System and method for dynamic multifactor authentication

US 8,943,548 B2
Filed: 12/20/2006
Issued: 01/27/2015
Est. Priority Date: 12/21/2005
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a user, the method comprising the steps of:

sending an authentication request to a remote authentication device;

at the remote authentication device, generating a first piece of authentication information based on the received authentication request;

receiving at a mobile device, the first piece of authentication information from an access terminal that is in communication with the remote authentication device, wherein the first piece of authentication information comprises an encrypted message;

generating, within the mobile device of the user, a second piece of authentication information which is at least partially based on the received first piece of authentication information, wherein generating comprises decrypting the encrypted message and including at least a portion of the decrypted message in the second piece of authentication information;

sending the second piece of authentication information to the remote authentication device;

validating the second piece of authentication information; and

if the second piece of authentication information is successfully validated, generating an authentication signal,wherein the first piece of authentication information is presented as an image on a display means of the access terminal and captured therefrom using an optical acquiring means of the mobile device,wherein the first piece of authentication information contains transactional information related to a transaction which the user wishes to make.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of authenticating a user. The method comprises the step of sending an authentication request to a remote authentication device and generating a first piece of authentication information. A mobile device receives the first piece of authentication information from either an access terminal or the remote authentication device. The mobile device of the user generating a second piece of authentication information which is at least partially based on the received first piece of authentication information. The second piece of authentication information is sent to the remote authentication devices and the second piece of authentication information validated. If the second piece of authentication information is successfully validated an authentication signal is generated.

Citations

9 Claims

1. A method of authenticating a user, the method comprising the steps of:
- sending an authentication request to a remote authentication device;
  
  at the remote authentication device, generating a first piece of authentication information based on the received authentication request;
  
  receiving at a mobile device, the first piece of authentication information from an access terminal that is in communication with the remote authentication device, wherein the first piece of authentication information comprises an encrypted message;
  
  generating, within the mobile device of the user, a second piece of authentication information which is at least partially based on the received first piece of authentication information, wherein generating comprises decrypting the encrypted message and including at least a portion of the decrypted message in the second piece of authentication information;
  
  sending the second piece of authentication information to the remote authentication device;
  
  validating the second piece of authentication information; and
  
  if the second piece of authentication information is successfully validated, generating an authentication signal,wherein the first piece of authentication information is presented as an image on a display means of the access terminal and captured therefrom using an optical acquiring means of the mobile device,wherein the first piece of authentication information contains transactional information related to a transaction which the user wishes to make.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the first piece of authentication information is captured from the access terminal using a digital camera on the mobile device.
  - 3. The method of claim 1, wherein the step of generating the second piece of authentication information is done using one of International Mobile Equipment Identity (IMEI), information relating to the Subscriber Identity Module (SIM) or information specific to the mobile device of the user.
  - 4. The method of claim 1, wherein the second piece of authentication information comprises biometric data.

5. A system for authenticating a user, the system comprising:
- sending means for sending an authentication request to a remote authentication device;
  
  generating means at the remote authentication device for generating a first piece of authentication information based on the authentication request;
  
  receiving means for receiving at a mobile device, the first piece of authentication information from an access terminal that is in communication with the remote authentication device, wherein the first piece of authentication information comprises an encrypted message;
  
  generating means for generating, within the mobile device of the user, a second piece of authentication information which is at least partially based on the received first piece of authentication information, wherein generating comprises decrypting the encrypted message and including at least a portion of the decrypted message in the second piece of authentication information;
  
  sending means for sending the second piece of authentication information to the remote authentication device;
  
  validating means for validating the second piece of authentication information; and
  
  generating means for generating an authentication signal if the second piece of authentication information is successfully validated by the validating means,wherein the system is arranged such that the first piece of authentication information is presented as an image on a display means of the access terminal and captured therefrom using an optical acquiring means of the mobile device,wherein the first piece of authentication information contains transactional information related to a transaction which the user wishes to make.
- View Dependent Claims (6, 7, 8, 9)
- - 6. The system of claim 5, wherein the system is arranged such that the first piece of authentication information is captured from the access terminal using a digital camera on the mobile device.
  - 7. The system of claim 5, wherein the system is arranged such that the generating means generates the second piece of authentication information using one of the International Mobile Equipment Identity (IMEI), information relating to the Subscriber Identity Module (SIM) or information specific to the mobile device of the user.
  - 8. The system of claim 5, wherein the second piece of authentication information comprises biometric data.
  - 9. The system of claim 5, wherein the mobile device comprises:
    - an optical input means;
      
      a processing means; and
      
      a display means.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Onespan North America Incorporated (OneSpan, Inc.)
Original Assignee
Vasco Data Security Incorporated (OneSpan, Inc.)
Inventors
Drokov, Igor, Punskaya, Elena, Tahar, Emmanuel
Primary Examiner(s)
Lewis, Lisa
Assistant Examiner(s)
DOLLY, KENDALL LYNN

Application Number

US12/158,292
Publication Number

US 20080307515A1
Time in Patent Office

2,960 Days
Field of Search

726 3- 6, 726 16- 18, 707/652, 707/654, 707/803, 707/770, 707/609
US Class Current

726/2
CPC Class Codes

G06Q 20/3224   Transactions dependent on l...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4093   Monitoring of device authen...

H04L 2463/082   applying multi-factor authe...

H04L 63/0442   wherein the sending and rec...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04L 63/18   using different networks or...

H04W 12/06   Authentication

H04W 12/65   Environment-dependent, e.g....

H04W 12/71   Hardware identity

System and method for dynamic multifactor authentication

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for dynamic multifactor authentication

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links