Systems and methods for multifactor authentication
First Claim
1. A method for performing an authentication, in conjunction with a transaction, utilizing a primary communication channel and a secondary communication channel, the primary and secondary communication channels being adapted for long-range communication, the method comprising:
- an authenticating entity, in the form of a processing machine, receiving from a customer primary authentication information via a primary channel;
the processing machine of the authenticating entity processing the primary authentication information, and retrieving customer information based on the primary authentication information;
the processing machine of the authenticating entity transmitting secondary authentication information to the customer via a secondary channel, the secondary channel being different than the primary channel;
the processing machine of the authenticating entity receiving from the customer via the primary channel at least a portion of the secondary authentication information;
the processing machine of the authenticating entity performing authentication processing on the secondary authentication information received from the customer; and
based on the successful authentication of the primary authentication information and the secondary authentication information received from the customer, the processing machine of the authenticating entity approving the customer for the transaction,wherein the primary channel is the Internet and the secondary channel is one selected from the group consisting of a telephone call, text message, and e-mail to the customer.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention provides a method for performing an authentication (and a system for performing the method), in conjunction with a transaction, utilizing a primary channel and a secondary channel. The method may include an authenticating entity, such as a bank, (1) receiving from a customer primary authentication information via a primary channel; (2) the authenticating entity processing the primary authentication information, and retrieving customer information based on the primary authentication information; (3) the authenticating entity transmitting secondary authentication information to the customer via a secondary channel, the secondary channel being different than the primary channel; (4) the authenticating entity receiving from the customer at least a portion of the secondary authentication information; and (5) the authenticating entity performing authentication processing on the secondary authentication information received from the customer. Based on the successful authentication of the primary authentication information and the secondary authentication information received from the customer, the authenticating entity approves the customer for the transaction.
-
Citations
24 Claims
-
1. A method for performing an authentication, in conjunction with a transaction, utilizing a primary communication channel and a secondary communication channel, the primary and secondary communication channels being adapted for long-range communication, the method comprising:
-
an authenticating entity, in the form of a processing machine, receiving from a customer primary authentication information via a primary channel; the processing machine of the authenticating entity processing the primary authentication information, and retrieving customer information based on the primary authentication information; the processing machine of the authenticating entity transmitting secondary authentication information to the customer via a secondary channel, the secondary channel being different than the primary channel; the processing machine of the authenticating entity receiving from the customer via the primary channel at least a portion of the secondary authentication information; the processing machine of the authenticating entity performing authentication processing on the secondary authentication information received from the customer; and based on the successful authentication of the primary authentication information and the secondary authentication information received from the customer, the processing machine of the authenticating entity approving the customer for the transaction, wherein the primary channel is the Internet and the secondary channel is one selected from the group consisting of a telephone call, text message, and e-mail to the customer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A system that performs authentication processing, the system including:
-
a communication interface portion for interfacing with a customer, the communication interface portion comprising non-transitory computer readable medium; an authenticating processing portion that communicates with the customer via the communication interface portion, the authenticating processing portion receiving primary authentication information on a primary communication channel adapted for long-range communication, and based on the primary authentication information, the authenticating processing portion retrieving customer information, the customer information verifying at least in part the primary authentication information; the authenticating processing portion configured to output secondary authentication information to the customer over a secondary communication channel adapted for long-range communication, the secondary channel being different than the primary communication channel, and the secondary authentication information includes a portion of at least one selected from the group consisting of a password and a one-time use authentication code; the authenticating processing portion configured to receive the secondary authentication information from the customer via the primary communication channel and using the secondary authentication information to authenticate the customer; and the authenticating processing portion further configured to, based on the successful receipt of the primary authentication information and the secondary authentication information from the customer, output an approval for the transaction, wherein the primary communication channel is the Internet and the secondary communication channel is one selected from the group consisting of a telephone call, text message, and e-mail to the customer. - View Dependent Claims (22, 24)
-
-
23. A method for performing an authentication, in conjunction with a transaction, utilizing a primary communication channel on a primary device and a secondary communication channel on a secondary device, the primary and secondary communication channels being adapted for long-range communication, the transaction being effected at a location, the method comprising:
-
an authenticating entity, in the form of a processing machine, receiving from a customer primary authentication information via the primary communication channel on the primary device; the processing machine of the authenticating entity processing the primary authentication information, and retrieving customer information based on the primary authentication information; the processing machine of the authenticating entity transmitting secondary authentication information to the customer via the secondary communication channel, the secondary communication channel being different than the primary communication channel; the processing machine of the authenticating entity receiving from the customer at least a portion of the secondary authentication information via the primary communication channel; the processing machine of the authenticating entity performing authentication processing on the secondary authentication information received from the customer; and based on both the successful authentication of the primary authentication information and the successful authentication of the secondary authentication information received from the customer, the processing machine of the authenticating entity approving the customer for the transaction; and the method further including the processing machine of the authenticating entity forwarding respective requests for approval of the requested transaction to multiple transaction approvers, and the processing machine of the authenticating entity receiving responses from at least some of the transaction approvers, the processing machine of the authenticating entity applying a set of rules from the responses received from the transaction approvers; the processing machine of the authenticating entity determining the geographical location of at least some of the transaction approvers, and the set of rules including comparing the geographical location of the at least some of the transaction approvers with the location of the transaction, so as to determine the legitimacy of the transaction, wherein the primary communication channel is the Internet and the secondary communication channel is one selected from the group consisting of a telephone call, text message, and e-mail to the customer.
-
Specification