System and method for mobile user authentication

US 9,100,222 B2
Filed: 12/31/2008
Issued: 08/04/2015
Est. Priority Date: 12/31/2008
Status: Active Grant

First Claim

Patent Images

1. A method for enhancing security through authentication between a third party and a Wireless Device (WD) of a Mobile Subscriber (MS), the method comprising:

receiving, by one or more computing devices, a first request message from the third party, wherein the first request message is associated with a first activity of a first activity type, the first activity using a first communication channel of a first communication channel type between the third-party and the MS, and comprises an identifier of the MS;

processing, by the one or more computing devices, the first request message to determine from the identifier, the first communication channel type, the WD, and the first activity type a first security level of the first activity using the first communication channel between the third-party and the MS, wherein the processing uses information from the first request message, information previously supplied by the third-party comprising a first authentication level appropriate to the first activity when using the first communication channel, and MS information retrieved based on the identifier;

receiving, by the one or more computing devices, a second request message distinct from the first request message from the third party, wherein the second request message is associated with a second activity of a second activity type distinct from the first activity type, the second activity using the first communication channel, and comprises the identifier of the MS;

processing, by the one or more computing devices, the second request message to determine from the identifier, the first communication channel type, the WD, and the second activity type a second security level of the second activity when using a second communication channel between the third-party and the MS, wherein the processing uses information from the second request message, information previously supplied by the third-party comprising a second authentication level appropriate to the second activity when using the second communication channel but not appropriate to the second activity when using the first communication channel, and MS information retrieved based on the identifier, wherein the second security level is an enhanced security level of the first security level;

generating, by the one or more computing devices, responsive to the determination of the enhanced security level, a first notification message to the WD associated with one or more levels of authentication corresponding to the enhanced security level;

transmitting, by the one or more computing devices, the first notification message to the WD; and

transmitting to the third-party a second notification message associated with the one or more levels of authentication corresponding to the enhanced security level.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

As individuals increasingly employ their wireless devices to engage in different types of activities they face a growing threat from, possibly among other things, identity theft, financial fraud, information misuse, etc. and the serious consequences or repercussions of same. Leveraging the ubiquitous nature of wireless devices and the popularity of (Short Message Service, Multimedia Message Service, etc.) messaging, an infrastructure that enhances the security of the different types of activities within which a wireless device user may participate through dynamically configurable levels of authentication. The infrastructure may optionally leverage the capabilities of a centrally-located Messaging Inter-Carrier Vendor.

Citations

20 Claims

1. A method for enhancing security through authentication between a third party and a Wireless Device (WD) of a Mobile Subscriber (MS), the method comprising:
- receiving, by one or more computing devices, a first request message from the third party, wherein the first request message is associated with a first activity of a first activity type, the first activity using a first communication channel of a first communication channel type between the third-party and the MS, and comprises an identifier of the MS;
  
  processing, by the one or more computing devices, the first request message to determine from the identifier, the first communication channel type, the WD, and the first activity type a first security level of the first activity using the first communication channel between the third-party and the MS, wherein the processing uses information from the first request message, information previously supplied by the third-party comprising a first authentication level appropriate to the first activity when using the first communication channel, and MS information retrieved based on the identifier;
  
  receiving, by the one or more computing devices, a second request message distinct from the first request message from the third party, wherein the second request message is associated with a second activity of a second activity type distinct from the first activity type, the second activity using the first communication channel, and comprises the identifier of the MS;
  
  processing, by the one or more computing devices, the second request message to determine from the identifier, the first communication channel type, the WD, and the second activity type a second security level of the second activity when using a second communication channel between the third-party and the MS, wherein the processing uses information from the second request message, information previously supplied by the third-party comprising a second authentication level appropriate to the second activity when using the second communication channel but not appropriate to the second activity when using the first communication channel, and MS information retrieved based on the identifier, wherein the second security level is an enhanced security level of the first security level;
  
  generating, by the one or more computing devices, responsive to the determination of the enhanced security level, a first notification message to the WD associated with one or more levels of authentication corresponding to the enhanced security level;
  
  transmitting, by the one or more computing devices, the first notification message to the WD; and
  
