Method and apparatus for enabling a user to select an authentication method

US 7,941,669 B2
Filed: 12/27/2001
Issued: 05/10/2011
Est. Priority Date: 01/03/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method for configuring a method of authentication for accessing a restricted service, comprising:

receiving, by a microprocessor for configuring the method of authentication and from a user via a communication network, a selection of a first method of authentication, from a plurality of methods of authentication presented by a restricted service provider, for access to a first restricted service provided by the restricted service provider, the first restricted service being associated with an account of the user;

storing, by the microprocessor and in a database, the first method of authentication in association with the first restricted service and the account of the user;

receiving, by the microprocessor and from the user via the communication network, a selection of a second method of authentication, from the plurality of methods of authentication, for access to a second restricted service provided by the restricted service provider, the second restricted service being associated with the account of the user;

storing, by the microprocessor and in the database, the second method of authentication in association with the second restricted service and the account of the user;

allowing, by the microprocessor and from the user via the communication network, a change to at least one of the first authentication method or the second authentication method without accessing the first restricted service or the second restricted service, respectively, to a third authentication method, from the plurality of methods of authentication;

receiving, by the microprocessor and over the communication network, a request for access to at least one of the first restricted service and the second restricted service;

causing, by the microprocessor, a user interface to display input fields corresponding to the first method of authentication if the request is associated with the first restricted service;

causing, by the microprocessor, the user interface to display input fields corresponding to the second method of authentication if the request is associated with the second restricted service;

granting, by the microprocessor, access to the first restricted service in response to receiving predetermined input associated with the first method of authentication; and

granting, by the microprocessor, access to the second restricted service in response to receiving predetermined input associated with the second method of authentication.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention facilitates access to a restricted service related to secure transactions via a network. The present invention allows a user to select a minimum security level of authentication for its own login to a restricted service. The user'"'"'s selected minimum security level of authentication may be registered in an authentication method system, so that the user must use the selected minimum security level for authentication in order to gain access to the restricted service. Alternatively, the user may specify that the selected minimum security level for authentication may be over-turned by the user, or optionally re-set to a new authentication method depending on the needs of the user. As such, the present invention allows the user the flexibility to select its own authentication method for accessing a restricted service.

118 Citations

View as Search Results

18 Claims

1. A method for configuring a method of authentication for accessing a restricted service, comprising:
- receiving, by a microprocessor for configuring the method of authentication and from a user via a communication network, a selection of a first method of authentication, from a plurality of methods of authentication presented by a restricted service provider, for access to a first restricted service provided by the restricted service provider, the first restricted service being associated with an account of the user;
  
  storing, by the microprocessor and in a database, the first method of authentication in association with the first restricted service and the account of the user;
  
  receiving, by the microprocessor and from the user via the communication network, a selection of a second method of authentication, from the plurality of methods of authentication, for access to a second restricted service provided by the restricted service provider, the second restricted service being associated with the account of the user;
  
  storing, by the microprocessor and in the database, the second method of authentication in association with the second restricted service and the account of the user;
  
  allowing, by the microprocessor and from the user via the communication network, a change to at least one of the first authentication method or the second authentication method without accessing the first restricted service or the second restricted service, respectively, to a third authentication method, from the plurality of methods of authentication;
  
  receiving, by the microprocessor and over the communication network, a request for access to at least one of the first restricted service and the second restricted service;
  
  causing, by the microprocessor, a user interface to display input fields corresponding to the first method of authentication if the request is associated with the first restricted service;
  
  causing, by the microprocessor, the user interface to display input fields corresponding to the second method of authentication if the request is associated with the second restricted service;
  
  granting, by the microprocessor, access to the first restricted service in response to receiving predetermined input associated with the first method of authentication; and
  
  granting, by the microprocessor, access to the second restricted service in response to receiving predetermined input associated with the second method of authentication.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the plurality of methods of authentication includes at least one of:
    - user identification and password;
      
      user identification and pass-phrase;
      
