System and method for mobile user authentication
First Claim
1. A method for enhancing security through authentication between a third party and a Wireless Device (WD) of a Mobile Subscriber (MS), the method comprising:
- receiving, by one or more computing devices, a first request message from the third party, wherein the first request message is associated with a first activity of a first activity type, the first activity using a first communication channel of a first communication channel type between the third-party and the MS, and comprises an identifier of the MS;
processing, by the one or more computing devices, the first request message to determine from the identifier, the first communication channel type, the WD, and the first activity type a first security level of the first activity using the first communication channel between the third-party and the MS, wherein the processing uses information from the first request message, information previously supplied by the third-party comprising a first authentication level appropriate to the first activity when using the first communication channel, and MS information retrieved based on the identifier;
receiving, by the one or more computing devices, a second request message distinct from the first request message from the third party, wherein the second request message is associated with a second activity of a second activity type distinct from the first activity type, the second activity using the first communication channel, and comprises the identifier of the MS;
processing, by the one or more computing devices, the second request message to determine from the identifier, the first communication channel type, the WD, and the second activity type a second security level of the second activity when using a second communication channel between the third-party and the MS, wherein the processing uses information from the second request message, information previously supplied by the third-party comprising a second authentication level appropriate to the second activity when using the second communication channel but not appropriate to the second activity when using the first communication channel, and MS information retrieved based on the identifier, wherein the second security level is an enhanced security level of the first security level;
generating, by the one or more computing devices, responsive to the determination of the enhanced security level, a first notification message to the WD associated with one or more levels of authentication corresponding to the enhanced security level;
transmitting, by the one or more computing devices, the first notification message to the WD; and
transmitting to the third-party a second notification message associated with the one or more levels of authentication corresponding to the enhanced security level.
1 Assignment
0 Petitions
Accused Products
Abstract
As individuals increasingly employ their wireless devices to engage in different types of activities they face a growing threat from, possibly among other things, identity theft, financial fraud, information misuse, etc. and the serious consequences or repercussions of same. Leveraging the ubiquitous nature of wireless devices and the popularity of (Short Message Service, Multimedia Message Service, etc.) messaging, an infrastructure that enhances the security of the different types of activities within which a wireless device user may participate through dynamically configurable levels of authentication. The infrastructure may optionally leverage the capabilities of a centrally-located Messaging Inter-Carrier Vendor.
-
Citations
20 Claims
-
1. A method for enhancing security through authentication between a third party and a Wireless Device (WD) of a Mobile Subscriber (MS), the method comprising:
-
receiving, by one or more computing devices, a first request message from the third party, wherein the first request message is associated with a first activity of a first activity type, the first activity using a first communication channel of a first communication channel type between the third-party and the MS, and comprises an identifier of the MS; processing, by the one or more computing devices, the first request message to determine from the identifier, the first communication channel type, the WD, and the first activity type a first security level of the first activity using the first communication channel between the third-party and the MS, wherein the processing uses information from the first request message, information previously supplied by the third-party comprising a first authentication level appropriate to the first activity when using the first communication channel, and MS information retrieved based on the identifier; receiving, by the one or more computing devices, a second request message distinct from the first request message from the third party, wherein the second request message is associated with a second activity of a second activity type distinct from the first activity type, the second activity using the first communication channel, and comprises the identifier of the MS; processing, by the one or more computing devices, the second request message to determine from the identifier, the first communication channel type, the WD, and the second activity type a second security level of the second activity when using a second communication channel between the third-party and the MS, wherein the processing uses information from the second request message, information previously supplied by the third-party comprising a second authentication level appropriate to the second activity when using the second communication channel but not appropriate to the second activity when using the first communication channel, and MS information retrieved based on the identifier, wherein the second security level is an enhanced security level of the first security level; generating, by the one or more computing devices, responsive to the determination of the enhanced security level, a first notification message to the WD associated with one or more levels of authentication corresponding to the enhanced security level; transmitting, by the one or more computing devices, the first notification message to the WD; and transmitting to the third-party a second notification message associated with the one or more levels of authentication corresponding to the enhanced security level. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory computer-readable medium having stored thereon, computer-executable instructions that, when executed by a computing device, cause the computing device to perform a method for enhancing security through authentication between a third party and a Wireless Device (WD) of a Mobile Subscriber (MS), comprising:
-
receiving a first request message from the third party, wherein the first request message is associated with a first activity of a first activity type, the first activity using a first communication channel of a first communication channel type between the third-party and the MS, and comprises an identifier of the MS; processing the first request message to determine from the identifier, the first communication channel type, the WD, and the first activity type a first security level of the first activity using the first communication channel between the third-party and the MS, wherein the processing uses information from the first request message, information previously supplied by the third-party comprising a first authentication level appropriate to the first activity when using the first communication channel, and MS information retrieved based on the identifier; receiving a second request message distinct from the first request message from the third party, wherein the second request message is associated with a second activity of a second activity type distinct from the first activity type, the second activity using the first communication channel, and comprises the identifier of the MS; processing the second request message to determine from the identifier, the first communication channel type, the WD, and the second activity type a second security level of the second activity when using a second communication channel between the third-party and the MS, wherein the processing uses information from the second request message, information previously supplied by the third-party comprising a second authentication level appropriate to the second activity when using the second communication channel but not appropriate to the second activity when using the first communication channel, and MS information retrieved based on the identifier, wherein the second security level is an enhanced security level of the first security level generating, responsive to the determination of the enhanced security level, a first notification message to a Wireless Device (WD) associated with one or more levels of authentication corresponding to the enhanced security level; transmitting the first notification message to the WD; and transmitting to the third-party a second notification message associated with the one or more levels of authentication corresponding to the enhanced security level.
-
-
20. A computer program product comprising a non-transitory computer readable storage medium having computer program logic stored thereon that, in response to execution by a processor, causes the processor to enhance security through authentication between a third party and a Wireless Device (WD) of a Mobile Subscriber (MS) by performing operations comprising:
-
receiving a first request message from the third party, wherein the first request message is associated with first activity of a first activity type, the first activity using a first communication channel of a first communication channel type between the third-party and the MS, and comprises an identifier of the MS; processing the first request message to determine from the identifier, the first communication channel type, the WD, and the first activity type a first security level of the first activity using the first communication channel between the third-party and the MS, wherein the processing uses information from the first request message, information previously supplied by the third-party comprising a first authentication level appropriate to the first activity when using the first communication channel, and MS information retrieved based on the identifier; receiving a second request message distinct from the first request message from the third party, wherein the second request message is associated with a second activity of a second activity type distinct from the first activity type, the second activity using the first communication channel, and comprises the identifier of the MS; processing the second request message to determine from the identifier, the first communication channel type, the WD, and the second activity type a second security level of the second activity when using a second communication channel between the third-party and the MS, wherein the processing uses information from the second request message, information previously supplied by the third-party comprising a second authentication level appropriate to the second activity when using the second communication channel but not appropriate to the second activity when using the first communication channel, and MS information retrieved based on the identifier, wherein the second security level is an enhanced security level of the first security level; generating, responsive to the determination of the enhanced security, a first notification message to the WD associated with one or more levels of authentication corresponding to the enhanced security; transmitting the first notification message to the WD; and transmitting to the third-party a second notification message associated with the one or more levels of authentication corresponding to the enhanced security level.
-
Specification