Reusable authentication experience tool

US 8,136,148 B1
Filed: 04/09/2008
Issued: 03/13/2012
Est. Priority Date: 04/09/2008
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a user to a web site, the method comprising:

providing, by a first server, an authentication user interface as an integrated component of a web page of a second web server different from the first server;

receiving via the authentication user interface a first piece of client authentication data;

identifying an authorized user based on the received first piece of client authentication data; and

providing an updated authentication user interface comprising additional user interface data based on the received first piece of client authentication data, wherein the updated authentication user interface is provided without refreshing the web page.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A reusable authentication component may be integrated into a web page to communicate with an authentication server and authenticate a user to the web page. The reusable authentication component may implement a complex authentication process, including multiple user interfaces to receive multiple assurances of user identity and user confirmation of previously stored mutual authentication data. The authentication process may be performed by the authentication component without refreshing or redirecting the parent web page until completion of a successful user authentication, after which the parent web page may receive authentication data and refresh to provide user specific and/or secure user data on the web page.

159 Citations

20 Claims

1. A method of authenticating a user to a web site, the method comprising:
- providing, by a first server, an authentication user interface as an integrated component of a web page of a second web server different from the first server;
  
  receiving via the authentication user interface a first piece of client authentication data;
  
  identifying an authorized user based on the received first piece of client authentication data; and
  
  providing an updated authentication user interface comprising additional user interface data based on the received first piece of client authentication data, wherein the updated authentication user interface is provided without refreshing the web page.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein providing the authentication user interface comprises transmitting a reusable widget control to a client computer.
  - 3. The method of claim 1, wherein at least one of the size, position, and color of the authentication user interface is determined by the web page provided by the second web server and not the first server.
  - 4. The method of claim 1, wherein the first piece of client authentication data is not accessible to the web page provided by the second web server.
  - 5. The method of claim 1, wherein identifying the authorized user comprises identifying a computer used by the authorized user based on at least one of an IP address or client cookie associated with said computer.
  - 6. The method of claim 1, wherein the updated authentication user interface comprises mutual authentication data associated with the authorized user and stored during a previous interaction with the authorized user.
  - 7. The method of claim 6, wherein the mutual authentication data comprises at least one of a picture, sound, or text string previously selected by the authorized user.
  - 8. The method of claim 1, further comprising:
    - receiving via the updated authentication user interface a second piece of client authentication data;
      
      authenticating the authorized user based on the first and second pieces of client data; and
      
      providing the authenticated authorized user with access to secure resources via the web page.
  - 9. The method of claim 8, wherein providing the authenticated authorized user with access to secure resources comprises one of transmitting data prompting a client computer to refresh the web page or transmitting data prompting a client computer to redirect the authorized user to another web page.

10. A method of authenticating a user to a web site, the method comprising:
- receiving data corresponding to web page content from a web server;
  
  receiving data corresponding to an authentication user interface from an authentication server different from the web server;
  
  displaying a web page comprising the web page content received from the web server, wherein the authentication user interface is integrated into the displayed web page;
  
  receiving client authentication data via the authentication user interface;
  
  transmitting the client authentication data to the authentication server;
  
  after transmitting the client authentication data, receiving an authentication confirmation corresponding to a valid user from the authentication server;
  
  in response to receiving the authentication confirmation, transmitting a signal to the web server to authenticate the valid user; and
  
  receiving updated web page content from the web server corresponding to a web page for the authenticated valid user.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The method of claim 10, wherein the signal transmitted to the web server prompts the web server to refresh the web page.
  - 12. The method of claim 10, wherein receiving data corresponding to the authentication user interface comprises:
    - transmitting a request including display parameters for the authentication user interface; and
      
      receiving data corresponding to a reusable widget control customized based on the display parameters.
  - 13. The method of claim 10, wherein the updated web page content comprises secure data corresponding to the authenticated valid user.
  - 14. The method of claim 10, wherein the received web page content comprises a web form including one or more user input fields, and wherein the updated web page content comprises data for populating the one or more user input fields of the web form based on the authenticated valid user.

15. A computing device configured to authenticate a user to a web site, the computing device comprising:
- a processor controlling at least some operations of the computing device; and
  
  a memory storing computer executable instructions that, when executed by the processor, cause the device to perform a method comprising;
  
  providing, by the computing device, an authentication user interface as an integrated component of a web page of a web server different from the computing device;
  
  receiving via the authentication user interface a first piece of client authentication data;
  
  identifying an authorized user based on the received first piece of client authentication data; and
  
  providing an updated authentication user interface comprising additional user interface data based on the received first piece of client authentication data, wherein the updated authentication user interface is provided without refreshing the web page.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The computing device of claim 15, wherein providing the authentication user interface comprises transmitting a reusable widget control to a client computer.
  - 17. The computing device of claim 15, wherein the updated authentication user interface comprises mutual authentication data associated with the authorized user and stored during a previous interaction with the authorized user.
  - 18. The computing device of claim 15, the method further comprising:
    - receiving via the updated authentication user interface a second piece of client authentication data;
      
      authenticating the authorized user based on the first and second pieces of client data; and
      
      providing the authenticated authorized user with access to secure resources via the web page.
  - 19. The computing device of claim 18, wherein providing the authenticated authorized user with access to secure resources comprises one of transmitting data prompting a client computer to refresh the web page or transmitting data prompting a client computer to redirect the authorized user to another web page.

20. A computing device configured to authenticate a user to a web site, the computing device comprising:
- a processor controlling at least some operations of the computing device; and
  
  a memory storing computer executable instructions that, when executed by the processor, cause the device to perform a method comprising;
  
  receiving a request for an authentication component from a web page providing by a web server and loaded on a client computer;
  
  parsing a requested set of component parameters from the request;
  
  transmitting code corresponding to an authentication widget based on the requested set of component parameters;
  
  receiving via the authentication widget a first piece of client authentication data identifying a valid user;
  
  transmitting to the authentication widget a second piece of mutual authentication data;
  
  receiving via the authentication widget a password associated with the valid user;
  
  initiating an authentication session object corresponding to the valid user;
  
  providing access to the authentication session object to the client computer via the authentication widget; and
  
  transmitting to the authentication widget data prompting the client computer to request the web server to refresh the web page and provide the web server with the data corresponding to the authentication session object.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Inskeep, Todd, Chayanam, Pavan, Miller, Eric William, Newton, Clay, Shroyer, David Charles
Primary Examiner(s)
CHEN, SHIN HON

Application Number

US12/100,170
Time in Patent Office

1,434 Days
Field of Search

None
US Class Current

726/5
CPC Class Codes

G06F 21/31 User authentication

G06F 21/34 involving the use of extern...

Reusable authentication experience tool

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

159 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Reusable authentication experience tool

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

159 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links