      smart card and PIN;
      
      smart card and digital certificate;
      
      biometrics;
      
      sound verification;
      
      radio frequency and password;
      
      infrared and password; and
      
      handheld computing device and digital certificate.
  - 3. The method of claim 1, further including:
    - receiving, over the communication network, a selection of more than one method of authentication, from the plurality of methods of authentication for access to the first restricted service.
  - 4. The method of claim 1, further comprising:
    - registering at least one of the first method of authentication and the second method of authentication as a minimum level of security for access to at least one of the first and second restricted services.
  - 5. The method of claim 1, further comprising receiving, from the user via the communication network, a selection of a fourth method of authentication, from the plurality of methods of authentication, for access to the second restricted service provided by the restricted service provider.
  - 6. The method of claim 1, further comprising restricting at least the first method of authentication or the second method of authentication to specific times of the day.
  - 7. The method of claim 1, further comprising restricting at least the first method of authentication or the second method of authentication to specific locations.
  - 8. The method of claim 1, further comprising restricting at least the first method of authentication or the second method of authentication to specific days.
  - 9. The method of claim 1, further comprising restricting at the least the first method of authentication or the second method of authentication to the user being a member of a specific group.

10. A method for configuring a minimum level of security for accessing a restricted service, comprising:
- presenting, by a microprocessor for configuring a minimum level of security, a query dialog box to a user to query the user to select at least one level of security, from a plurality of levels of security presented by a restricted service provider, for access a first restricted service provided by the restricted service provider, the first restricted service being associated with an account of the user;
  
  receiving, by the microprocessor and from the user via the query dialog box over a communication network, a selection of a first level of security, from the plurality of levels of security, for access to the first restricted service;
  
  storing, by the microprocessor and in a database, the first level of security in association with the first restricted service and the account of the user;
  
  receiving, by the microprocessor and from the user via the communication network, a selection of a second level of security, from the plurality of levels of security, for access to a second restricted service provided by the restricted service provider, the second restricted service being associated with the account of the user;
  
  storing, by the microprocessor and in the database, the second level of security in association with the second restricted service and the account of the user;
  
  allowing, by the microprocessor and from the user via the communication network, a change to at least one of the first authentication method or the second authentication method without accessing the first restricted service or the second restricted service, respectively, to a third authentication method, from the plurality of methods of authentication;
  
  receiving, by the microprocessor and over the communication network, a request for access to at least one of the first restricted service and the second restricted service;
  
  causing, by the microprocessor, a user interface to display input fields corresponding to the first level of security if the request is associated with the first restricted service;
  
  causing, by the microprocessor, the user interface to display input fields corresponding to the second level of security if the request is associated with the second restricted service;
  
  granting, by the microprocessor, access to the first restricted service in response to receiving predetermined input associated with the first level of security; and
  
  granting, by the microprocessor, access to the second restricted service in response to receiving predetermined input associated with the second level of security.
- View Dependent Claims (11, 12)
- - 11. The method of claim 10, wherein the plurality of levels of security correspond to a plurality of methods of authentication, wherein the plurality of methods of authentication includes at least one of:
    - user identification and password;
      
      user identification and pass-phrase;
      
      smart card and PIN;
      
      smart card and digital certificate;
      
      biometrics;
      
      sound verification;
      
      radio frequency and password;
      
      infrared and password; and
      
      handheld computing device and digital certificate.
  - 12. The method of claim 10, further including:
    - receiving, over the communication network, a selection of more than one level of security, from the plurality of levels of security, for access to the first restricted service.

