Token sharing system and method
First Claim
Patent Images
1. A system comprising:
- a first one time password generation device to generate one time passwords, wherein the first one time password generation device corresponds to a first one time password generation device identifier;
a first entity to receive a first one time password generated by the first one time password generation device and to provide a first service to a user of the first one time password generation device in response to successful validation of the first one time password;
a second entity to receive a second one time password generated by the first one time password generation device and to provide a second service to the user of the first one time password generation device in response to successful validation of the second one time password;
a first one time password validation server to receive the first one time password from the first entity, validate the first one time password, and provide results of the validation of the first one time password to the first entity, wherein the first one time password validation server is further to receive the second one time password from the second entity, validate the second one time password, and provide results of the validation of the second one time password to the second entity; and
a one time password generation device lookup server comprising a database to store correlations between a plurality of one time password generation device identifiers and a plurality of network addresses, wherein each of the plurality of network addresses corresponds to one of a plurality of one time password validation servers, wherein the plurality of one time password validation servers is to validate one time passwords generated by a plurality of one time password generation devices that each correspond to one of the plurality of token one time password generation device identifiers, wherein the plurality of one time password validation servers comprises the first one time password validation server having a network address among the plurality of network addresses, wherein the plurality of one time password generation devices comprises the first one time password generation device having a first one time password generation device identifier among the plurality of token one time password generation device identifiers, and wherein the stored correlations comprise a correlation between the network address of the first one time password validation server and the first one time password generation device identifier of the first one time password generation device, wherein the one time password generation device lookup server is to receive the first one time password generation device identifier from the first entity and send the network address of the first one time password validation server to the first entity in view of the first one time password generation device identifier received from the first entity and the stored correlation, wherein the first entity is to send the first one time password to the first one time password validation server in view of the network address of the first one time password validation server received from the one time password generation device lookup server, wherein the one time password generation device lookup server is to receive the first one time password generation device identifier from the second entity and send the network address of the first one time password validation server to the second entity in view of the first one time password generation device identifier received from the second entity and the stored correlation, and wherein the second entity is to send the second one time password to the first one time password validation server in view of the network address of the first one time password validation server received from the one time password generation device lookup server.
3 Assignments
0 Petitions
Accused Products
Abstract
A scalable system and method for authenticating entities such as consumers to entities with a diverse set of authentication requirements, such as merchants, banks, vendors, other consumers, and so on. An authentication credential such as a token can be shared among several resources as a way to authenticate the credential owner.
23 Citations
8 Claims
-
1. A system comprising:
-
a first one time password generation device to generate one time passwords, wherein the first one time password generation device corresponds to a first one time password generation device identifier; a first entity to receive a first one time password generated by the first one time password generation device and to provide a first service to a user of the first one time password generation device in response to successful validation of the first one time password; a second entity to receive a second one time password generated by the first one time password generation device and to provide a second service to the user of the first one time password generation device in response to successful validation of the second one time password; a first one time password validation server to receive the first one time password from the first entity, validate the first one time password, and provide results of the validation of the first one time password to the first entity, wherein the first one time password validation server is further to receive the second one time password from the second entity, validate the second one time password, and provide results of the validation of the second one time password to the second entity; and a one time password generation device lookup server comprising a database to store correlations between a plurality of one time password generation device identifiers and a plurality of network addresses, wherein each of the plurality of network addresses corresponds to one of a plurality of one time password validation servers, wherein the plurality of one time password validation servers is to validate one time passwords generated by a plurality of one time password generation devices that each correspond to one of the plurality of token one time password generation device identifiers, wherein the plurality of one time password validation servers comprises the first one time password validation server having a network address among the plurality of network addresses, wherein the plurality of one time password generation devices comprises the first one time password generation device having a first one time password generation device identifier among the plurality of token one time password generation device identifiers, and wherein the stored correlations comprise a correlation between the network address of the first one time password validation server and the first one time password generation device identifier of the first one time password generation device, wherein the one time password generation device lookup server is to receive the