Method and apparatus for enabling authentication of on-line communications

US 8,799,381 B2
Filed: 07/01/2011
Issued: 08/05/2014
Est. Priority Date: 11/15/2004
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

associating a message code with a user identifier;

receiving the user identifier from a user, wherein the receiving occurs after the associating the message code with the user identifier;

determining, using a hardware processor, that the user identifier is associated with the message code, wherein the determining occurs after the receiving the user identifier;

presenting the message code to the user based at least partially on the determining that the user identifier is associated with the message code;

receiving a user authentication from the user after presenting the message code to the user;

determining that the received user authentication is associated with the user identifier and the message code; and

providing the user with access to a secured resource based on the determining that the authentication is associated with the user identifier and the message code.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method and apparatus for enabling authentication of on-line communications. In some embodiments, a message code is embedded in an e-mail, where the message code can be used by the recipient to verify the authenticity of the e-mail or of a Web site. In some embodiments, this code can be created for a particular e-mail message; in other embodiments, the code is created as a watermark for use by a customer or other a specific user or recipient. The message code is associated with both the e-mail message and the recipient. In the case of a message-specific code, a recipient can verify the e-mail message by inputting the code via a Web server to be looked up in the database. Provision is also made for including stenographic information in graphical or other codes as further authentication when accessing a Web site.

47 Citations

32 Claims

1. A method comprising:
- associating a message code with a user identifier;
  
  receiving the user identifier from a user, wherein the receiving occurs after the associating the message code with the user identifier;
  
  determining, using a hardware processor, that the user identifier is associated with the message code, wherein the determining occurs after the receiving the user identifier;
  
  presenting the message code to the user based at least partially on the determining that the user identifier is associated with the message code;
  
  receiving a user authentication from the user after presenting the message code to the user;
  
  determining that the received user authentication is associated with the user identifier and the message code; and
  
  providing the user with access to a secured resource based on the determining that the authentication is associated with the user identifier and the message code.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein the associating the message code with the user identifier comprises:
    - presenting a user interface to the user that enables the user to select a message code for association with the user identifier;
      
      receiving information indicating that the user has selected the message code for association with the user identifier; and
      
      associating the message code with the user identifier based at least partially on the receiving the information indicating that the user has selected the message code.
  - 3. The method of claim 2, wherein the user interface presents a plurality of message codes to the user for selection and receives a selection of a message code selected by the user.
  - 4. The method of claim 2, wherein the user interface enables the user to input or upload a message code into the user interface.
  - 5. The method of claim 2, wherein the user interface enables the user to create a message code using the user interface and receives the message code created by the user.
  - 6. The method of claim 1, wherein the message code comprises steganographic information that enables the user to verify that the message code originated from a trusted source.
  - 7. The method of claim 6, wherein the user identifier is associated with a financial account, wherein the financial account is maintained by a financial institution, and wherein the steganographic information comprises a logo or digital signature of the financial institution.
  - 8. The method of claim 1, wherein the secured resource comprises information associated with one or more financial accounts held by the user.
  - 9. The method of claim 1, wherein the message code is uniquely associated with the user identifier.
  - 10. The method of claim 1, wherein the associating the message code with the user identifier comprises:
    - assigning the message code to the user identifier without allowing the user to select the message code;
      
      notifying the user that the message code has been assigned to the user identifier, wherein the notifying occurs before the receiving the user identifier from the user; and
      
      associating the message code with the user identifier based at least partially on the assigning the message code to the user identifier.
  - 11. The method of claim 1, wherein the user identifier is associated with a financial account, andwherein the associating the message code with the user identifier occurs approximately when the financial account is opened.
  - 12. The method of claim 1, wherein the message code comprises at least one of an alphanumeric string, photograph, image, icon, or watermark.
  - 13. The method of claim 1, wherein the message code is known to the user before receiving the user identifier from the user.

