Persistent authentication

US 9,105,143 B1
Filed: 03/30/2009
Issued: 08/11/2015
Est. Priority Date: 03/30/2009
Status: Active Grant

First Claim

Patent Images

1. A computer-assisted method comprising:

receiving, by a processor through a communications interface, a persistent authentication request from a first communication device of a first customer;

authenticating, by the processor, the first customer based on authentication information provided by the first customer;

registering, by the processor, the first communication device with a device identification, wherein the registering includes linking the device identification to non-actionable information that is associated with the first communication device;

receiving, by the processor through the communications interface, during a call that is initiated subsequent to the authenticating and the registering, a first subsequent request from the first customer for the non-actionable information, wherein the first subsequent request is generated through the first communication device and contains a first calling identification;

verifying, by the processor, that the first communication device is registered based on the first calling identification during the call without user authentication;

when the first communication device is verified as being registered, sending, by the processor through the communications interface, the non-actionable information to the first communication device without further authentication; and

when the first communication device is verified as being registered and a second subsequent request is for action on an account for the first customer, requiring, by the processor, the further authentication to execute the action on the account.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for supporting a mobile financial service that enables a customers to enroll the customer'"'"'s mobile phone number and register accounts are disclosed. A persistent authentication request is received from a customer, and the customer is authenticated based on authentication information provided by the customer. The customer enters a device identification of the communication device so that the device identification is registered and linked to the customer'"'"'s profile. When the customer requests non-actionable information (e.g., account balance and transaction history information) by calling a customer service center with a registered communication device, the calling identification is provided to the customer service center by the incoming call. The customer service determines whether the calling identification corresponds to a registered number. If so, the customer service center provides the requested non-actionable information to the communication device without further authentication.

24 Citations

View as Search Results

18 Claims

1. A computer-assisted method comprising:
- receiving, by a processor through a communications interface, a persistent authentication request from a first communication device of a first customer;
  
  authenticating, by the processor, the first customer based on authentication information provided by the first customer;
  
  registering, by the processor, the first communication device with a device identification, wherein the registering includes linking the device identification to non-actionable information that is associated with the first communication device;
  
  receiving, by the processor through the communications interface, during a call that is initiated subsequent to the authenticating and the registering, a first subsequent request from the first customer for the non-actionable information, wherein the first subsequent request is generated through the first communication device and contains a first calling identification;
  
  verifying, by the processor, that the first communication device is registered based on the first calling identification during the call without user authentication;
  
  when the first communication device is verified as being registered, sending, by the processor through the communications interface, the non-actionable information to the first communication device without further authentication; and
  
  when the first communication device is verified as being registered and a second subsequent request is for action on an account for the first customer, requiring, by the processor, the further authentication to execute the action on the account.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the non-actionable information comprises balance information of an account for the first customer.
  - 3. The method of claim 1, wherein the non-actionable information comprises transaction history information of an account for the first customer.
  - 4. The method of claim 1, wherein the sending comprises:
    - if the non-actionable information cannot be provided within a predetermined time duration, initiating a callback to the registered communication device; and
      
      providing the non-actionable information when the callback has been established.
  - 5. The method of claim 1, further comprising:
    - receiving a second subsequent request from a second communication device of a second customer, the second subsequent request containing a second calling identification;
      
      if the second calling identification is not registered, authenticating the second customer; and
      
      if the second customer has been authenticated, providing non-actionable information to the second communication device for the second customer.
  - 6. The method of claim 1, further comprising:
    - receiving a second subsequent request from a second customer, the second subsequent request containing a second calling identification; and
      
      if the second calling identification is registered, providing non-actionable information for the second customer without further verification.
  - 7. The method of claim 1, further comprising:
    - receiving, subsequent to the authenticating and the registering, another subsequent request from the first customer for action on an account, wherein the other subsequent request is generated through the first communication device and contains the first calling identification; and
      
      repeating the authenticating before executing the action on the account.

