×

Systems and methods for securely transferring authentication information between a user and an electronic resource

  • US 9,172,692 B2
  • Filed: 03/12/2014
  • Issued: 10/27/2015
  • Est. Priority Date: 03/14/2013
  • Status: Active Grant
First Claim
Patent Images

1. A method of authenticating a user for access to an electronic resource from a user interface, the method comprising:

  • receiving an authentication query from the user interface, wherein the receiving the authentication query includes receiving a user name from the user interface;

    receiving authentication information that corresponds to the user name from the user interface, wherein the receiving the authentication information includes;

    providing an authentication image to the user interface, wherein the authentication image is associated with a resource-side coordinate system that uniquely defines a plurality of locations within the authentication image, wherein the authentication image includes a map, and further wherein the providing includes;

    (i) encoding the resource-side coordinate system using a session-specific coordinate transformation to generate a user-side coordinate system that is different from the resource-side coordinate system; and

    (ii) transmitting the authentication image and the user-side coordinate system to the user interface;

    receiving an encoded coordinate set from the user interface, wherein the encoded coordinate set uniquely specifies a single authentication location that is user-selected from the plurality of locations within the authentication image and that is identified in the user-side coordinate system; and

    decoding the encoded coordinate set by reversing the session-specific coordinate transformation to generate a decoded coordinate set that uniquely specifies the authentication location and that is identified in the resource-side coordinate system; and

    comparing the decoded coordinate set to a previously defined user-specific authentication data set; and

    one of;

    (i) selectively granting the user access to the electronic resource responsive to determining that the decoded coordinate set corresponds to the user-specific authentication data set; and

    (ii) selectively denying the user access to the electronic resource responsive to determining that the decoded coordinate set does not correspond to the user-specific authentication data set.

View all claims
  • 0 Assignments
Timeline View
Assignment View
    ×
    ×