Multi factor authentication
First Claim
1. A method of authenticating a user for accessing a resource, said method relying on multi-factor authentication of the user, the method comprising the steps of:
- associating the user with registration information particular to the user, wherein said registration information includes a first factor authentication information;
associating the user with a second factor authentication information;
subsequent to associating the user with a second factor authentication information, receiving information of a first instance of a first factor authentication step, said first factor authentication step comprising the user inputting a first live user authentication information across a first communications network and matching the first live user authentication information to the registered first factor authentication information;
confirming that the first live user authentication information matches the first factor authentication information for the user;
upon receipt of the information of the first instance of the first factor authentication step, performing a first instance of a second factor authentication step, said second factor authentication step comprising—
placing a telephone call or sending a text message to the user across a second communications network and at a previously-stored number associated with a telecommunications device of the user,in response to placing said telephone call or sending said text message to the user, receiving a second live user authentication information inputted by the user at the user'"'"'s telecommunications device,confirming that said second live user authentication information provided by the user via the user'"'"'s telecommunications device matches the second factor authentication information associated with the user, andupon confirming that the second live user authentication information matches the second factor authentication information, identifying the user as being authorized to access the resource;
wherein said second live user authentication information is only the pound key or only the star key on a keypad of the user'"'"'s telecommunications device;
receiving information of the user performing a second instance of said first factor authentication step;
determining if the second instance of said first factor authentication step is within a predetermined period of time since the first instance of said second factor authentication step;
if the second instance of said first factor authentication step is outside the predetermined period of time, performing a second instance of said second factor authentication step for the user; and
if the second instance of said first factor authentication step is within the predetermined period of time, not performing the second instance of said second factor authentication step for the user.
3 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, a network element comprises one or more processors, and a memory module communicatively coupled to the processor. The memory module comprises logic instructions which, when executed by the processor, configure the processor to receive, via a first communication channel, a primary authentication request transmitted from a user from a first device, process the primary authentication request to determine whether the user is authorized to access one or more resources, in response to a determination that the user is authorized to access one or more resources, initiate, a secondary authentication request, and transmit the secondary authentication request from the network element to the user via a second communication channel, different from the first communication channel.
-
Citations
22 Claims
-
1. A method of authenticating a user for accessing a resource, said method relying on multi-factor authentication of the user, the method comprising the steps of:
-
associating the user with registration information particular to the user, wherein said registration information includes a first factor authentication information; associating the user with a second factor authentication information; subsequent to associating the user with a second factor authentication information, receiving information of a first instance of a first factor authentication step, said first factor authentication step comprising the user inputting a first live user authentication information across a first communications network and matching the first live user authentication information to the registered first factor authentication information; confirming that the first live user authentication information matches the first factor authentication information for the user; upon receipt of the information of the first instance of the first factor authentication step, performing a first instance of a second factor authentication step, said second factor authentication step comprising— placing a telephone call or sending a text message to the user across a second communications network and at a previously-stored number associated with a telecommunications device of the user, in response to placing said telephone call or sending said text message to the user, receiving a second live user authentication information inputted by the user at the user'"'"'s telecommunications device, confirming that said second live user authentication information provided by the user via the user'"'"'s telecommunications device matches the second factor authentication information associated with the user, and upon confirming that the second live user authentication information matches the second factor authentication information, identifying the user as being authorized to access the resource; wherein said second live user authentication information is only the pound key or only the star key on a keypad of the user'"'"'s telecommunications device; receiving information of the user performing a second instance of said first factor authentication step; determining if the second instance of said first factor authentication step is within a predetermined period of time since the first instance of said second factor authentication step; if the second instance of said first factor authentication step is outside the predetermined period of time, performing a second instance of said second factor authentication step for the user; and if the second instance of said first factor authentication step is within the predetermined period of time, not performing the second instance of said second factor authentication step for the user. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable storage medium with an executable program stored thereon for directing operation of at least one computer to authenticate a user for accessing a resource, wherein the program instructs the at least one computer to perform the following steps:
-
