Single system for authenticating entities across different third party platforms
First Claim
1. For an authentication system comprising at least one server device, a computer-implemented method for authenticating entities across a plurality of online service providers, the computer-implemented method comprising:
- receiving from an online service provider of the plurality of online service providers, an authentication request for authenticating on behalf of the online service provider, whether a particular individual purchasing a good or service of the online service provider using a code is eligible to receive a promotion associated with the code, the authentication request providing identifying information used by the particular individual;
obtaining at least one qualifying parent-child relationship from the online service provider, the qualifying parent-child relationship identifying a particular parent business entity whose child entities are eligible to receive the promotion using the code;
querying a database using the identifying information, the database comprising a plurality of entity records, each entity record of the plurality of entity records containing previously verified information about a different individual or business;
selecting a particular entity record from the plurality of entity records containing previously verified information for the particular individual that matches the identifying information from the authentication request;
generating a series of challenge questions from the previously verified information of the particular entity record;
submitting the series of challenge questions from the authentication system to the online service provider for presentation to the particular individual;
receiving from the online service provider, a set of answers provided by the particular individual that are responsive to the series of challenge questions; and
authenticating by the authentication system on behalf of the online service provider, eligibility of the particular individual to receive the promotion associated with the code, said authenticating comprising performing a first authentication based on the set of answers correctly answering a specified number of the series of challenge questions and performing a second authentication based on the previously verified information from the particular entity record satisfying the qualifying parent-child relationship by identifying the particular individual as a child of the particular business entity, wherein said authenticating ensues from the user providing the code as part of purchasing the good or service from the online service provider and prior to the online service provider completing sale of the good or service to the entity.
7 Assignments
0 Petitions
Accused Products
Abstract
Some embodiments provide an independent authentication system for authenticating entities that have registered accounts across different online service providers on behalf of the service providers. The authentication system maintains a database of previously verified entity information. A service provider requests authentication by providing the authentication system with unverified and basic identifying information used by an entity when registering with the service provider. The authentication system attempts to match the registration information against previously verified information for a known entity. When a match is found, the authentication system generates a series of challenge questions. The questions are submitted to the entity through the service provider and answers are processed in order to authenticate the entity. Authentication is thus provided on behalf of the service provider without the service provider accessing the previously verified information and without the service provider independently verifying the information within the generated challenge questions.
-
Citations
26 Claims
-
1. For an authentication system comprising at least one server device, a computer-implemented method for authenticating entities across a plurality of online service providers, the computer-implemented method comprising:
-
receiving from an online service provider of the plurality of online service providers, an authentication request for authenticating on behalf of the online service provider, whether a particular individual purchasing a good or service of the online service provider using a code is eligible to receive a promotion associated with the code, the authentication request providing identifying information used by the particular individual; obtaining at least one qualifying parent-child relationship from the online service provider, the qualifying parent-child relationship identifying a particular parent business entity whose child entities are eligible to receive the promotion using the code; querying a database using the identifying information, the database comprising a plurality of entity records, each entity record of the plurality of entity records containing previously verified information about a different individual or business; selecting a particular entity record from the plurality of entity records containing previously verified information for the particular individual that matches the identifying information from the authentication request; generating a series of challenge questions from the previously verified information of the particular entity record; submitting the series of challenge questions from the authentication system to the online service provider for presentation to the particular individual; receiving from the online service provider, a set of answers provided by the particular individual that are responsive to the series of challenge questions; and authenticating by the authentication system on behalf of the online service provider, eligibility of the particular individual to receive the promotion associated with the code, said authenticating comprising performing a first authentication based on the set of answers correctly answering a specified number of the series of challenge questions and performing a second authentication based on the previously verified information from the particular entity record satisfying the qualifying parent-child relationship by identifying the particular individual as a child of the particular business entity, wherein said authenticating ensues from the user providing the code as part of purchasing the good or service from the online service provider and prior to the online service provider completing sale of the good or service to the entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. For an authentication system, a computer-implemented method for authenticating entities across a plurality of online service providers, the computer-implemented method comprising:
-
managing a database with a plurality of entity records, a plurality of codes, and a plurality of eligibility requirements, wherein each entity record of the plurality of entity records stores information about a different entity, wherein each code of the plurality of codes is associated with a different eligibility requirement from the plurality of eligibility requirements, and wherein the plurality of eligibility requirements specify different qualifications that the plurality of online service providers have set in order for the entities to qualify for different promotions offered by the plurality of online service providers; receiving (i) first registration information identifying a first entity that provides a first code in order to redeem a first promotion from a first online service provider of the plurality of online service providers and (ii) second registration information identifying a second entity that is different than the first entity and that provides a second code in order to redeem a second promotion from a second online service provider of the plurality of online service providers; retrieving from the database (i) a first eligibility requirement from the plurality of eligibility requirements that is associated with the first code and (ii) a second eligibility requirement from the plurality of eligibility requirements that is associated with the second code; retrieving from the database (i) a first entity record of the plurality of entity records storing previously verified information that is a match for the first registration information and (ii) a second entity record of the plurality of entity records storing previously verified information that is a match for the second registration information; generating (i) a first series of challenge questions from other previously verified information of the first entity record that is different than the first registration information and (ii) a second series of challenge questions from other previously verified information of the second entity record that is different than the second registration information; validating (i) usage of the first code at the first online service provider by the first entity when a specified number of responses provided by the first entity correctly answer the first series of challenge questions and when the previously verified information from the first entity record satisfies the at least first eligibility requirement and (ii) usage of the second code at the second online service provider by the second entity when a specified number of the responses provided by the second entity correctly answer the second series of challenge questions and when the previously verified information from the second entity record satisfies the at least second eligibility requirement; and providing notification that the first entity is eligible for a different third promotion from a third online service provider of the plurality of service providers, wherein providing the notification comprises (i) querying the plurality of eligibility requirements in the database using the previously verified information from the first entity record and (ii) identifying that the previously verified information from the first entity record satisfies at least a third eligibility requirement that the third online service provider sets for the third promotion. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
-
24. A non-transitory computer-readable storage medium with an executable program stored thereon, wherein the program instructs a microprocessor to perform sets of instructions for:
-
receiving from an online service provider of the plurality of online service providers, an authentication request for authenticating on behalf of the online service provider, whether a particular individual purchasing a good or service of the online service provider using a code is eligible for an incentive associated with the code, the authentication request providing identifying information used by the entity when purchasing the good or service; obtaining from the online service provider, at least one parent-child relationship qualifying child entities of a particular parent business entity as eligible to receive the incentive when using the code; retrieving a particular entity record from a plurality of entity records containing previously verified information that is a match for the identifying information from the authentication request, wherein each entity record of the plurality of entity records contains previously verified information about a different individual or business; generating a series of challenge questions from the previously verified information of the particular entity record, each challenge question from the series of challenge questions being derived from previously verified information of the particular entity record that does not overlap with the identifying information used by the particular individual in registering for the service of the online service provider; issuing the series of challenge questions; receiving a set of answers provided by the particular individual that are responsive to the series of challenge questions; and notifying the online service provider that the particular individual has been authenticated to receive said incentive when the set of answers correctly answer a specified number of the series of challenge questions and the previously verified information of the particular entity record satisfies the parent-child relationship by identifying the particular individual as a child of the particular business entity. - View Dependent Claims (25, 26)
-
Specification