  transmitting to the third-party a second notification message associated with the one or more levels of authentication corresponding to the enhanced security level.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1, wherein the MS information is information provided by the MS during a registration process.
  - 3. The method of claim 2, wherein the registration process captures one or more of identifying information, account information, security service information, or billing information.
  - 4. The method of claim 2, wherein the registration process generates a MS profile.
  - 5. The method of claim 2, wherein the registration process is web-based.
  - 6. The method of claim 2, wherein the registration process includes a billing component.
  - 7. The method of claim 2, wherein the registration process generates one or more confirmation messages.
  - 8. The method of claim 7, wherein the one or more confirmation messages comprise at least one of a Short Message Service (SMS) message or a Multimedia Message Service (MMS) message.
  - 9. The method of claim 1, wherein the first notification message is one of an SMS message or an MMS message.
  - 10. The method of claim 1, wherein the first notification message is addressed to a telephone number of the WD.
  - 11. The method of claim 1, further comprising:
    - completing a billing transaction.
  - 12. The method of claim 1, wherein the request message is processed using information on a physical location of the WD.
  - 13. The method of claim 1, wherein the first notification message contains an informational element.
  - 14. The method of claim 13, wherein the informational element comprises location-based information.
  - 15. The method of claim 1, further comprising receiving, by the one or more computing devices, an acknowledgement to the first notification message from the WD.
  - 16. The method of claim 15, further comprising activating, by the one or more computing devices, enhanced security based on the received acknowledgement.
  - 17. The method of claim 15, wherein the first notification message becomes stale after a predetermined amount of time.
  - 18. The method of claim 17, further comprising activating the enhanced security level only after determining that the acknowledgement was received prior to the first notification message becoming stale.

19. A non-transitory computer-readable medium having stored thereon, computer-executable instructions that, when executed by a computing device, cause the computing device to perform a method for enhancing security through authentication between a third party and a Wireless Device (WD) of a Mobile Subscriber (MS), comprising:
- receiving a first request message from the third party, wherein the first request message is associated with a first activity of a first activity type, the first activity using a first communication channel of a first communication channel type between the third-party and the MS, and comprises an identifier of the MS;
  
  processing the first request message to determine from the identifier, the first communication channel type, the WD, and the first activity type a first security level of the first activity using the first communication channel between the third-party and the MS, wherein the processing uses information from the first request message, information previously supplied by the third-party comprising a first authentication level appropriate to the first activity when using the first communication channel, and MS information retrieved based on the identifier;
  
  receiving a second request message distinct from the first request message from the third party, wherein the second request message is associated with a second activity of a second activity type distinct from the first activity type, the second activity using the first communication channel, and comprises the identifier of the MS;
  
  processing the second request message to determine from the identifier, the first communication channel type, the WD, and the second activity type a second security level of the second activity when using a second communication channel between the third-party and the MS, wherein the processing uses information from the second request message, information previously supplied by the third-party comprising a second authentication level appropriate to the second activity when using the second communication channel but not appropriate to the second activity when using the first communication channel, and MS information retrieved based on the identifier, wherein the second security level is an enhanced security level of the first security levelgenerating, responsive to the determination of the enhanced security level, a first notification message to a Wireless Device (WD) associated with one or more levels of authentication corresponding to the enhanced security level;
  
  transmitting the first notification message to the WD; and
  
  transmitting to the third-party a second notification message associated with the one or more levels of authentication corresponding to the enhanced security level.

20. A computer program product comprising a non-transitory computer readable storage medium having computer program logic stored thereon that, in response to execution by a processor, causes the processor to enhance security through authentication between a third party and a Wireless Device (WD) of a Mobile Subscriber (MS) by performing operations comprising:
- receiving a first request message from the third party, wherein the first request message is associated with first activity of a first activity type, the first activity using a first communication channel of a first communication channel type between the third-party and the MS, and comprises an identifier of the MS;
  
  processing the first request message to determine from the identifier, the first communication channel type, the WD, and the first activity type a first security level of the first activity using the first communication channel between the third-party and the MS, wherein the processing uses information from the first request message, information previously supplied by the third-party comprising a first authentication level appropriate to the first activity when using the first communication channel, and MS information retrieved based on the identifier;
  
  receiving a second request message distinct from the first request message from the third party, wherein the second request message is associated with a second activity of a second activity type distinct from the first activity type, the second activity using the first communication channel, and comprises the identifier of the MS;
  
  processing the second request message to determine from the identifier, the first communication channel type, the WD, and the second activity type a second security level of the second activity when using a second communication channel between the third-party and the MS, wherein the processing uses information from the second request message, information previously supplied by the third-party comprising a second authentication level appropriate to the second activity when using the second communication channel but not appropriate to the second activity when using the first communication channel, and MS information retrieved based on the identifier, wherein the second security level is an enhanced security level of the first security level;
  
  generating, responsive to the determination of the enhanced security, a first notification message to the WD associated with one or more levels of authentication corresponding to the enhanced security;
  
  transmitting the first notification message to the WD; and
  
  transmitting to the third-party a second notification message associated with the one or more levels of authentication corresponding to the enhanced security level.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sybase Incorporated (SAP SE)
Original Assignee
Sybase Incorporated (SAP SE)
Inventors
Sarmah, Dilip, Jian, Zhang, Xu, Yang
Primary Examiner(s)
Brown, Christopher
Assistant Examiner(s)
Baum, Ronald

Application Number

US12/347,223
Publication Number

US 20100169947A1
Time in Patent Office

2,407 Days
Field of Search

726/10
US Class Current

1/1
CPC Class Codes

H04L 51/58   Message adaptation for wire...

H04L 63/08   for authentication of entit...

H04L 63/105   Multiple levels of security

System and method for mobile user authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for mobile user authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links