associate the user with registration information particular to the user, wherein said registration information includes a first factor authentication information; associate the user with a second factor authentication information; subsequent to associating the user with a second factor authentication information, receive information of a first instance of a first factor authentication step, said first factor authentication step comprising the user inputting a first live user authentication information across a first communications network and match the first live user authentication information to the registered first factor authentication information; confirm that the first live user authentication information matches the first factor authentication information for the user; upon receipt of the information of the first instance of the first factor authentication step, perform a first instance of a second factor authentication step, said second factor authentication step comprising— place a telephone call or send a text message to the user across a second communications network and at a previously-stored number associated with a telecommunications device of the user, in response to placing said telephone call or sending said text message to the user, receive a second live user authentication information inputted by the user at the user'"'"'s telecommunications device, confirm that said second live user authentication information provided by the user via the user'"'"'s telecommunications device matches the second factor authentication information associated with the user, and upon confirming that the second live user authentication information matches the second factor authentication information, identify the user as being authorized to access the resource; wherein said second live user authentication information is only the pound key or only the star key on a keypad of the user'"'"'s telecommunications device; receive information of the user performing a second instance of said first factor authentication step; determine if the second instance of said first factor authentication step is within a predetermined period of time since the first instance of said second factor authentication step; if the second instance of said first factor authentication step is outside the predetermined period of time, perform a second instance of said second factor authentication step for the user; and if the second instance of said first factor authentication step is within the predetermined period of time, not perform the second instance of said second factor authentication step for the user. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method of authenticating a user for accessing a resource, wherein the user registered with the resource prior to accessing the resource, and during said registration, the user provided registration information comprising a first factor authentication information, and upon the user accessing the resource, the user provides a first live user authentication information to the resource across a first communications network for comparison to the first factor authentication information, and further wherein the user is associated with a second factor authentication information, the method comprising the steps of:
-
subsequent to associating the user with the second factor authentication information, receiving information of a first instance of a first factor authentication step, said first factor authentication step comprising the user inputting the first live user authentication information across the first communications network and matching the first live user authentication information to the registered first factor authentication information; upon receipt of the information of the first instance of the first factor authentication step, performing a first instance of a second factor authentication step, said second factor authentication step comprising— placing a telephone call or sending a text message to the user across a second communications network and at a previously-stored number associated with a telecommunications device of the user, in response to placing said telephone call or sending said text message to the user, receiving a second live user authentication information inputted by the user at the user'"'"'s telecommunications device, confirming that said second live user authentication information provided by the user via the user'"'"'s telecommunications device matches the second factor authentication information associated with the user, and upon confirming that the second live user authentication information matches the second factor authentication information, identifying the user as being authorized to access the resource; wherein said second live user authentication information is only the pound key or only the star key on a keypad of the user'"'"'s telecommunications device; receiving information of the user performing a second instance of said first factor authentication step; determining if the second instance of said first factor authentication step is within a predetermined period of time since the first instance of said second factor authentication step; if the second instance of said first factor authentication step is outside the predetermined period of time, performing a second instance of said second factor authentication step for the user; and if the second instance of said first factor authentication step is within the predetermined period of time, not performing the second instance of said second factor authentication step for the user. - View Dependent Claims (16, 17, 18)
-
-
19. A non-transitory computer-readable storage medium with an executable program stored thereon for directing operation of at least one computer to authenticate a user for accessing a resource, wherein the user registered with the resource prior to accessing the resource, and during said registration, the user provided registration information comprising a first factor authentication information, and upon the user accessing the resource, the user provides a first live user authentication information to the resource across a first communications network for comparison to the first factor authentication information, and further wherein the user is associated with a second factor authentication information, wherein the program instructs the at least one computer to perform the following steps:
-
subsequent to associating the user with the second factor authentication information, receive information of a first instance of a first factor authentication step, said first factor authentication step comprising the user inputting the first live user authentication information across the first communications network and matching the first live user authentication information to the registered first factor authentication information; upon receipt of the information of the first instance of the first factor authentication step, perform a first instance of a second factor authentication step, said second factor authentication step comprising— place a telephone call or send a text message to the user across a second communications network and at a previously-stored number associated with a telecommunications device of the user, in response to placing said telephone call or sending said text message to the user, receive a second live user authentication information inputted by the user at the user'"'"'s telecommunications device, confirm that said second live user authentication information provided by the user via the user'"'"'s telecommunications device matches the second factor authentication information associated with the user, and upon confirming that the second live user authentication information matches the second factor authentication information, identify the user as being authorized to access the resource; wherein said second live user authentication information is only the pound key or only the star key on a keypad of the user'"'"'s telecommunication'"'"'s device; receive information of the user performing a second instance of said first factor authentication step; determine if the second instance of said first factor authentication step is within a predetermined period of time since the first instance of said first factor authentication step; if the second instance of said first factor authentication step is outside the predetermined period of time, perform a second instance of said second factor authentication step for the user; and if the second instance of said first factor authentication step is within the predetermined period of time, not perform the second instance of said second factor authentication step for the user. - View Dependent Claims (20, 21, 22)
-
Specification