Method and apparatus for enabling a user to select an authentication method

US 8,255,982 B2
Filed: 04/22/2011
Issued: 08/28/2012
Est. Priority Date: 01/03/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

checking, by a computer-based system for determining a minimum security level for authentication, for a cookie residing on a user computing unit, wherein the host computer reads the preference set in the cookie;

identifying a user, by the computer-based system, in response to the preference set including information regarding the minimum level of security for authentication of the user;

enabling, by the computer-based system, the user to register with the host and select an authentication method in response to the preference set not including information regarding the minimum level of security for authentication of the user;

allowing, by the computer-based system, a change from at least one of a first authentication method or a second authentication method to a third authentication method from a plurality of methods of authentication, without accessing a first restricted service or a second restricted service, respectively, wherein the first method of authentication is associated with the first restricted service, and wherein the second method of authentication is associated with the second restricted service;

receiving, by the computer-based system, a request for access to at least one of the first restricted service or the second restricted service; and

granting, by the computer-based system, access to at least one of the first restricted service in response to receiving predetermined input associated with the first method of authentication or the second restricted service in response to receiving predetermined input associated with the second method of authentication.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention facilitates access to a restricted service related to secure transactions via a network. The present invention allows a user to select a minimum security level of authentication for its own login to a restricted service. The user'"'"'s selected minimum security level of authentication may be registered in an authentication method system, so that the user must use the selected minimum security level for authentication in order to gain access to the restricted service. Alternatively, the user may specify that the selected minimum security level for authentication may be over-turned by the user, or optionally re-set to a new authentication method depending on the needs of the user. As such, the present invention allows the user the flexibility to select its own authentication method for accessing a restricted service.

Citations

19 Claims

1. A method comprising:
- checking, by a computer-based system for determining a minimum security level for authentication, for a cookie residing on a user computing unit, wherein the host computer reads the preference set in the cookie;
  
  identifying a user, by the computer-based system, in response to the preference set including information regarding the minimum level of security for authentication of the user;
  
  enabling, by the computer-based system, the user to register with the host and select an authentication method in response to the preference set not including information regarding the minimum level of security for authentication of the user;
  
  allowing, by the computer-based system, a change from at least one of a first authentication method or a second authentication method to a third authentication method from a plurality of methods of authentication, without accessing a first restricted service or a second restricted service, respectively, wherein the first method of authentication is associated with the first restricted service, and wherein the second method of authentication is associated with the second restricted service;
  
  receiving, by the computer-based system, a request for access to at least one of the first restricted service or the second restricted service; and
  
  granting, by the computer-based system, access to at least one of the first restricted service in response to receiving predetermined input associated with the first method of authentication or the second restricted service in response to receiving predetermined input associated with the second method of authentication.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein the selection of the authentication method comprises:
    - causing, by the computer-based system, a user interface to display input fields corresponding to the first method of authentication in response to the request being associated with the first restricted service; and
      
      causing, by the computer-based system, the user interface to display input fields corresponding to the second method of authentication in response to the request being associated with the second restricted service.
  - 3. The method of claim 1, further comprising authorizing the user to access a restricted service controlled by the host.
  - 4. The method of claim 1, further comprising enabling the user to gain access to a restricted service upon validating the user'"'"'s selected authentication method.
  - 5. The method of claim 1, wherein at least one of the first restricted service or the second restricted service is provided by a restricted service provider.
  - 6. The method of claim 1, wherein the plurality of methods of authentication are presented by a restricted service provider.
  - 7. The method of claim 1, wherein the plurality of methods of authentication includes at least one of:
    - user identification and password;
      
      user identification and pass-phrase;
      
      smart card and PIN;
      
      smart card and digital certificate;
      
      biometrics;
      
      sound verification;
      
      radio frequency and password;
      
      infrared and password;
      
