System and method for authenticating remote server access

US 8,265,600 B2
Filed: 07/12/2011
Issued: 09/11/2012
Est. Priority Date: 10/19/2006
Status: Active Grant

First Claim

Patent Images

1. An apparatus for authenticating that a valid user is accessing a website from a remote computer device comprising:

means for receiving user information from a computing device;

means for identifying a communication device based upon the user information;

means for transmitting an authentication request to the communication device on a wireless communication network, wherein the authentication request is configured to request at least an authentication key that is stored on the communication device;

means for receiving an authentication response from the communication device, the authentication response containing at least the authentication key;

means for determining if the authentication key is valid; and

means for granting the computing device access to a website if the authentication key is valid.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for providing secure authentication for website access or other secure transaction. In one embodiment, when a user accesses a website, the web server identifies the user, and sends an authentication request to the user'"'"'s mobile device. The mobile device receives the authentication requests and sends back authentication key to the web server. Upon verifying the authentication key, the web server grants access to the user.

49 Citations

View as Search Results

33 Claims

1. An apparatus for authenticating that a valid user is accessing a website from a remote computer device comprising:
- means for receiving user information from a computing device;
  
  means for identifying a communication device based upon the user information;
  
  means for transmitting an authentication request to the communication device on a wireless communication network, wherein the authentication request is configured to request at least an authentication key that is stored on the communication device;
  
  means for receiving an authentication response from the communication device, the authentication response containing at least the authentication key;
  
  means for determining if the authentication key is valid; and
  
  means for granting the computing device access to a website if the authentication key is valid.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The apparatus of claim 1, further comprising means for retrieving a user profile based on the user information.
  - 3. The apparatus of claim 1, further comprising:
    - means for generating a session code;
      
      means for displaying the generated session code to the user at the computing device; and
      
      means for determining if a session code received with the authentication response matches the generated session code.
  - 4. The apparatus of claim 1, wherein the authentication request is transmitted using a Short Message Service (SMS), text, code, Enhanced Message Service (EMS), Multimedia Message Service (MMS), Hyper Text Markup Language (HTML), or Rich Text Format (RTF) message via the wireless communication network to the communication device.
  - 5. The apparatus of claim 1, wherein the computing device is granted access by transmitting a message to the computing device.
  - 6. The apparatus of claim 1, wherein the authentication response is received via the wireless communication network from the communication device.
  - 7. The apparatus of claim 1, wherein the computing device and the communication device are the same device.

8. A wireless device for authenticating a user accessing a website comprising:
- means for receiving at the wireless device an authentication request from a server;
  
  means for prompting the user to enter a security code;
  
  means for verifying the security code;
  
  means for retrieving an authentication key from memory at the wireless device; and
  
  means for sending the authentication key to the server if the security code is verified.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The wireless device of claim 8, wherein the authentication request is received by a Short Message Service (SMS), text, code, Enhanced Message Service (EMS), Multimedia Message Service (MMS), Hyper Text Markup Language (HTML), or Rich Text Format (RTF) message via a wireless communication network from the server.
  - 10. The wireless device of claim 8, wherein the authentication key is sent via a wireless communication network to the server.
  - 11. The wireless device of claim 8, further comprising:
    - means for decrypting the authentication key after the authentication key is retrieved.
  - 12. The wireless device of claim 8, wherein the authentication request is received for the user accessing the website through another computing device.
  - 13. The wireless device of claim 8, further comprising:
    - means for providing a notice to the user; and
      
      means for receiving a password from the user.

14. An apparatus for providing a secure transaction for a remote computer device to a server, comprising:
- means for receiving user information from a computing device;
  
  means for identifying a communication device based upon the user information;
  
  means for transmitting an authentication request to the communication device, wherein the authentication request is configured to request at least an authentication key that is stored on the communication device;
  
  means for receiving an authentication response from the communication device, the authentication response containing at least the authentication key;
  
  means for determining if the authentication key is valid; and
  
  means for performing the secure transaction with the computing device if the authentication key is valid.
- View Dependent Claims (15, 16, 17)
- - 15. The apparatus of claim 14, further comprising:
    - means for generating a session code;
      
      means for displaying the generated session code to a user at the computing device; and
      
      means for determining if a session code received with the authentication response matches the generated session code.
  - 16. The apparatus of claim 14, further comprising means for transmitting a Short Message Service (SMS), text, code, Enhanced Message Service (EMS), Multimedia Message Service (MMS), Hyper Text Markup Language (HTML), or Rich Text Format (RTF) message via a wireless communication network to the communication device.
  - 17. The apparatus of claim 14, wherein the computing device and the communication device are the same device, and means for transmitting occurs on the computing device.

