Method and apparatus for enabling authentication of on-line communications
First Claim
Patent Images
1. A system for authenticating a website to a specific user prior to providing the specific user with access to the website, the system comprising:
- a data repository configured to store a graphical message code, a user authentication, and a userid, wherein each of the graphical message code, user authentication, and userid is associated with the specific user; and
a hardware processor operatively connected to the data repository and configured to;
receive the userid from the specific user;
present the graphical message code to the specific user after receiving the userid from the specific user and based at least partially on a determination that the userid received from the specific user is associated with the graphical message code stored in the data repository;
receive the user authentication from the specific user after presenting the graphical message code to the specific user; and
provide the specific user with access to the website after receiving the user authentication from the specific user and based at least partially on a determination that the user authentication received from the specific user is associated with the userid stored in the data repository,wherein the graphical message code is selected by the specific user prior to the graphical message code being presented to the specific user, and wherein the graphical message code serves to authenticate the website to the specific user.
1 Assignment
0 Petitions
Accused Products
Abstract
Method and apparatus for enabling authentication of on-line communications. In some embodiments, a message code is embedded in an e-mail, where the message code can be used by the recipient to verify the authenticity of the e-mail or of a Web site. In some embodiments, this code can be created for a particular e-mail message; in other embodiments, the code is created as a watermark for use by a customer or other a specific user or recipient. The message code is associated with both the e-mail message and the recipient. In the case of a message-specific code, a recipient can verify the e-mail message by inputting the code via a Web server to be looked up in the database. Provision is also made for including steganographic information in graphical or other codes as further authentication when accessing a Web site.
-
Citations
20 Claims
-
1. A system for authenticating a website to a specific user prior to providing the specific user with access to the website, the system comprising:
-
a data repository configured to store a graphical message code, a user authentication, and a userid, wherein each of the graphical message code, user authentication, and userid is associated with the specific user; and a hardware processor operatively connected to the data repository and configured to; receive the userid from the specific user; present the graphical message code to the specific user after receiving the userid from the specific user and based at least partially on a determination that the userid received from the specific user is associated with the graphical message code stored in the data repository; receive the user authentication from the specific user after presenting the graphical message code to the specific user; and provide the specific user with access to the website after receiving the user authentication from the specific user and based at least partially on a determination that the user authentication received from the specific user is associated with the userid stored in the data repository, wherein the graphical message code is selected by the specific user prior to the graphical message code being presented to the specific user, and wherein the graphical message code serves to authenticate the website to the specific user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for authenticating a website to a specific user prior to providing the specific user with access to the website, the method comprising:
-
receiving a userid from the specific user, wherein the userid is associated with the specific user; presenting a graphical message code to the specific user after the receiving the userid, wherein the presenting the graphical message code is based at least partially on a determination that the graphical message code is associated with the userid; receiving a user authentication from the specific user after the presenting the graphical message code; and providing, using a processing device, the specific user with access to the website after the receiving the user authentication, wherein the providing the access is based at least partially on a determination that the user authentication is associated with the userid, wherein the graphical message code is selected by the specific user prior to the presenting the graphical message code, and wherein the graphical message code serves to authenticate the website to the specific user. - View Dependent Claims (12, 13, 14)
-
-
15. A computer program product comprising a non-transitory computer-readable medium, wherein the non-transitory computer-readable medium comprises one or more computer-executable program code portions stored therein that, when executed by a computer, cause the computer to:
-
receive a userid from the specific user, wherein the userid is associated with the specific user; display a graphical message code to the specific user after receiving the userid from the specific user and based at least partially on a determination that the graphical message code is associated with the userid; receive a user authentication from the specific user after displaying the graphical message code; and provide the specific user with access to the website after receiving the user authentication and based at least partially on a determination that the user authentication is associated with the userid, wherein the graphical message code is selected by the specific user prior to the computer displaying the graphical message code to the specific user, and wherein the graphical message code serves to authenticate the website to the specific user. - View Dependent Claims (16, 17)
-
-
18. An apparatus for authenticating a website to a specific user prior to providing the specific user with access to the website, the apparatus comprising:
-
a processing device configured to; receive a userid from the specific user, wherein the userid is associated with the specific user; present a graphical message code to the specific user after receiving the userid from the specific user and based at least partially on a determination that the graphical message code is associated with the userid; receive a user authentication from the specific user after presenting the graphical message code to the specific user; and provide the specific user with access to the website after receiving the user authentication from the specific user and based at least partially on a determination that the user authentication is associated with the userid, wherein the graphical message code is selected by the specific user prior to the graphical message code being presented to the specific user, and wherein the graphical message code serves to authenticate the website to the specific user. - View Dependent Claims (19, 20)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeBank of America Corp.
-
Original AssigneeBank of America Corp.
-
InventorsKoenig, William, Wright, David, MacLean, Rhonda, Hogeboom, David A., Phillips, Richard Wade, Parra, William A.
-
Primary Examiner(s)Hamza; Faruk
-
Application NumberUS10/905,942Time in Patent Office2,385 DaysField of Search709/206, 709217-219, 709/223, 709/225, 713/175, 726/5, 726/10, 726 17- 18US Class Current709/225CPC Class CodesH04L 51/08 Annexed information, e.g. a...H04L 63/123 received data contents, e.g...H04L 63/1475 Passive attacks, e.g. eaves...H04L 63/1483 service impersonation, e.g....