      or handheld computing device and digital certificate.
  - 8. The method of claim 1, further comprising receiving a selection of more than one method of authentication, from the plurality of methods of authentication for access to the first restricted service.
  - 9. The method of claim 1, further comprising registering at least one of the first method of authentication or the second method of authentication as a minimum level of security for access to at least one of the first restricted service or the second restricted service.
  - 10. The method of claim 1, further comprising presenting, by the computer-based system, a query dialog box to query for selection of a level of security from a plurality of levels of security.
  - 11. The method of claim 1, further comprising presenting, by the computer-based system, a query dialog box to query for selection of a level of security from a plurality of levels of security presented by the first restricted service provider.
  - 12. The method of claim 10, wherein the plurality of levels of security correspond to a plurality of methods of authentication.
  - 13. The method of claim 10, wherein the plurality of levels of security correspond to a plurality of methods of authentication, wherein the plurality of methods of authentication includes at least one of;
    - user identification and password;
      
      user identification and pass-phrase;
      
      smart card and PIN;
      
      smart card and digital certificate;
      
      biometrics;
      
      sound verification;
      
      radio frequency and password;
      
      infrared and password;
      
      or handheld computing device and digital certificate.
  - 14. The method of claim 10, further comprising receiving a selection of more than one level of security, from the plurality of levels of security, for access to the first restricted service.
  - 15. The method of claim 1, further comprising receiving a selection of a fourth method of authentication, from the plurality of methods of authentication, for access to the second restricted service.
  - 16. The method of claim 1, further comprising restricting at least one of the first method of authentication or the second method of authentication to at least one of specific times of the day, specific locations or specific days.
  - 17. The method of claim 1, further comprising restricting at the least one of the first method of authentication or the second method of authentication to a user being a member of a specific group.

18. An article of manufacture including a non-transitory, tangible computer readable storage medium having instructions stored thereon that, in response to execution by a computer-based system for determining a minimum security level for authentication, cause the computer-based system to perform operations comprising:
- checking, by the computer-based system, for a cookie residing on a user computing unit, wherein the host computer reads the preference set in the cookie;
  
  identifying a user, by the computer-based system, in response to the preference set including information regarding the minimum level of security for authentication of the user;
  
  enabling, by the computer-based system, the user to register with the host and select an authentication method in response to the preference set not including information regarding the minimum level of security for authentication of the user;
  
  allowing, by the computer-based system, a change from at least one of a first authentication method or a second authentication method to a third authentication method from a plurality of methods of authentication, without accessing a first restricted service or a second restricted service, respectively, wherein the first method of authentication is associated with the first restricted service, and wherein the second method of authentication is associated with the second restricted service;
  
  receiving, by the computer-based system, a request for access to at least one of the first restricted service or the second restricted service; and
  
  granting, by the computer-based system, access to at least one of the first restricted service in response to receiving predetermined input associated with the first method of authentication or the second restricted service in response to receiving predetermined input associated with the second method of authentication.

19. A system comprising:
- a processor for determining a minimum security level for authentication,a tangible, non-transitory memory configured to communicate with the processor,the tangible, non-transitory memory having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations comprising;
  
  checking, by the processor, for a cookie residing on a user computing unit, wherein the host computer reads the preference set in the cookie;
  
  identifying a user, by the processor, in response to the preference set including information regarding the minimum level of security for authentication of the user;
  
  enabling, by the processor, the user to register with the host and select an authentication method in response to the preference set not including information regarding the minimum level of security for authentication of the user;
  
  allowing, by the processor, a change from at least one of a first authentication method or a second authentication method to a third authentication method from a plurality of methods of authentication, without accessing a first restricted service or a second restricted service, respectively, wherein the first method of authentication is associated with the first restricted service, and wherein the second method of authentication is associated with the second restricted service;
  
  receiving, by the processor, a request for access to at least one of the first restricted service or the second restricted service; and
  
  granting, by the processor, access to at least one of the first restricted service in response to receiving predetermined input associated with the first method of authentication or the second restricted service in response to receiving predetermined input associated with the second method of authentication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Liberty Peak Ventures, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Inventors
Nambiar, Anant, Foley, James M., Johnson, Rick D.
Primary Examiner(s)
Pyzocha, Michael

Application Number

US13/092,810
Publication Number

US 20110197265A1
Time in Patent Office

494 Days
Field of Search

726/6, 713/182
US Class Current

726/6
CPC Class Codes

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/105   Multiple levels of security

H04L 63/205   involving negotiation or de...

Method and apparatus for enabling a user to select an authentication method

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for enabling a user to select an authentication method

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links