a user into a computer system, comprising:
-
causing a user identifier to be stored in a persistent file of a client system; receiving from the user a request to log into the computer system; responsive to the request received; receiving the persistent file including the user identifier from the client system; providing from the computer system to the user a prompt for the user identifier; receiving a response from the user responsive to the prompt for the user identifier; and determining if the response received from the user matches the user identifier received in the persistent file; and responsive to a determination that the response received matches the user identifier received; providing from the computer system to the user a prompt for confidential information; and presenting to the user customization information corresponding to the user identifier received that is perceptible to the user and can allow the user to authenticate the computer system if the customization information presented matches customization information expected by the user; said customization information being presented to the user before or during the providing from the computer system to the user the prompt for confidential information step; said customization information not being presented to the user between the receiving the request step and the determination that the response received matches the user identifier received; and the correspondence of the customization information with the user identifier not ordinarily being publicly known. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for receiving information useful for logging a user into a computer system, comprising:
-
at least one storage; and a processor operatively coupled to the at least one storage, the processor being operative to perform the steps of; causing a user identifier to be stored in a persistent file of a client system; receiving from the user a request to log into the computer system; responsive to the request received; receiving the persistent file including the user identifier from the client system; providing from the computer system to the user a prompt for the user identifier; receiving a response from the user responsive to the prompt for the user identifier, and determining if the response received from the user matches the user identifier received in the persistent file; and responsive to a determination that the response received matches the user identifier received; providing from the computer system to the user a prompt for confidential information; and presenting to the user customization information corresponding to the user identifier received that is perceptible to the user and can allow the user to authenticate the computer system if the customization information presented matches customization information expected by the user; said customization information being presented to the user before or during the providing from the computer system to the user the prompt for confidential information step; said customization information not being presented to the user between the receiving the request step and the determination that the response received matches the user identifier received; and the correspondence of the customization information with the user identifier not ordinarily being publicly known. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer program product comprising a computer useable medium having computer readable program code embodied therein for receiving information useful for logging a user into a computer system, the computer program product comprising computer readable program code devices configured to cause a computer system to:
-
cause a user identifier to be stored in a persistent file of a client system; receive from the user a request to log into the computer system; responsive to the request received; receive the persistent file including the user identifier from the client system; provide from the computer system to the user a prompt for the user identifier; receive a response from the user responsive to the prompt for the user identifier; and determine if the response received from the user matches the user identifier received in the persistent file; and responsive to a determination that the response received matches the user identifier received; provide from the computer system to the user a prompt for confidential information; and present to the user customization information corresponding to the user identifier received that is perceptible to the user and can allow the user to authenticate the computer system if the customization information presented matches customization information expected by the user; said customization information being presented to the user before or during the providing from the computer system to the user the prompt for confidential information step; said customization information not being presented to the user between the receiving the request step and the determination that the response received matches the user identifier received; and the correspondence of the customization information with the user identifier not ordinarily being publicly known. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
Specification