18. A non-transitory computer-readable medium comprising instructions, which, when executed by a machine, cause the machine to perform operations, the instructions comprising:
- at least one instruction to receive user information from a computing device;
  
  at least one instruction to identify a communication device based upon the user information;
  
  at least one instruction to transmit an authentication request to the communication device, wherein the authentication request is configured to request at least an authentication key that is stored on the communication device;
  
  at least one instruction to receive an authentication response from the communication device, the authentication response containing at least the authentication key;
  
  at least one instruction to determine if the authentication key is valid; and
  
  at least one instruction to perform a secure transaction with the computing device if the authentication key is valid.
- View Dependent Claims (19, 20)
- - 19. The non-transitory computer-readable medium of claim 18, further comprising:
    - at least one instruction to generate a session code;
      
      at least one instruction to display the generated session code to a user at the computing device; and
      
      at least one instruction to determine if a session code received with the authentication response matches the generated session code.
  - 20. The non-transitory computer-readable medium of claim 19, wherein the computing device and the communication device are the same device, and the instructions to transmit occurs on the computing device.

21. A method for authenticating that a valid user is accessing a serving computer device from a remote computer device comprising:
- transmitting user information from the remote computer device, wherein the remote computer device includes a cellular modem;
  
  receiving an authentication request via the cellular modem over a wireless communication network, wherein the authentication request is configured to request at least an authentication key that is stored on the remote computer device;
  
  transmitting an authentication response from the remote computer device, the authentication response containing at least the authentication key; and
  
  receiving a message granting the remote computer device access to the serving computer device if the authentication key is valid.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 22. The method of claim 21, further comprising:
    - receiving a session code; and
      
      transmitting the session code received with the authentication response.
  - 23. The method of claim 21, further comprising:
    - displaying the session code at the remote computer device.
  - 24. The method of claim 21, wherein the authentication request is received using a Short Message Service (SMS), text, code, Enhanced Message Service (EMS), Multimedia Message Service (MMS), Hyper Text Markup Language (HTML), or Rich Text Format (RTF) message via the wireless communication network.
  - 25. The method of claim 21, comprising:
    - accessing the serving computer device.
  - 26. The method of claim 21, wherein the authentication response is transmitted via the wireless communication network from the cellular modem.
  - 27. The method of claim 21, wherein the remote computing device is a cellular telephone, personal digital assistants (PDAs), laptop computers, hand-held communication device, stationary communication device, or portable communication device that support wireless communication.
  - 28. The method of claim 21, wherein the user information from the remote computer device is communicated on a first communication pathway and the authentication request is communicated on a second communication pathway.
  - 29. The method of claim 21, wherein the user information from the remote computer device and the authentication request is communicated on the same communication pathway.
  - 30. The method of claim 21, wherein the same communication pathway is at least one of Real-time Transport Protocol (RTP) or Transmission Control Protocol/Internet Protocol (TCP/IP).

31. A remote computer device configured to authenticate that a valid user can access a serving computer device, the remote computer device comprising:
- means for transmitting user information from the remote computer device, wherein the remote computer device includes a cellular modem;
  
  means for receiving an authentication request via the cellular modem over a wireless communication network, wherein the authentication request is configured to request at least an authentication key that is stored on the remote computer device;
  
  means for transmitting an authentication response from the remote computer device, the authentication response containing at least the authentication key; and
  
  means for receiving a message granting the remote computer device access to the serving computer device if the authentication key is valid.

32. A non-transitory computer-readable medium comprising instructions, which, when executed by a remote computer device, cause the remote computer device to perform operations for authenticating that a valid user is accessing a serving computer device, the instructions comprising:
- at least one instruction to transmit user information from the remote computer device, wherein the remote computer device includes a cellular modem;
  
  at least one instruction to receive an authentication request via the cellular modem over a wireless communication network, wherein the authentication request is configured to request at least an authentication key that is stored on the remote computer device;
  
  at least one instruction to transmit an authentication response from the remote computer device, the authentication response containing at least the authentication key; and
  
  at least one instruction to receive a message granting the remote computer device access to the serving computer device if the authentication key is valid.

33. A remote computer device configured to authenticate that a valid user can access a serving computer device, the remote computer device comprising:
- an authentication unit configured;
  
  to transmit user information from the remote computer device, wherein the remote computer device includes a cellular modem;
  
  to receive an authentication request via the cellular modem over a wireless communication network, wherein the authentication request is configured to request at least an authentication key that is stored on the remote computer device;
  
  to transmit an authentication response from the remote computer device, the authentication response containing at least the authentication key; and
  
  to receive a message granting the remote computer device access to the serving computer device if the authentication key is valid.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
Qualcomm, Inc.
Inventors
Baysinger, Mark Wayne
Primary Examiner(s)
RAMPURIA, SHARAD K

Application Number

US13/181,494
Publication Number

US 20110271114A1
Time in Patent Office

427 Days
Field of Search

455410-411, 455419-420, 709203-206
US Class Current

455/411
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless network architectu...

H04L 63/0428   wherein the data content is...

H04L 63/083   using passwords cryptograph...

H04L 9/3215   using a plurality of channe...

H04L 9/3226   using a predetermined code,...

H04L 9/3234   involving additional secure...

System and method for authenticating remote server access

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

49 Citations

33 Claims

Specification

Use Cases

Quick Links

Others

System and method for authenticating remote server access

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

49 Citations

33 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others