System for three level authentication of a user
First Claim
1. A system for authenticating a user, said system performing three level authentication on the basis of selection of at least one predefined image from a plurality of images including decoy images and further selection of at least one predefined tile in the tiled version of the selected images to generate a transaction key, said system comprising:
- an authentication server comprisingan authentication repository storing user authentication data including at least one password image serving as correct response for a first level authentication challenge, tiled version of password image and at least one password tile serving as correct response for second level authentication challenge;
first authentication challenge generation means adapted to generate a first level authentication challenge for the user by formulating a group of images including a plurality of decoy images and said at least one password image to be displayed on user'"'"'s computing node;
transmitting means adapted to transmit said first level authentication challenge, at least one password image, tiled version of password image and at least one password tile on to a user'"'"'s computing node;
user'"'"'s computing node receiving said first level authentication challenge, at least one password image, tiled version of password image and at least one password tile, said user'"'"'s computing node includingdisplaying means adapted to display the group of images contained in said received first level authentication challenge;
first selection means adapted to allow the user to select at least one image from the plurality of images displayed on the computing node;
second authentication challenge generation means adapted to generate second level authentication challenge by displaying the tiled version of the password image containing a plurality of tiles in case the selected image is the password image;
frame locomotion means adapted to provide an outlining frame randomly moving across each of the plurality of tiles after a finite delay;
second selection means adapted to allow the user to select at least one tile currently outlined by said outlining frame from the plurality of tiles displayed on the computing node; and
authenticating message generation means adapted to generate authenticating message in case the selected tile is the password tile;
a transaction key generating server cooperating with said user'"'"'s computing node and configured to transmit a transaction key to said user'"'"'s computer node on receiving an authenticating message from said authentication message generation means, said transaction key to be used for final account login and grant of transaction rights.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for three level authentication of a user has been disclosed. The system 100 performs three level authentication: first level being selection of at least one predefined image from a plurality of images including decoy images; second level being selection of at least one predefined tile in the tiled version of the selected images to generate a transaction key; and the third level being entering a transaction key generated after first and second level are successfully completed, which is used for final account login and grant of transaction rights. The authentication is done on user'"'"'s computing node 110 by communicating with authentication server 102 for first and second level authentication and the transaction key for third level authentication being generated by transaction key generating server 124 and transmitted on to user'"'"'s computing node.
16 Citations
13 Claims
-
1. A system for authenticating a user, said system performing three level authentication on the basis of selection of at least one predefined image from a plurality of images including decoy images and further selection of at least one predefined tile in the tiled version of the selected images to generate a transaction key, said system comprising:
-
an authentication server comprising an authentication repository storing user authentication data including at least one password image serving as correct response for a first level authentication challenge, tiled version of password image and at least one password tile serving as correct response for second level authentication challenge; first authentication challenge generation means adapted to generate a first level authentication challenge for the user by formulating a group of images including a plurality of decoy images and said at least one password image to be displayed on user'"'"'s computing node; transmitting means adapted to transmit said first level authentication challenge, at least one password image, tiled version of password image and at least one password tile on to a user'"'"'s computing node; user'"'"'s computing node receiving said first level authentication challenge, at least one password image, tiled version of password image and at least one password tile, said user'"'"'s computing node including displaying means adapted to display the group of images contained in said received first level authentication challenge; first selection means adapted to allow the user to select at least one image from the plurality of images displayed on the computing node; second authentication challenge generation means adapted to generate second level authentication challenge by displaying the tiled version of the password image containing a plurality of tiles in case the selected image is the password image; frame locomotion means adapted to provide an outlining frame randomly moving across each of the plurality of tiles after a finite delay; second selection means adapted to allow the user to select at least one tile currently outlined by said outlining frame from the plurality of tiles displayed on the computing node; and authenticating message generation means adapted to generate authenticating message in case the selected tile is the password tile; a transaction key generating server cooperating with said user'"'"'s computing node and configured to transmit a transaction key to said user'"'"'s computer node on receiving an authenticating message from said authentication message generation means, said transaction key to be used for final account login and grant of transaction rights. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for authenticating a user, said method performing three level authentication on the basis of selection of at least one predefined image from a plurality of images including decoy images and further selection of at least one predefined tile in the tiled version of the selected images to generate a transaction key, said method comprising the steps of
storing user authentication data including at least one password image serving as correct response for a first level authentication challenge, tiled version of password image and at least one password tile serving as correct response for second level authentication challenge; -
generating a first level authentication challenge for the user by formulating a group of images including a plurality of decoy images and said at least one password image to be displayed on user'"'"'s computing node; transmitting first level authentication challenge, at least one password image, tiled version of password image and at least one password tile on to a user'"'"'s computing node; receiving said first level authentication challenge, at least one password image, tiled version of password image and at least one password tile displaying the group of images contained in said received first level authentication challenge; selecting at least one image from the plurality of images displayed on the computing node; generating second level authentication challenge by displaying the tiled version of the password image containing a plurality of tiles in case the selected image is the password image; providing an outlining frame randomly moving across each of the plurality of tiles after a finite delay; selecting at least one tile currently outlined by said outlining frame from the plurality of tiles displayed on the computing node; generating authenticating message in case the selected tile is the password tile and transmitting said authenticating message to a transaction key generating server; and transmitting a transaction key to the user'"'"'s computing node on receiving an authenticating message, using said transaction key for final account login and grant of transaction rights. - View Dependent Claims (10, 11, 12, 13)
-
Specification