System for three level authentication of a user

US 8,407,762 B2
Filed: 10/29/2010
Issued: 03/26/2013
Est. Priority Date: 07/01/2010
Status: Active Grant

First Claim

Patent Images

1. A system for authenticating a user, said system performing three level authentication on the basis of selection of at least one predefined image from a plurality of images including decoy images and further selection of at least one predefined tile in the tiled version of the selected images to generate a transaction key, said system comprising:

an authentication server comprisingan authentication repository storing user authentication data including at least one password image serving as correct response for a first level authentication challenge, tiled version of password image and at least one password tile serving as correct response for second level authentication challenge;

first authentication challenge generation means adapted to generate a first level authentication challenge for the user by formulating a group of images including a plurality of decoy images and said at least one password image to be displayed on user'"'"'s computing node;

transmitting means adapted to transmit said first level authentication challenge, at least one password image, tiled version of password image and at least one password tile on to a user'"'"'s computing node;

user'"'"'s computing node receiving said first level authentication challenge, at least one password image, tiled version of password image and at least one password tile, said user'"'"'s computing node includingdisplaying means adapted to display the group of images contained in said received first level authentication challenge;

first selection means adapted to allow the user to select at least one image from the plurality of images displayed on the computing node;

second authentication challenge generation means adapted to generate second level authentication challenge by displaying the tiled version of the password image containing a plurality of tiles in case the selected image is the password image;

frame locomotion means adapted to provide an outlining frame randomly moving across each of the plurality of tiles after a finite delay;

second selection means adapted to allow the user to select at least one tile currently outlined by said outlining frame from the plurality of tiles displayed on the computing node; and

authenticating message generation means adapted to generate authenticating message in case the selected tile is the password tile;

a transaction key generating server cooperating with said user'"'"'s computing node and configured to transmit a transaction key to said user'"'"'s computer node on receiving an authenticating message from said authentication message generation means, said transaction key to be used for final account login and grant of transaction rights.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for three level authentication of a user has been disclosed. The system 100 performs three level authentication: first level being selection of at least one predefined image from a plurality of images including decoy images; second level being selection of at least one predefined tile in the tiled version of the selected images to generate a transaction key; and the third level being entering a transaction key generated after first and second level are successfully completed, which is used for final account login and grant of transaction rights. The authentication is done on user'"'"'s computing node 110 by communicating with authentication server 102 for first and second level authentication and the transaction key for third level authentication being generated by transaction key generating server 124 and transmitted on to user'"'"'s computing node.

16 Citations

View as Search Results

13 Claims

1. A system for authenticating a user, said system performing three level authentication on the basis of selection of at least one predefined image from a plurality of images including decoy images and further selection of at least one predefined tile in the tiled version of the selected images to generate a transaction key, said system comprising:
- an authentication server comprisingan authentication repository storing user authentication data including at least one password image serving as correct response for a first level authentication challenge, tiled version of password image and at least one password tile serving as correct response for second level authentication challenge;
  
  first authentication challenge generation means adapted to generate a first level authentication challenge for the user by formulating a group of images including a plurality of decoy images and said at least one password image to be displayed on user'"'"'s computing node;
  
  transmitting means adapted to transmit said first level authentication challenge, at least one password image, tiled version of password image and at least one password tile on to a user'"'"'s computing node;
  
  user'"'"'s computing node receiving said first level authentication challenge, at least one password image, tiled version of password image and at least one password tile, said user'"'"'s computing node includingdisplaying means adapted to display the group of images contained in said received first level authentication challenge;
  
  first selection means adapted to allow the user to select at least one image from the plurality of images displayed on the computing node;
  
  second authentication challenge generation means adapted to generate second level authentication challenge by displaying the tiled version of the password image containing a plurality of tiles in case the selected image is the password image;
  
  frame locomotion means adapted to provide an outlining frame randomly moving across each of the plurality of tiles after a finite delay;
  
  second selection means adapted to allow the user to select at least one tile currently outlined by said outlining frame from the plurality of tiles displayed on the computing node; and
  
  authenticating message generation means adapted to generate authenticating message in case the selected tile is the password tile;
  
