Flexible quasi out of band authentication architecture
First Claim
1. A network server for presenting network transactions requiring different levels of security to a user for approval, comprising:
- a communications port configured to receive a transaction having a predetermined security level from a network site transacting with the user;
a processor configured to direct (1) presentation of the transaction to the user in one of a group of presentation forms including at least two of (i) a first form of presentation corresponding to presentation of the transaction in a browser pop-up window on a first network device associated with the user, (ii) a second form of presentation corresponding to presentation of the transaction in a security software application window on the first network device, and (iii) a third form of presentation corresponding to presentation of the transaction in a security application window on a second network device associated with the user and different than the first network device, wherein the one presentation form corresponds to the predetermined security level for the transaction, and (2) a request for approval of the transaction by the user corresponding to one of a group of transaction approval types including at least two of (i) a first type approval requiring no action by the user after presentation of the transaction, (ii) a second type approval requiring the user to actively approve the presented transaction, and (iii) a third type approval requiring the user to sign the presented transaction;
wherein the communications port is further configured to receive an identifier of the one transaction presentation form and the one transaction approval type from the network site;
wherein the one transaction approval type corresponds to the predetermined security level for the transaction.
10 Assignments
0 Petitions
Accused Products
Abstract
To obtain user approval of network transactions at different levels of security, a network site selects a form in which a transaction with be presented to the user from a group of transaction presentation forms including presentation of the transaction in a browser pop-up window on a user network device, in a security software application window on the user network device, and in a security application window on another user network device. The network site also selects a type of approval of the transaction required from the user from a group of transaction approval types including approval requiring no action by the user after presentation of the transaction, the user to actively approve the presented transaction, and the user to sign the presented transaction. The transaction, the selected transaction presentation form, and the selected type of user transaction approval, are transmitted to obtain approval of the transaction by the user.
88 Citations
8 Claims
-
1. A network server for presenting network transactions requiring different levels of security to a user for approval, comprising:
-
a communications port configured to receive a transaction having a predetermined security level from a network site transacting with the user; a processor configured to direct (1) presentation of the transaction to the user in one of a group of presentation forms including at least two of (i) a first form of presentation corresponding to presentation of the transaction in a browser pop-up window on a first network device associated with the user, (ii) a second form of presentation corresponding to presentation of the transaction in a security software application window on the first network device, and (iii) a third form of presentation corresponding to presentation of the transaction in a security application window on a second network device associated with the user and different than the first network device, wherein the one presentation form corresponds to the predetermined security level for the transaction, and (2) a request for approval of the transaction by the user corresponding to one of a group of transaction approval types including at least two of (i) a first type approval requiring no action by the user after presentation of the transaction, (ii) a second type approval requiring the user to actively approve the presented transaction, and (iii) a third type approval requiring the user to sign the presented transaction; wherein the communications port is further configured to receive an identifier of the one transaction presentation form and the one transaction approval type from the network site; wherein the one transaction approval type corresponds to the predetermined security level for the transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
Specification