One-time password validation in a multi-entity environment
First Claim
1. A method comprising:
- receiving, in a validation processor, a plurality of a predetermined number of first credentials of the same type that uniquely identifies a user, the plurality of received first credentials indicative of being from a first client processor;
receiving, in the validation processor, a second credential that uniquely identifies the first client processor, the second credential indicative of being from the first client processor;
determining, by the validation processor, each of the received plurality of first credentials and the second credential, as respective pairs, constitute a first unique pair that is valid for a one-time validation based on;
finding each of the received first credentials is determined, by the validation processor, to be valid;
finding it is a first occurrence, as respective pairs, of each of the received plurality of first credentials and the second credential;
finding that the respective pairs of the received plurality of first credentials and the second credential has not been previously used for a secure communication;
finding that the plurality of received first credentials is received in a predetermined order; and
based on the result of the one-time validation, rejecting the respective pair of the received plurality of first credentials and the second credential if the respective pair has been previously used for the secure communication, and accepting the respective pair, as the first unique respective pair, if the plurality of received first credentials and the second credential pair if the first unique pair has not previously been used for the secure communication;
providing, by the validation processor, an indication that the plurality of received first credentials and the second credential constitute the first unique pair that is valid for a one-time validation to an intermediate processor;
tracking, by the intermediate processor, the validation based on the indication provided by the validation processor; and
initiating the secure communication via a computer network using the first unique pair.
3 Assignments
0 Petitions
Accused Products
Abstract
A single passcode can be used for validation by a user of several entities in a system without compromising security. The source of the entity providing validation credentials, along with the passcode, is considered when determining validity. A one-time password system validates credentials if a validation credentials, such as a user'"'"'s valid passcode and the source of the credentials, have not been used previously. In a one-time passcode system, a validation processor receives validation credentials from a client processor. If the client processor has not previously sent the validation credentials to the validation processor, and the credentials are valid, the validation processor will validate the credentials. Otherwise, the credentials are invalid. Other client processors can utilize the same passcode and their respective source identifiers, and as long as the other client processors have not previously utilized the credentials, the credentials are declared valid.
40 Citations
16 Claims
-
1. A method comprising:
-
receiving, in a validation processor, a plurality of a predetermined number of first credentials of the same type that uniquely identifies a user, the plurality of received first credentials indicative of being from a first client processor; receiving, in the validation processor, a second credential that uniquely identifies the first client processor, the second credential indicative of being from the first client processor; determining, by the validation processor, each of the received plurality of first credentials and the second credential, as respective pairs, constitute a first unique pair that is valid for a one-time validation based on; finding each of the received first credentials is determined, by the validation processor, to be valid; finding it is a first occurrence, as respective pairs, of each of the received plurality of first credentials and the second credential; finding that the respective pairs of the received plurality of first credentials and the second credential has not been previously used for a secure communication; finding that the plurality of received first credentials is received in a predetermined order; and based on the result of the one-time validation, rejecting the respective pair of the received plurality of first credentials and the second credential if the respective pair has been previously used for the secure communication, and accepting the respective pair, as the first unique respective pair, if the plurality of received first credentials and the second credential pair if the first unique pair has not previously been used for the secure communication; providing, by the validation processor, an indication that the plurality of received first credentials and the second credential constitute the first unique pair that is valid for a one-time validation to an intermediate processor; tracking, by the intermediate processor, the validation based on the indication provided by the validation processor; and initiating the secure communication via a computer network using the first unique pair. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A validation processor comprising:
-
a processor; and a memory coupled to the processor, the memory having stored thereon executable instructions that when executed by the processor cause the processor to effectuate operations comprising; receiving a plurality of a predetermined number of first credentials of the same type that uniquely identifies a user, the plurality of received first credentials indicative of being from a first client processor; receiving a second credential that uniquely identifies the first client processor, the second credential indicative of being from the first client processor; determining that each of the received plurality of first credentials and the second credential, as respective pairs, constitute a first unique pair that is valid for a one-time validation based on; finding each of the received first credentials is determined, by the validation processor, to be valid; finding it is a first occurrence, as respective pairs, of each of the received plurality of first credentials and the second credential; finding that the respective pairs of the received plurality of first credentials and the second credential has not been previously used for a secure communication; and finding that the plurality of received first credentials is received in a predetermined order; and based on the result of the one-time validation, rejecting the respective pair of the received plurality of first credentials and the second credential if the respective pair has been previously used for the secure communication, and accepting the respective pair, as the first unique respective pair, if the plurality of received first credentials and the second credential pair if the first unique pair has not previously been used for the secure communication; providing an indication that the plurality of received first credentials and the second credential constitute the first unique pair that is valid for a one-time validation to an intermediate processor; tracking, by the intermediate processor, the validation based on the indication provided by the validation processor; and initiating the secure communication via a computer network the first unique pair. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A computer readable storage memory comprising computer executable instructions that when executed by a validation processor cause the validation to perform the instructions comprising:
-
receiving, in the validation processor, a plurality of first credentials of the same type that uniquely identifies a user, the received plurality of first credentials indicative of being from a first client processor; receiving, in the validation processor, a second credential that uniquely identifies the first client processor, the second credential indicative of being from the first client processor; determining, by a validation processor, each of the received plurality of first credentials and the second credential, as respective pairs, constitute a first unique pair that is valid for a one-time validation based on; finding each of the received first credentials is determined to be valid; finding it is a first occurrence, as respective pairs, of each of the received plurality of first credentials and the second credential; finding that the respective pairs of the received plurality of first credentials and the second credential has not been previously used for a secure communication; finding that the plurality of received first credentials is received in a predetermined order; and based on the result of the one-time validation, rejecting the respective pair of the received plurality of first credentials and the second credential if the respective pair has been previously used for the secure communication, and accepting the respective pair, as the first unique respective pair, if the plurality of received first credentials and the second credential pair if the first unique pair has not previously been used for the secure communication; providing, by the validation processor, an indication that the plurality of received first credentials and the second credential constitute the first unique pair that is valid for a one-time validation to an intermediate processor; tracking, by the intermediate processor, the validation based on the indication provided by the validation processor; and initiating the secure communication via a computer network using the first unique pair.
-
Specification