13. A non-transitory tangible computer-readable storage medium having stored thereon sequences of instructions, the sequences of instructions including instructions which, when executed by a computer system for configuring a method of authentication, cause the computer system to perform:
- receiving, by the computer system and from a user via a communication network, a selection of a first method of authentication, from a plurality of methods of authentication presented by a restricted service provider, for access to a first restricted service provided by the restricted service provider, the first restricted service being associated with an account of the user;
  
  storing, by the computer system and in a database, the first method of authentication in association with the first restricted service and the account of the user;
  
  receiving, by the computer system and from the user via the communication network, a selection of a second method of authentication, from the plurality of methods of authentication, for access to a second restricted service provided by the restricted service provider, the second restricted service being associated with the account of the user;
  
  storing, by the computer system and in the database, the second method of authentication in association with the second restricted service and the account of the user;
  
  allowing, by the computer system and from the user via the communication network, a change to at least one of the first authentication method or the second authentication method without accessing the first restricted service or the second restricted service, respectively, to a third authentication method, from the plurality of methods of authentication;
  
  receiving, by the computer system and over the communication network, a request for access to at least one of the first restricted service and the second restricted service;
  
  causing, by the computer system, a user interface to display input fields corresponding to the first method of authentication if the request is associated with the first restricted service;
  
  causing, by the computer system, the user interface to display input fields corresponding to the second method of authentication if the request is associated with the second restricted service;
  
  granting, by the computer system, access to the first restricted service upon receiving predetermined input associated with the first method of authentication; and
  
  granting, by the computer system, access to the second restricted service upon receiving predetermined input associated with the second method of authentication.

14. A non-transitory tangible computer-readable storage medium having stored thereon sequences of instructions, the sequences of instructions including instructions which, when executed by a computer system for configuring a method of authentication, cause the computer system to perform:
- presenting, by the computer system, a query dialog box to a user to query the user to select at least one level of security, from a plurality of levels of security presented by a restricted service provider, for access to a first restricted service provided by the restricted service provider, the first restricted service being associated with an account of the user;
  
  receiving, by the computer system and from the user via the query dialog box over a communication network, a selection of a first level of security, from a plurality of levels of security, for access to the first restricted service;
  
  storing, by the computer system and in a database, the first level of security in association with the first restricted service and the account of the user;
  
  receiving, by the computer system and from the user via the communication network, a selection of a second level of security, from the plurality of levels of security, for access to a second restricted service provided by the restricted service provider, the second restricted service being associated with the account of the user;
  
  storing, by the computer system and in the database, the second level of security in association with the second restricted service and the account of the user;
  
  allowing, by the computer system and from the user via the communication network, a change to at least one of the first authentication method or the second authentication method without accessing the first restricted service or the second restricted service, respectively, to a third authentication method, from the plurality of methods of authentication;
  
  receiving, by the computer system and over the communication network, a request for access to at least one of the first restricted service and the second restricted service;
  
  causing, by the computer system, a user interface to display input fields corresponding to the first level of security if the request is associated with the first restricted service;
  
  causing, by the computer system, the user interface to display input fields corresponding to the second level of security if the request is associated with the second restricted service;
  
  granting, by the computer system, access to the first restricted service upon receiving predetermined input associated with the first level of security; and
  
  granting, by the computer system, access to the second restricted service upon receiving predetermined input associated with the second level of security.

15. An authentication system comprising a microprocessor for configuring at least one method of authentication for accessing a restricted service and a memory storing a program executable by the microprocessor, wherein the program includes computer code for implementing a method, wherein the method includes:
- receiving, by the microprocessor and from a user via a communication network, a selection of a first method of authentication, from a plurality of methods of authentication presented by a restricted services provider, for access to a first restricted service provided by the restricted service provider, the first restricted service being associated with an account of the user;
  
  storing, by the microprocessor and in a database, the first method of authentication in association with the first restricted service and the account of the user;
  
  receiving, by the microprocessor and from the user via the communication network, a selection of a second method of authentication, from the plurality of methods of authentication, for access to a second restricted service provided by the restricted service provider, the second restricted service being associated with the account of the user;
  
  storing, by the microprocessor and in the database, the second method of authentication in association with the second restricted service and the account of the user;
  
  allowing, by the microprocessor and from the user via the communication network, a change to at least one of the first authentication method or the second authentication method without accessing the first restricted service or the second restricted service, respectively, to a third authentication method, from the plurality of methods of authentication;
  
