System and method for transaction security responsive to a signed authentication
First Claim
1. A system arranged to provide access from a user device to a service provider, the system comprising:
- an authentication server, said authentication server comprising an authentication server processor and an associated authentication server non-transitory memory, said authentication server non-transitory memory having loaded thereon instructions readable by said authentication server processor, which when executed by said authentication server processor cause said authentication server to;
determine that a mobile device has accessed the authentication server;
in response to said determination, provide to said mobile device a list at least of selectable at least one service provider and at least one registered user device other than said mobile device;
receive a selection made at said mobile device of a service provider, from among said at least one selectable service provider, to which access is desired, and of a user device, from among said at least one selectable registered user device, by which access to said selected service provider is desired;
determine whether one or more requirements of one or more rule sets for authentication has been fulfilled; and
based on the determination that the one or more requirements has been fulfilled, send an authentication message to the selected service provider and authorize the selected service provider to allow access by the selected user device.
15 Assignments
0 Petitions
Accused Products
Abstract
A system arranged to authenticate a user via its mobile device to a service provider, the system comprising: an authentication server; the user mobile device, the user mobile device provided with a verification application arranged to communicate with the authentication server; and a notification server in communication with the authentication server and arranged to transmit a notification to the user mobile device responsive to the authentication server, the authentication server arranged to provide a signed authentication to the service provider responsive to present and historical information regarding one of: the user mobile device; and an additional user device in communication with said authentication server, said signed authentication provided in accordance with a rule set determined by an authorized entity stored on said authentication server memory governing the required present and historical information attribute.
-
Citations
26 Claims
-
1. A system arranged to provide access from a user device to a service provider, the system comprising:
-
an authentication server, said authentication server comprising an authentication server processor and an associated authentication server non-transitory memory, said authentication server non-transitory memory having loaded thereon instructions readable by said authentication server processor, which when executed by said authentication server processor cause said authentication server to; determine that a mobile device has accessed the authentication server; in response to said determination, provide to said mobile device a list at least of selectable at least one service provider and at least one registered user device other than said mobile device; receive a selection made at said mobile device of a service provider, from among said at least one selectable service provider, to which access is desired, and of a user device, from among said at least one selectable registered user device, by which access to said selected service provider is desired; determine whether one or more requirements of one or more rule sets for authentication has been fulfilled; and based on the determination that the one or more requirements has been fulfilled, send an authentication message to the selected service provider and authorize the selected service provider to allow access by the selected user device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method of providing access from a user device to a service provider, the method comprising:
-
determining, by an authentication server, that a mobile device has accessed the authentication server; in response to said determination, providing by the authentication server to said mobile device a list at least of selectable at least one service provider and at least one registered user device other than said mobile device; receiving, by the authentication server, a selection made at said mobile device of a service provider, from among said at least one selectable service provider, to which access is desired and of a user device, from among said at least one selectable registered user device, by which access to said selected service provider is desired; determining, by the authentication server, whether one or more requirements of one or more rule sets for authentication has been fulfilled; and based on the determination that the one or more requirements has been fulfilled, sending, by the authentication server, an authentication message to the selected service provider and authorizing the selected service provider to allow access by the selected user device. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A computer program product comprising a non-transitory computer readable medium having computer readable program code embodied therein for providing access from a user device to a service provider, the computer program product comprising:
-
computer readable program code for causing an authentication server to determine whether said authentication server has been accessed by a mobile device, and in response to said determination, provide to said mobile device a list at least of selectable at least one service provider and at least one registered user device other than said mobile device; computer readable program code for causing the authentication server to receive a selection made at said mobile device of a service provider, from among said at least one selectable service provider, to which access is desired, and of a user device, from among said at least one selectable registered user device, by which access to said selected service provider is desired; and computer readable program code for causing the authentication server to determine whether one or more requirements of one or more rule sets for authentication has been fulfilled, and based on the determination that the one or more requirements has been fulfilled, send an authentication message to said selected service provider and authorize said selected service provider to allow access by said selected user device.
-
Specification