8. An apparatus comprising:
- a memory; and
  
  a processor coupled to the memory and configured to perform, based on instructions stored in the memory;
  
  receiving a persistent authentication request from a first customer;
  
  authenticating the first customer based on authentication information provided by the first customer;
  
  registering a communication device with a device identification, wherein the registering includes linking the device identification to non-actionable information that is associated with the communication device;
  
  receiving, during a call that is initiated subsequent to the authenticating and the registering, a first subsequent request from the first customer for non-actionable information, wherein the first subsequent request is generated through the communication device and contains a first calling identification;
  
  verifying that the communication device is registered based on the first calling identification during the call without user authentication;
  
  when the non-actionable information cannot be provided within a predetermined time duration, initiating a callback to the registered communication device;
  
  providing the non-actionable information when the callback has been established; and
  
  when the communication device is verified as being registered and a second subsequent request is for action on an account for the first customer, requiring, by the processor, the further authentication to execute the action on the account.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The apparatus of claim 8, further comprising:
    - a registration interface that is configured to interact with a plurality of communication channels; and
      
      wherein the processor is further configured to perform;
      
      receiving the persistent authentication request through a channel of choice from the first customer, the channel of choice being one of the plurality of communication channels.
  - 10. The apparatus of claim 8, wherein the processor is further configured to perform:
    - linking the device identification to the non-actionable information that is associated with the first customer.
  - 11. The apparatus of claim 8, wherein the processor is further configured to perform:
    - if the non-actionable information can be provided within the predetermined time duration, providing the non-actionable information without further authentication.
  - 12. The apparatus of claim 8, wherein the processor is further configured to perform:
    - receiving a second subsequent request from a second customer, the second subsequent request containing a second calling identification;
      
      if the second calling identification is not registered, authenticating the second customer; and
      
      if the second customer has been authenticated, providing non-actionable information for the second customer.
  - 13. The apparatus of claim 8, wherein the processor is further configured to perform:
    - receiving a second subsequent request from a second customer, the second subsequent request containing a second calling identification; and
      
      if the second calling identification is registered, providing non-actionable information for the second customer without further verification.

14. A non-transitory computer-readable storage medium storing computer-executable instructions that, when executed, cause a processor to perform:
- receiving a persistent authentication request from a first customer;
  
  authenticating the first customer based on authentication information provided by the first customer;
  
  registering a communication device with a device identification, wherein the registering includes linking the device identification to non-actionable information that is associated with the communication device;
  
  receiving, during a call that is initiated subsequent to the authenticating and the registering, a first subsequent request for account information for an account of the first customer, wherein the first subsequent request is generated through the communication device and contains a first calling identification;
  
  verifying that the communication device is registered based on the first calling identification during the call without user authentication;
  
  when the communication device is verified as being registered, providing the account information without further authentication; and
  
  when the communication device is verified as being registered and a second subsequent request is for action on an account for the first customer, requiring the further authentication to execute the action on the account.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The non-transitory computer-readable medium of claim 14, wherein the processor performs:
    - linking the device identification to the account information that is associated with the first customer.
  - 16. The non-transitory computer-readable medium of claim 14, wherein the processor performs:
    - if the account information cannot be provided within a predetermined time duration, initiating a callback to the registered communication device; and
      
      providing the account information when the callback has been established.
  - 17. The non-transitory computer-readable medium of claim 14, wherein the processor performs:
    - receiving a second subsequent request from a second customer, the second subsequent request containing a second calling identification;
      
      if the second calling identification is not registered, authenticating the second customer; and
      
      if the second customer has been authenticated, providing account information for the second customer.
  - 18. The non-transitory computer-readable medium of claim 14, wherein the processor performs:
    - receiving a second subsequent request from a second customer, the second subsequent request containing a second calling identification; and
      
      if the second calling identification is registered, providing account information for the second customer without further verification.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Brown, Douglas G., Warshawsky, Marc L., Huggins, Margaret A.
Primary Examiner(s)
Teshale, Akelaw

Application Number

US12/413,932
Time in Patent Office

2,325 Days
Field of Search

379/91.1, 379/142.04, 379/142.05, 379 8819- 8821, 379/91.01, 379/118, 379/121.06, 379/127.02, 379/127.06, 379/183, 37920713-20715, 379/239, 379/245, 379/261, 379/280, 379/288
US Class Current

1/1
CPC Class Codes

G06Q 20/3223   Realising banking transacti...

G06Q 20/40   Authorisation, e.g. identif...

G07F 7/08   by coded identity card or c...

Persistent authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

24 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Persistent authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links