14. An apparatus comprising:
- a processing device configured to;
  
  associate a message code with a user identifier;
  
  receive the user identifier from a user, wherein the receiving occurs after the associating the message code with the user identifier;
  
  determine, using a hardware processor, that the user identifier is associated with the message code, wherein the determining occurs after the receiving the user identifier;
  
  present the message code to the user based at least partially on the determining that the user identifier is associated with the message code;
  
  receive a user authentication from the user after presenting the message code to the user;
  
  determine that the authentication is associated with the user identifier and the message code; and
  
  provide the user with access to a secured resource based on the determining that the authentication is associated with the user identifier and the message code.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 15. The apparatus of claim 14, wherein the processing device configured to associate the message code with the user identifier is further configured to:
    - present a user interface to the user that enables the user to select a message code for association with the user identifier;
      
      receive information indicating that the user has selected the message code for association with the user identifier; and
      
      associate the message code with the user identifier based at least partially on the receiving the information indicating that the user has selected the message code.
  - 16. The apparatus of claim 15, wherein the user interface presents a plurality of message codes to the user for selection and receives a user selected message code from the user from among the plurality of message codes.
  - 17. The apparatus of claim 15, wherein the user interface enables the user to input or upload a message code into the user interface.
  - 18. The apparatus of claim 15, wherein the user interface enables the user to create a message code using the user interface.
  - 19. The apparatus of claim 15, wherein the message code is uniquely associated with the user identifier.
  - 20. The apparatus of claim 14, wherein the secured resource comprises information associated with one or more financial accounts held by the user.
  - 21. The apparatus of claim 14, wherein the processing device configured to associate the message code with the user identifier is further configured to:
    - assign the message code to the user identifier without allowing the user to select the message code;
      
      notify the user that the message code has been assigned to the user identifier, wherein the notifying occurs before the receiving the user identifier from the user; and
      
      associate the message code with the user identifier based at least partially on the assigning the message code to the user identifier.
  - 22. The apparatus of claim 14, wherein the user identifier is associated with a financial account, andwherein the associating the message code with the user identifier occurs approximately when the financial account is opened.
  - 23. The apparatus of claim 14, wherein the message code comprises at least one of an alphanumeric string, photograph, image, icon, or watermark.
  - 24. The apparatus of claim 14, wherein the message code comprises steganographic information that enables the user to verify that the message code originated from a trusted source.
  - 25. The apparatus of claim 14, wherein the user identifier is associated with a financial account, wherein the financial account is maintained by a financial institution, and wherein the steganographic information comprises a logo or digital signature of the financial institution.
  - 26. The apparatus of claim 14, wherein the message code is known to the user before the receiving the user identifier from the user.

27. A method comprising:
- receiving information indicating that a user has selected a message code;
  
  receiving information indicating that the user wishes to access a secure resource;
  
  presenting the message code to the user;
  
  receiving information indicating that the user has verified that the message code presented to the user matches the message code selected by the user;
  
  providing the user with access to the secure resource based at least partially on the receiving the information indicating that the user has verified that the message code presented to the user matches the message code selected by the user;
  
  receiving a user authentication from the user after presenting the message code to the user;
  
  determining that the received user authentication is associated with the user identifier and the message code; and
  
  providing the user with access to a secured resource based on the determining that the authentication is associated with the user identifier and the message code.
- View Dependent Claims (28, 29, 30, 31, 32)
- - 28. The method of claim 27, wherein the receiving the information indicating that the user wishes to access a secure resource comprises receiving a username for the user.
  - 29. The method of claim 27, wherein the receiving the information indicating that the user has verified that the message code presented to the user matches the message code selected by the user comprises receiving a password for the user.
  - 30. The method of claim 27, wherein the providing the user with access to the secure resource comprises presenting the user with access to an online, mobile, or text banking service.
  - 31. The method of claim 27, wherein the message code is user selected before the receiving the information indicating that the user wishes to access a secure resource.
  - 32. The method of claim 27, wherein the presenting the message code to the user serves to authenticate the secure resource to the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Hogeboom, David A., Koenig, William, Wright, David, Phillips, Richard Wade, MacLean, Rhonda, Parra, William A.
Primary Examiner(s)
NGUYEN, MINH CHAU

Application Number

US13/175,747
Publication Number

US 20110265170A1
Time in Patent Office

1,131 Days
Field of Search

709205-206
US Class Current

709/206
CPC Class Codes

H04L 51/08   Annexed information, e.g. a...

H04L 63/123   received data contents, e.g...

H04L 63/1475   Passive attacks, e.g. eaves...

H04L 63/1483   service impersonation, e.g....

Method and apparatus for enabling authentication of on-line communications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

47 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for enabling authentication of on-line communications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

47 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links