Adaptive policies and protections for securing financial transaction data at rest
First Claim
1. A method for challenge-response authentication, the method comprising:
- receiving, from an external terminal over a communication network, a request for access to a service;
presenting to a user, via a display, a plurality of images;
receiving, via the external terminal, an arrangement of the plurality of images;
receiving, over the communication network, a plurality of codes based on the arrangement of the plurality of images, each of the plurality of codes corresponding to an image of the plurality of images and to an alphanumeric character of a plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters;
matching the plurality of codes to the plurality of alphanumeric characters based on a predetermined one-time use table, wherein the one-time use table associates each image of the plurality of images with a corresponding code of the plurality of codes and with a corresponding alphanumeric character of the plurality of alphanumeric characters, wherein each of the plurality of codes is generated, by a pseudorandom number generator, independently from the plurality of alphanumeric characters;
generating an alphanumeric string from the plurality of alphanumeric characters based on the matching;
comparing the alphanumeric string to an alphanumeric user identifier stored in a database; and
determining whether to grant the user access to the service based on a result of the comparing.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for challenge-response authentication is provided by receiving, from an external terminal over a communication network, a request for access to a service. A plurality of objects is presented to a user via a display. A plurality of codes is received over the communication network, each of the plurality of codes corresponding to one of the plurality of objects. The plurality of codes are matched to a plurality of alphanumeric characters according to a predetermined table. An alphanumeric string is generated from the plurality of alphanumeric characters and the alphanumeric string is compared to a user identifier stored in a database. Based on the comparing, a determination is made as to whether to grant the user access to the service.
-
Citations
20 Claims
-
1. A method for challenge-response authentication, the method comprising:
-
receiving, from an external terminal over a communication network, a request for access to a service; presenting to a user, via a display, a plurality of images; receiving, via the external terminal, an arrangement of the plurality of images; receiving, over the communication network, a plurality of codes based on the arrangement of the plurality of images, each of the plurality of codes corresponding to an image of the plurality of images and to an alphanumeric character of a plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters; matching the plurality of codes to the plurality of alphanumeric characters based on a predetermined one-time use table, wherein the one-time use table associates each image of the plurality of images with a corresponding code of the plurality of codes and with a corresponding alphanumeric character of the plurality of alphanumeric characters, wherein each of the plurality of codes is generated, by a pseudorandom number generator, independently from the plurality of alphanumeric characters; generating an alphanumeric string from the plurality of alphanumeric characters based on the matching; comparing the alphanumeric string to an alphanumeric user identifier stored in a database; and determining whether to grant the user access to the service based on a result of the comparing. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for challenge-response authentication, the system comprising:
a processor, coupled to a memory, configured to; receive, from an external terminal over a communication network, a request for access to a service; present to a user, via a display, a plurality of images; receive, via the external terminal, an arrangement of the plurality of images; receive, over the communication network, a plurality of codes based on the arrangement of the plurality of images, each of the plurality of codes corresponding to an image of the plurality of images and to an alphanumeric character of a plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters; match the plurality of codes to the plurality of alphanumeric characters based on a predetermined one-time use table, wherein the one-time use table associates each image of the plurality of images with a corresponding code of the plurality of codes and with a corresponding alphanumeric character of the plurality of alphanumeric characters, wherein each of the plurality of codes is generated, by a pseudorandom number generator, independently from the plurality of alphanumeric characters; generate an alphanumeric string from the plurality of alphanumeric characters based on the matching; compare the alphanumeric string to an alphanumeric user identifier stored in a database; and determine whether to grant the user access to the service based on a result of the comparing. - View Dependent Claims (8, 9, 10, 11, 12)
-
13. A non-transitory computer-readable medium having stored thereon sequences of instructions, the sequences of instructions including instructions, which, when executed by a computer system, cause the computer system to perform:
-
receiving, from an external terminal over a communication network, a request for access to a service; presenting to a user, via a display, a plurality of images; receiving, via the external terminal, an arrangement of the plurality of images; receiving, over the communication network, a plurality of codes based on the arrangement of the plurality of images, each of the plurality of codes corresponding to an image of the plurality of images and to an alphanumeric character of a plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters; matching the plurality of codes to the plurality of alphanumeric characters based on a predetermined one-time use table, wherein the one-time use table associates each image of the plurality of images with a corresponding code of the plurality of codes and with a corresponding alphanumeric character of the plurality of alphanumeric characters, wherein each of the plurality of codes is generated, by a pseudorandom number generator, independently from the plurality of alphanumeric characters; generating an alphanumeric string from the plurality of alphanumeric characters based on the matching; comparing the alphanumeric string to an alphanumeric user identifier stored in a database; and determining whether to grant the user access to the service based on a result of the comparing. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A method for generating a challenge-response authentication interface, the method comprising:
-
generating a plurality of images; generating a plurality of codes, each of the plurality of codes corresponding to an image of the plurality of images and to an alphanumeric character of a plurality of alphanumeric characters, wherein each of the plurality of codes is generated, by a pseudorandom number generator, independently from the plurality of alphanumeric characters; generating a one-time use table that associates each image of the plurality of images with a corresponding code of the plurality of codes and with a corresponding alphanumeric character of the plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters; and generating an interactive graphical presentation of the plurality of images, wherein the interactive graphical presentation is configured to; receive, via an external terminal, an arrangement of the plurality of images; and provide, over a communication network, the plurality of codes based on the arrangement of the plurality of images.
-
-
20. A system for generating a challenge-response authentication interface, the system comprising:
a processor, coupled to a memory, configured to; generate a plurality of images; generate a plurality of codes, each of the plurality of codes corresponding to an image of the plurality of images and to an alphanumeric character of a plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters, wherein each of the plurality of codes is generated, by a pseudorandom number generator, independently from the plurality of alphanumeric characters; generate a one-time use table that associates each image of the plurality of images with a corresponding code of the plurality of codes and with a corresponding alphanumeric character of the plurality of alphanumeric characters; and generate an interactive graphical presentation of the plurality of images, wherein the interactive graphical presentation is configured to; receive, via an external terminal, an arrangement of the plurality of images; and provide, over a communication network, the plurality of codes based on the arrangement of the plurality of images.
Specification