  a transaction key generating server cooperating with said user'"'"'s computing node and configured to transmit a transaction key to said user'"'"'s computer node on receiving an authenticating message from said authentication message generation means, said transaction key to be used for final account login and grant of transaction rights.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system as claimed in claim 1, wherein said second authentication challenge generation means includes first sequence checking means adapted to check the sequence of selection of images, selected in the previous stage in case of multiple password images serving as correct response for first level authentication challenge.
  - 3. The system as claimed in claim 1, wherein said authenticating message generation means includes second sequence checking means adapted to check the sequence of selection of tiles, selected in the previous stage in case of multiple password images serving as correct response for second level authentication challenge.
  - 4. The system as claimed in claim 1, wherein said computing node is selected from the group consisting of mobile phone, PDA, iPOD, iPAD, computer, laptop, and TV.
  - 5. The system as claimed in claim 1, wherein transaction key is entered on a second computing means.
  - 6. The system as claimed in claim 1, wherein said transmitting means transmits said first level authentication challenge and tiled version of password image on to a user'"'"'s computing node using connection selected from the group consisting of GSM connection, CDMA connection, internet, GPRS, Bluetooth, RFID and EDGE.
  - 7. The system as claimed in claim 1, wherein said system includes conventional authentication means adapted to challenge user to enter correct alphanumeric username and password to continue authentication.
  - 8. The system as claimed in claim 1, wherein said authentication repository is populated during user registration phase.

9. A method for authenticating a user, said method performing three level authentication on the basis of selection of at least one predefined image from a plurality of images including decoy images and further selection of at least one predefined tile in the tiled version of the selected images to generate a transaction key, said method comprising the steps ofstoring user authentication data including at least one password image serving as correct response for a first level authentication challenge, tiled version of password image and at least one password tile serving as correct response for second level authentication challenge;
- generating a first level authentication challenge for the user by formulating a group of images including a plurality of decoy images and said at least one password image to be displayed on user'"'"'s computing node;
  
  transmitting first level authentication challenge, at least one password image, tiled version of password image and at least one password tile on to a user'"'"'s computing node;
  
  receiving said first level authentication challenge, at least one password image, tiled version of password image and at least one password tile displaying the group of images contained in said received first level authentication challenge;
  
  selecting at least one image from the plurality of images displayed on the computing node;
  
  generating second level authentication challenge by displaying the tiled version of the password image containing a plurality of tiles in case the selected image is the password image;
  
  providing an outlining frame randomly moving across each of the plurality of tiles after a finite delay;
  
  selecting at least one tile currently outlined by said outlining frame from the plurality of tiles displayed on the computing node;
  
  generating authenticating message in case the selected tile is the password tile and transmitting said authenticating message to a transaction key generating server; and
  
  transmitting a transaction key to the user'"'"'s computing node on receiving an authenticating message, using said transaction key for final account login and grant of transaction rights.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The method as claimed in claim 9, wherein said method includes the step of challenging the user to enter correct alphanumeric username and password to continue authentication.
  - 11. The method as claimed in claim 9, wherein the step of storing user authentication data in the authentication repository is performed during user registration phase.
  - 12. The method as claimed in claim 9, wherein the step of selecting at least one image from the plurality of images displayed on the computing node includes the step of checking the sequence of selection of images, selected in the previous stage in case of multiple password images serving as correct response for first level authentication challenge.
  - 13. The method as claimed in claim 9, wherein the step of generating authenticating message in case the selected tile is the password tile includes the step of checking the sequence of selection of tiles, selected in the previous stage in case of multiple password tiles serving as correct response for second level authentication challenge.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
TATA Consultancy Services Limited (Tata Sons Pvt Ltd.)
Original Assignee
TATA Consultancy Services Limited (Tata Sons Pvt Ltd.)
Inventors
Bidare, Prasanna
Primary Examiner(s)
Smithers, Matthew

Application Number

US12/915,968
Publication Number

US 20120005735A1
Time in Patent Office

879 Days
Field of Search

726/7
US Class Current

726/2
CPC Class Codes

G06F 21/36   by graphic or iconic repres...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless network architectu...

H04L 2463/082   applying multi-factor authe...

H04L 9/321   involving a third party or ...

H04L 9/3226   using a predetermined code,...

H04L 9/3271   using challenge-response

H04W 12/06   Authentication

H04W 12/77   Graphical identity

System for three level authentication of a user

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

16 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

System for three level authentication of a user

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

16 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links