System and method for dynamic multifactor authentication
First Claim
1. A method of authenticating a user, the method comprising the steps of:
- sending an authentication request to a remote authentication device;
at the remote authentication device, generating a first piece of authentication information based on the received authentication request;
receiving at a mobile device, the first piece of authentication information from an access terminal that is in communication with the remote authentication device, wherein the first piece of authentication information comprises an encrypted message;
generating, within the mobile device of the user, a second piece of authentication information which is at least partially based on the received first piece of authentication information, wherein generating comprises decrypting the encrypted message and including at least a portion of the decrypted message in the second piece of authentication information;
sending the second piece of authentication information to the remote authentication device;
validating the second piece of authentication information; and
if the second piece of authentication information is successfully validated, generating an authentication signal,wherein the first piece of authentication information is presented as an image on a display means of the access terminal and captured therefrom using an optical acquiring means of the mobile device,wherein the first piece of authentication information contains transactional information related to a transaction which the user wishes to make.
3 Assignments
0 Petitions
Accused Products
Abstract
A method of authenticating a user. The method comprises the step of sending an authentication request to a remote authentication device and generating a first piece of authentication information. A mobile device receives the first piece of authentication information from either an access terminal or the remote authentication device. The mobile device of the user generating a second piece of authentication information which is at least partially based on the received first piece of authentication information. The second piece of authentication information is sent to the remote authentication devices and the second piece of authentication information validated. If the second piece of authentication information is successfully validated an authentication signal is generated.
-
Citations
9 Claims
-
1. A method of authenticating a user, the method comprising the steps of:
-
sending an authentication request to a remote authentication device; at the remote authentication device, generating a first piece of authentication information based on the received authentication request; receiving at a mobile device, the first piece of authentication information from an access terminal that is in communication with the remote authentication device, wherein the first piece of authentication information comprises an encrypted message; generating, within the mobile device of the user, a second piece of authentication information which is at least partially based on the received first piece of authentication information, wherein generating comprises decrypting the encrypted message and including at least a portion of the decrypted message in the second piece of authentication information; sending the second piece of authentication information to the remote authentication device; validating the second piece of authentication information; and if the second piece of authentication information is successfully validated, generating an authentication signal, wherein the first piece of authentication information is presented as an image on a display means of the access terminal and captured therefrom using an optical acquiring means of the mobile device, wherein the first piece of authentication information contains transactional information related to a transaction which the user wishes to make. - View Dependent Claims (2, 3, 4)
-
-
5. A system for authenticating a user, the system comprising:
-
sending means for sending an authentication request to a remote authentication device; generating means at the remote authentication device for generating a first piece of authentication information based on the authentication request; receiving means for receiving at a mobile device, the first piece of authentication information from an access terminal that is in communication with the remote authentication device, wherein the first piece of authentication information comprises an encrypted message; generating means for generating, within the mobile device of the user, a second piece of authentication information which is at least partially based on the received first piece of authentication information, wherein generating comprises decrypting the encrypted message and including at least a portion of the decrypted message in the second piece of authentication information; sending means for sending the second piece of authentication information to the remote authentication device; validating means for validating the second piece of authentication information; and generating means for generating an authentication signal if the second piece of authentication information is successfully validated by the validating means, wherein the system is arranged such that the first piece of authentication information is presented as an image on a display means of the access terminal and captured therefrom using an optical acquiring means of the mobile device, wherein the first piece of authentication information contains transactional information related to a transaction which the user wishes to make. - View Dependent Claims (6, 7, 8, 9)
-
Specification