Method and apparatus for enabling a user to select an authentication method

US 8,856,897 B2
Filed: 09/18/2012
Issued: 10/07/2014
Est. Priority Date: 01/03/2001
Status: Expired due to Term

First Claim

Patent Images

1. A method comprising:

registering, by a computer-based system, a first authentication method for accessing a first restricted service associated with a user and a site, wherein the first authentication method is selectable by the user, the first restricted service being a service provided at the site; and

allowing, by the computer-based system, the user to change the first authentication method to a second authentication method associated with a second restricted service for the site without accessing the first restricted service or the second restricted service, wherein the first authentication method is different from the second authentication method and the second restricted service is another service provided by the site, and wherein the change of the first authentication method to the second authentication method requires a third authentication method.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention facilitates access to a restricted service related to secure transactions via a network. The present invention allows a user to select a minimum security level of authentication for its own login to a restricted service. The user'"'"'s selected minimum security level of authentication may be registered in an authentication method system, so that the user must use the selected minimum security level for authentication in order to gain access to the restricted service. Alternatively, the user may specify that the selected minimum security level for authentication may be over-turned by the user, or optionally re-set to a new authentication method depending on the needs of the user. As such, the present invention allows the user the flexibility to select its own authentication method for accessing a restricted service.

72 Citations

View as Search Results

19 Claims

1. A method comprising:
- registering, by a computer-based system, a first authentication method for accessing a first restricted service associated with a user and a site, wherein the first authentication method is selectable by the user, the first restricted service being a service provided at the site; and
  
  allowing, by the computer-based system, the user to change the first authentication method to a second authentication method associated with a second restricted service for the site without accessing the first restricted service or the second restricted service, wherein the first authentication method is different from the second authentication method and the second restricted service is another service provided by the site, and wherein the change of the first authentication method to the second authentication method requires a third authentication method.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, further comprising authorizing the user to access the first restricted service.
  - 3. The method of claim 1, further comprising enabling the user to access the first restricted service in response to validating the second authentication method.
  - 4. The method of claim 1, further comprising:
    - registering, by the computer-based system, a third authentication method for accessing a second restricted service;
      
      receiving, by the computer-based system, a request for access to at least one of the first restricted service or the second restricted service;
      
      causing, by the computer-based system, a user interface to display input fields corresponding to the second authentication method in response to the request being associated with the first restricted service;
      
      causing, by the computer-based system, the user interface to display input fields corresponding to the third authentication method in response to the request being associated with the second restricted service; and
      
      granting, by the computer-based system, access to at least one of the first restricted service in response to receiving predetermined input associated with the second authentication method or the second restricted service in response to receiving predetermined input associated with the third authentication method.
  - 5. The method of claim 4, wherein at least one of the first restricted service or the second restricted service is provided by a service provider.
  - 6. The method of claim 4, wherein the authentication methods are presented by a service provider.
  - 7. The method of claim 4, wherein the authentication methods include at least one of:
    - user identification and password;
      
      user identification and pass-phrase;
      
      smart card and PIN;
      
      smart card and digital certificate;
      
      biometrics;
      
      sound verification;
      
      radio frequency and password;
      
      infrared and password;
      
      or handheld computing device and digital certificate.
  - 8. The method of claim 4, further comprising registering more than one method of authentication for access to the first restricted service.
  - 9. The method of claim 4, further comprising registering at least one of the second authentication method or the third authentication method as a minimum level of security for access to at least one of the first restricted service or the second restricted service.
  - 10. The method of claim 4, further comprising rendering, by the computer-based system, a query dialog box to query for selection of a level of security from a plurality of levels of security.
  - 11. The method of claim 5, further comprising rendering, by the computer-based system, a query dialog box to query for selection of a level of security from a plurality of levels of security provided by the service provider.
  - 12. The method of claim 10, wherein the plurality of levels of security correspond to a plurality of methods of authentication.
  - 13. The method of claim 12, wherein the plurality of methods of authentication includes at least one of:
    - user identification and password;
      
      user identification and pass-phrase;
      
      smart card and PIN;
      
      smart card and digital certificate;
      
      biometrics;
      
      sound verification;
      
      radio frequency and password;
      
      infrared and password;
      
      or handheld computing device and digital certificate.
  - 14. The method of claim 10, further comprising receiving a selection of more than one level of security, from the plurality of levels of security, for access to the first restricted service.
  - 15. The method of claim 4, further comprising registering a fourth authentication method for access to the second restricted service.
  - 16. The method of claim 8, further comprising restricting at least one of the authentication methods to at least one of specific times of day, specific locations, or specific days.
  - 17. The method of claim 8, further comprising restricting at least one of the authentication methods to a user being a member of a specific group.

18. An article of manufacture including a non-transitory, computer-readable medium having stored thereon computer-executable instructions comprising:
- instructions for registering a first user-selected authentication method for accessing a first restricted service of a site; and
  
  instructions for allowing a change from the first user-selected authentication method to a second user-selected authentication method associated with a second restricted service without accessing the first restricted service or the second restricted service, wherein the first user-selected authentication method is different from the second user-selected authentication method and the second restricted service is associated with the site, and wherein the change of the first user-selected authentication method to the second user-selected authentication method requires a third authentication method.

19. A system comprising:
- a processor,a memory communicatively coupled to the processor,the memory having instructions stored thereon that, in response to execution by the processor, cause at least;
  
  receiving data having information indicative of a first user-selected authentication method for accessing a restricted service;
  
  registering the first user-selected authentication method; and
  
  allowing a change from the first user-selected authentication method to a second user-selected authentication method for accessing the restricted service without accessing the restricted service, wherein the first user-selected authentication method is different from the second user-selected authentication method, and wherein the change of the first user-selected authentication method to the second user-selected authentication method requires an additional authentication method.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Liberty Peak Ventures, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
Sora Applications LLC (Intellectual Ventures LLC)
Inventors
Nambiar, Anant, Johnson, Rick D., Foley, James M.
Primary Examiner(s)
PYZOCHA, MICHAEL J

Application Number

US13/622,140
Publication Number

US 20130019287A1
Time in Patent Office

749 Days
Field of Search

726/4, 726/6, 713/182
US Class Current

726/6
CPC Class Codes

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/105   Multiple levels of security

H04L 63/205   involving negotiation or de...

Method and apparatus for enabling a user to select an authentication method

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

72 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for enabling a user to select an authentication method

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

72 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links