  receiving, by the microprocessor and over the communication network, a request for access to at least one of the first restricted service and the second restricted service;
  
  causing, by the microprocessor, a user interface to display input fields corresponding to the first method of authentication if the request is associated with the first restricted service;
  
  causing, by the microprocessor, the user interface to display input fields corresponding to the second method of authentication if the request is associated with the second restricted service;
  
  granting, by the microprocessor, access to the first restricted service upon receiving predetermined input associated with the first method of authentication; and
  
  granting, by the microprocessor, access to the second restricted service upon receiving predetermined input associated with the second method of authentication.
- View Dependent Claims (16)
- - 16. The authentication system of claim 15, wherein the plurality methods of authentication includes at least one of:
    - user identification and password;
      
      user identification and pass-phrase;
      
      smart card and PIN;
      
      smart card and digital certificate;
      
      biometrics;
      
      sound verification;
      
      radio frequency and password;
      
      infrared and password; and
      
      handheld computing device and digital certificate.

17. An authentication system comprising a microprocessor for implementing a method for configuring a minimum level of security for accessing a restricted service and a memory storing a program executable by the processor, wherein the program includes computer code, wherein the method includes:
- presenting, by the microprocessor, a query dialog box to a user to query the user to select at least one level of security, from a plurality of levels of security presented by a restricted services provider, for access to system a first restricted service provided by the restricted service provider, the first restricted service being associated with an account of the user;
  
  receiving, by the microprocessor and from the user via the query dialog box over a communication network, a selection of a first level of security, from the plurality of levels of security, for access to the first restricted service;
  
  storing, by the microprocessor and in a database, the first level of security in association with the first restricted service and the account of the user;
  
  receiving, by the microprocessor and from the user via the communication network, a selection of a second level of security, from the plurality of levels of security, for access to a second restricted service provided by the restricted service provider, the second restricted service being associated with the account of the user;
  
  storing, by the microprocessor and in the database, the second level of security in association with the second restricted service and the account of the user;
  
  allowing, by the microprocessor and from the user via the communication network, a change to at least one of the first authentication method or the second authentication method without accessing the first restricted service or the second restricted service, respectively, to a third authentication method, from the plurality of methods of authentication;
  
  receiving, by the microprocessor and over the communication network, a request for access to at least one of the first restricted service and the second restricted service;
  
  causing, by the microprocessor, a user interface to display input fields corresponding to the first level of security if the request is associated with the first restricted service;
  
  causing, by the microprocessor, the user interface to display input fields corresponding to the second level of security if the request is associated with the second restricted service;
  
  granting, by the microprocessor, access to the first restricted service upon receiving predetermined input associated with the first level of security; and
  
  granting, by the microprocessor, access to the second restricted service upon receiving predetermined input associated with the second level of security.
- View Dependent Claims (18)
- - 18. The authentication system of claim 17, wherein the plurality of levels of security correspond to a plurality of methods of authentication, wherein the plurality of methods of authentication includes at least one of:
    - user identification and password;
      
      user identification and pass-phrase;
      
      smart card and PIN;
      
      smart card and digital certificate;
      
      biometrics;
      
      sound verification;
      
      radio frequency and password;
      
      infrared and password; and
      
      handheld computing device and digital certificate.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Liberty Peak Ventures, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Inventors
Nambiar, Anant, Johnson, Rick D., Foley, James
Primary Examiner(s)
PYZOCHA, MICHAEL J

Application Number

US10/035,064
Publication Number

US 20020087894A1
Time in Patent Office

3,421 Days
Field of Search

713/182, 726/6
US Class Current

713/182
CPC Class Codes

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/105   Multiple levels of security

H04L 63/205   involving negotiation or de...

Method and apparatus for enabling a user to select an authentication method

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

118 Citations

18 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for enabling a user to select an authentication method

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

118 Citations

18 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others