first one time password generation device identifier from the first entity and send the network address of the first one time password validation server to the first entity in view of the first one time password generation device identifier received from the first entity and the stored correlation, wherein the first entity is to send the first one time password to the first one time password validation server in view of the network address of the first one time password validation server received from the one time password generation device lookup server, wherein the one time password generation device lookup server is to receive the first one time password generation device identifier from the second entity and send the network address of the first one time password validation server to the second entity in view of the first one time password generation device identifier received from the second entity and the stored correlation, and wherein the second entity is to send the second one time password to the first one time password validation server in view of the network address of the first one time password validation server received from the one time password generation device lookup server. - View Dependent Claims (2, 3, 4)
-
-
5. A system comprising:
-
a memory to store correlations between a plurality of one time password generation device identifiers and a plurality of network addresses, wherein each of the plurality of network addresses corresponds to one of a plurality of one time password validation servers, wherein the plurality of one time password validation servers is to validate one time passwords generated by a plurality of one time password generation devices that each correspond to one of the plurality of one time password generation device identifiers, wherein the plurality of one time password validation servers comprises a first one time password validation server having a network address among the plurality of network addresses, wherein the plurality of one time password generation devices comprises a first one time password generation device having a first one time password generation device identifier among the plurality of one time password generation device identifiers, and wherein the stored correlations comprise a correlation between the network address of the first one time password validation server and the first one time password generation device identifier of the first one time password generation device; and a processor to communicate with the memory to; receive the first one time password generation device identifier from a first entity; send the network address of the first one time password validation server to the first entity in view of the first one time password generation device identifier received from the first entity and the stored correlation, wherein the first entity is to receive a first one time password generated by the first one time password generation device, send the first one time password to the first one time password validation server in view of the received network address of the first one time password validation server, and provide access to a first service in view of successful authentication of the first one time password by the first one time password validation server; receive the first one time password generation device identifier from a second entity; and send the network address of the first one time password validation server to the second entity in view of the first one time password generation device identifier received from the second entity and the stored correlation, wherein the second entity is to receive a second one time password generated by the first one time password generation device, send the second one time password to the first one time password validation server in view of the received network address of the first one time password validation server, and provide access to a second service in view of successful authentication of the second one time password by the first one time password validation server. - View Dependent Claims (6)
-
-
7. A method comprising:
-
storing in a database correlations between a plurality of one time password generation device identifiers and a plurality of network addresses, wherein each of the plurality of network addresses corresponds to one of a plurality of one time password validation servers, wherein the plurality of one time password validation servers is to validate one time passwords generated by a plurality of one time password generation devices that each correspond to one of the plurality of one time password generation device identifiers, wherein the plurality of one time password validation servers comprises a first one time password validation server having a network address among the plurality of network addresses, wherein the plurality of one time password generation devices comprises a first one time password generation device having a first one time password generation device identifier among the plurality of one time password generation device identifiers, and wherein the stored correlations comprise a correlation between the network address of the first one time password validation server and the first one time password generation device identifier of the first one time password generation device; receiving the first one time password generation device identifier from a first entity; sending, by a processor, the network address of the first one time password validation server to the first entity in view of the first one time password generation device identifier received from the first entity and the stored correlation, wherein the first entity is to receive a first one time password generated by the first one time password generation device, send the first one time password to the first one time password validation server in view of the received network address of the first one time password validation server, and provide access to a first service in view of successful authentication of the first one time password by the first one time password validation server; receiving the first one time password generation device identifier from a second entity; and sending, by the processor, the network address of the first one time password validation server to the second entity in view of the first one time password generation device identifier received from the second entity and the stored correlation, wherein the second entity is to receive a second one time password generated by the first one time password generation device, send the second one time password to the first one time password validation server in view of the received network address of the first one time password validation server, and provide access to a second service in view of successful authentication of the second one time password by the first one time password validation server. - View Dependent Claims (8)
-
Specification