Remote authentication system

US 9,160,741 B2
Filed: 10/23/2014
Issued: 10/13/2015
Est. Priority Date: 04/17/2007
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

a) receiving, from a server computer, at a mobile device of a presenter, an authentication request, wherein the authentication request is provided in response to a receipt of an alias identifier from the mobile device to initiate a transaction and upon a determination of (i) an account number being selected and associated with the alias identifier and (ii) a validation entity operating a validation computer, wherein the server computer is associated with a registration of the presenter in an authentication program to ensure that the received alias identifier is correct;

b) providing, by the mobile device, an authentication response comprising a PIN or password of the presenter; and

c) transmitting, by the mobile device, the authentication response to the server computer, the authentication response comprising the PIN or the password,wherein the server computer is configured to subsequently transmit a validation request comprising transaction data including the PIN or password to the validation computer and receive a response from the validation computer validating the PIN or password of the presenter.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One embodiment of the invention is directed to a method including receiving an alias identifier associated with an account associated with a presenter, determining an associated trusted party using the alias identifier, sending a verification request message to the trusted party after determining the associated trusted party, and receiving a verification response message.

303 Citations

16 Claims

1. A method comprising:
- a) receiving, from a server computer, at a mobile device of a presenter, an authentication request, wherein the authentication request is provided in response to a receipt of an alias identifier from the mobile device to initiate a transaction and upon a determination of (i) an account number being selected and associated with the alias identifier and (ii) a validation entity operating a validation computer, wherein the server computer is associated with a registration of the presenter in an authentication program to ensure that the received alias identifier is correct;
  
  b) providing, by the mobile device, an authentication response comprising a PIN or password of the presenter; and
  
  c) transmitting, by the mobile device, the authentication response to the server computer, the authentication response comprising the PIN or the password,wherein the server computer is configured to subsequently transmit a validation request comprising transaction data including the PIN or password to the validation computer and receive a response from the validation computer validating the PIN or password of the presenter.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method as recited in claim 1 further comprising:
    - transmitting, by the mobile device, the alias identifier to the server computer.
  - 3. The method of claim 1 wherein the mobile device is a mobile phone.
  - 4. The method of claim 1 wherein the alias identifier was selected from among a plurality of alias identifiers.
  - 5. The method of claim 1 wherein the alias identifier is a phone number associated with the mobile device.
  - 6. The method of claim 1 wherein the authentication response is encrypted.
  - 7. The method of claim 1 wherein the transaction data are encrypted.

8. A mobile device comprising:
- a processor device; and
  
  a non-transitory computer readable medium, the computer readable medium comprising code, executable by the processor device to implement a method comprisinga) receiving, from a server computer, an authentication request, wherein the authentication request is provided in response to a receipt of an alias identifier from the mobile device to initiate a transaction and upon a determination of (i) an account number being selected and associated with the alias identifier and (ii) a validation entity, the validation entity operating a validation computer, wherein the server computer is associated with a registration of the presenter in an authentication program to ensure that the received alias identifier is correct,b) providing an authentication response comprising a PIN or password of the presenter, andc) transmitting the authentication response to the server computer, the authentication response comprising the PIN or the password,wherein the server computer is configured to subsequently transmit a validation request comprising transaction data including the PIN or password to the validation computer and receive a response from the validation computer validating the PIN or password of the presenter.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The mobile device of claim 8 wherein the method further comprises:
    - transmitting, by the mobile device, the alias identifier to the server computer.
  - 10. The mobile device of claim 8 wherein the mobile device is a mobile phone.
  - 11. The mobile device of claim 8 wherein the alias identifier was selected from among a plurality of alias identifiers.
  - 12. The mobile device of claim 8 wherein the alias identifier is a phone number associated with the mobile device.
  - 13. The mobile device of claim 8 wherein the authentication response is encrypted.
  - 14. The mobile device of claim 8 wherein the transaction data are encrypted.

15. A method comprising:
- a) providing, to a mobile device of a presenter by a server computer, an authentication request, wherein the authentication request is provided in response to a receipt of an alias identifier from the mobile device to initiate a transaction and a determination of (i) an account number being selected and associated with the alias identifier and (ii) an entity that issued the account number, the entity operating a validation computer, wherein the server computer is associated with a registration of the presenter in an authentication program to ensure that the received alias identifier is correct;
  
  b) receiving, by the server computer, an authentication response comprising a PIN or password of the presenter;
  
  c) transmitting, by the server computer, a request comprising transaction data comprising the PIN or password to the validation computer; and
  
  d) receiving, by the server computer, a response from the validation computer validating the PIN or password of the presenter.

16. A server computer comprising:
- a processor device; and
  
  a non-transitory computer readable medium, the computer readable medium comprising code, executable by the processor device, for implementing a method comprisinga) providing, to a mobile device of a presenter, an authentication request, wherein the authentication request is provided in response to a receipt of an alias identifier from the mobile device to initiate a transaction and a determination of (i) an account number being selected and associated with the alias identifier and (ii) an entity that issued the account number, the entity operating a validation computer, wherein the server computer is associated with a registration of the presenter in an authentication program to ensure that the received alias identifier is correct,b) receiving an authentication response comprising a PIN or password of the presenter,c) transmitting a request comprising transaction data comprising the PIN or password to the validation computer, andd) receiving a response from the validation computer validating the PIN or password of the presenter.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa USA, Inc. (Visa, Inc.)
Original Assignee
Visa USA, Inc. (Visa, Inc.)
Inventors
Wentker, David, Lindelsee, Michael, Brand, Olivier, Dimmick, James, Grewal, Tribhuwan A. Singh
Primary Examiner(s)
Chai, Longbit

Application Number

US14/522,283
Publication Number

US 20150143106A1
Time in Patent Office

355 Days
Field of Search

713/155
US Class Current

1/1
CPC Class Codes

G06F 21/33   using certificates

G06F 2221/2103   Challenge-response

G06F 2221/2115   Third party

G06Q 20/385   using an alias or single-us...

G06Q 20/386   using messaging services or...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 30/06   Buying, selling or leasing ...

H04L 63/0421   Anonymous communication, i....

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/0884   by delegation of authentica...

Remote authentication system

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

303 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Remote authentication system

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

303 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links