System and method for graduated security in user authentication

US 9,195,820 B2
Filed: 08/19/2013
Issued: 11/24/2015
Est. Priority Date: 08/19/2013
Status: Active Grant

First Claim

Patent Images

1. A computer system for requesting personal information from a user for authenticating access to at least one computer application of a plurality of computer applications, said computer system comprising a memory device and a processor, said computer system programmed to:

identify a security level from a plurality of security levels for each computer application within the plurality of computer applications, wherein the plurality of security levels include at least a first-tier security level and a second-tier security level, wherein the second-tier security level requires the user to enter additional personal information as compared to the first-tier security level, wherein a first computer application within the plurality of computer applications is configured to require the first-tier security level;

create a user account for the user within the memory device, wherein creating the user account includes configuring the user account with the first-tier security level by prompting the user to provide first personal information associated with the user, wherein the first personal information is previously unknown to the computer system;

restrict the first computer application from requiring a password to enable access to the first computer application;

receive a user input from the user to access a second computer application that is configured to require the second-tier security level to enable access thereto;

determine that the user account has not been granted the second-tier security level;

prompt the user to enter the additional personal information associated with the user that is previously unknown to the computer system; and

promote the user account to the second-tier security level, including associating the additional personal information with the user account.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer system for authenticating user access to at least one computer application of a plurality of computer applications is provided. The computer system includes a memory device and a processor. The computer system is programmed to identify a security level from a plurality of security levels for each computer application within the plurality of computer applications. The plurality of security levels include at least a first-tier security level and a second-tier security level. The second-tier security level requires additional authentication information as compared to the first-tier security level. The computer system is also programmed to create a user account for a user within the memory device with the first-tier security level, and to determine that the user account requires the second-tier security level, and prompt the user to enter the additional authentication information. The computer system is also programmed to promote the user account to the second-tier security level.

17 Citations

View as Search Results

27 Claims

1. A computer system for requesting personal information from a user for authenticating access to at least one computer application of a plurality of computer applications, said computer system comprising a memory device and a processor, said computer system programmed to:
- identify a security level from a plurality of security levels for each computer application within the plurality of computer applications, wherein the plurality of security levels include at least a first-tier security level and a second-tier security level, wherein the second-tier security level requires the user to enter additional personal information as compared to the first-tier security level, wherein a first computer application within the plurality of computer applications is configured to require the first-tier security level;
  
  create a user account for the user within the memory device, wherein creating the user account includes configuring the user account with the first-tier security level by prompting the user to provide first personal information associated with the user, wherein the first personal information is previously unknown to the computer system;
  
  restrict the first computer application from requiring a password to enable access to the first computer application;
  
  receive a user input from the user to access a second computer application that is configured to require the second-tier security level to enable access thereto;
  
  determine that the user account has not been granted the second-tier security level;
  
  prompt the user to enter the additional personal information associated with the user that is previously unknown to the computer system; and
  
  promote the user account to the second-tier security level, including associating the additional personal information with the user account.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The computer system in accordance with claim 1, wherein the plurality of computer applications comprise a first computer application having multiple modules, wherein each module is assigned at least one of the first-tier security level and the second-tier security level.
  - 3. The computer system in accordance with claim 1, wherein the plurality of security levels further includes a third-tier security level, wherein the third-tier security level requires further personal information as compared to the second-tier security level.
  - 4. The computer system in accordance with claim 3, wherein the computer system is further programmed to:
    - prohibit execution of the second application by the user account if the user account is configured as having the first-tier security level; and
      
      prohibit execution of a third application by the user account if the user account is configured as having one of the first-tier security level and the second-tier security level, wherein the third application is configured as requiring a third-tier security level.
  - 5. The computer system in accordance with claim 1, wherein the additional personal information includes at least an account name and a password.
  - 6. The computer system in accordance with claim 1, wherein the computer system is further programmed to determine that the user account requires the second-tier security level based at least in part on the user account interacting with the second application.
  - 7. The computer system in accordance with claim 1, wherein the computer system is further programmed to:
    - restrict the second application from storing account number information.
  - 8. The computer system in accordance with claim 1, wherein the computing system is further programmed to prompt the user using CAPTCHA prior to promoting the user account to the second-tier security level.

9. A computer-implemented method for requesting personal information from a user for authenticating access to at least one computer application of a plurality of computer applications using a computer device in communication with the plurality of computer applications, the method comprising:
- defining a security level from a plurality of security levels for each computer application of the plurality of computer applications, wherein the plurality of security levels include at least a first-tier security level and a second-tier security level, wherein the second-tier security level requires the user to enter additional personal information as compared to the first-tier security level, wherein a first computer application within the plurality of computer applications is configured to require the first-tier security level;
  
  creating a user account for the user within the authentication tool, wherein creating the user account includes configuring the user account as the first-tier security level by prompting the user to provide first personal information associated with the user, wherein the first personal information is previously unknown to the computer system;
  
  restricting the first computer application from requiring a password to enable access to the first computer application;
  
  receiving a user input from the user to access a second computer application that is configured to require the second-tier security level to enable access thereto;
  
  determining that the user account has not been granted the second-tier security level;
  
  prompting the user to enter the additional personal information associated with the user that is previously unknown to the computer system; and
  
  promoting the user account to the second-tier security level, including associating the additional personal information with the user account.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The method in accordance with claim 9, wherein defining a security level comprises defining a security level for each module of a plurality of modules, wherein the plurality of modules comprise a first computer application of the plurality of computer applications.
  - 11. The method in accordance with claim 9, wherein defining a security level comprises defining a security level from a plurality of security levels further including a third-tier security level, wherein the third-tier security level requires additional personal information as compared to the second-tier security level.
  - 12. A method in accordance with claim 11, further comprising:
    - prohibiting execution of the second application by the user account if the user account is configured as having the first-tier security level; and
      
      prohibiting execution of a third application by the user account if the user account is configured as having one of the first-tier security level and the second-tier security level, wherein the third application is configured as requiring the third-tier security level.
  - 13. A method in accordance with claim 9, wherein prompting the user comprises prompting the user for at least an account name and a password.
  - 14. The method in accordance with claim 9, wherein determining that a user account requires second-tier security level comprises determining based at least in part on the user account interacting with the second application.
  - 15. A method in accordance with claim 9, further comprising:
    - restricting the second application from storing account number information.
  - 16. A method in accordance with claim 9, wherein promoting the user account to a second tier security level includes prompting the user using CAPTCHA prior to promoting the user account to the second-tier security level.

17. At least one non-transitory computer-readable storage media having computer-executable instructions embodied thereon, wherein when executed by at least one processor, the computer-executable instructions cause the processor to:
- identify a security level from a plurality of security levels for each computer application within a plurality of computer applications, wherein the plurality of security levels include at least a first-tier security level and a second-tier security level, wherein second-tier security level requires a user to enter additional personal information as compared to the first-tier security level, wherein a first computer application within the plurality of computer applications is configured to require the first-tier security level;
  
  create a user account for the user within a memory device communicatively coupled with the processor, wherein creating the user account includes configuring the user account as the first-tier security level by prompting the user to provide first personal information associated with the user, wherein the first personal information is previously unknown to the computer system;
  
  restrict the first computer application from requiring a password to enable access to the first computer application;
  
  receive a user input to access a second computer application that is configured to require the second-tier security level;
  
  determine that the user account has not been granted the second-tier security level;
  
  prompt the user to enter the additional personal information associated with the user that is previously unknown to the computer system; and
  
  promote the user account to the second-tier security level, including associating the additional personal information with the user account.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The computer-readable storage media of claim 17, wherein the plurality of computer applications comprise a first computer application having multiple modules, wherein each module is assigned at least one of the first-tier security level and the second-tier security level.
  - 19. The computer-readable storage media of claim 17, wherein the plurality of security levels further includes a third-tier security level, wherein the third-tier security level requires further personal information as compared to the second-tier security level.
  - 20. The computer-readable storage media of claim 19, wherein the computer-executable instructions further cause the processor to:
    - prohibit execution of the second application by the user account if the user account is configured as having the first-tier security level; and
      
      prohibit execution of a third application by the user account if the user account is configured as having one of the first-tier security level and the second-tier security level, wherein the third application is configured as requiring the third-tier security level.
  - 21. The computer-readable storage media of claim 17, wherein the computer-executable instructions further cause the processor to determine that the user account requires second-tier security level based at least in part on the user account interacting with a first application of the plurality of applications requiring the second-tier security level.

22. A computer system for requesting personal information from a user for authenticating access to a computer application including a plurality of modules, said computer system comprising a memory device and a processor, said computer system programmed to:
- identify a security level from a plurality of security levels for one or more modules of the plurality of modules, wherein the plurality of security levels include at least a first-tier security level and a second-tier security level, wherein the second-tier security level requires the user to enter additional personal information as compared to the first-tier security level, wherein a first module within the plurality of modules is configured to require the first-tier security level;
  
  create a user account for the user within the memory device, wherein creating the user account includes configuring the user account with the first-tier security level by prompting the user to provide first personal information associated with the user, wherein the first personal information is previously unknown to the computer system;
  
  restrict the first module from requiring a password to enable access to the first module;
  
  receive a user input from the user to access a second module that is configured to require the second-tier security level to enable access thereto;
  
  determine that the user account has not been granted the second-tier security level;
  
  prompt the user to enter the additional personal information associated with the user that is previously unknown to the computer system; and
  
  promote the user account to the second-tier security level, including associating the additional personal information with the user account.
- View Dependent Claims (23, 24, 25, 26, 27)
- - 23. The computer system in accordance with claim 22, wherein the security level further includes a third-tier security level, wherein the third-tier security level requires further personal information as compared to the second-tier security level.
  - 24. The computer system in accordance with claim 23, wherein the computer system is further programmed to:
    - prohibit execution of the second module within the plurality of modules by the user account if the user account is configured as having the first-tier security level; and
      
      prohibit execution of a third module within the plurality of modules by the user account if the user account is configured as having one of the first-tier security level and the second-tier security level, wherein the third module is configured as requiring a third-tier security level.
  - 25. The computer system in accordance with claim 22, wherein the additional personal information includes at least an account name and a password.
  - 26. The computer system in accordance with claim 22, wherein the computer system is further programmed to determine that the user account requires the second-tier security level based at least in part on the user account interacting with the second module.
  - 27. The computer system in accordance with claim 22, wherein the computer system is further programmed to:
    - restrict the second module from storing account number information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Original Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Inventors
O'Neill, John D., Alger, Eric, Anderson, Scott W. Jr., Baron, Joshua J., Cahalin, Matthew R., Dunn, Ryan T., d'Erizans, Richard D., Hill, Gregg A., Hopkins, Matthew E., Katen, Justin T., Pilling, Cynthia E., Schelker, James B., Sharma, Prashant, Zhang, Jenny Q.
Primary Examiner(s)
Cervetti, David Garca
Assistant Examiner(s)
LIN, AMIE CHINYU

Application Number

US13/969,684
Publication Number

US 20150052587A1
Time in Patent Office

827 Days
Field of Search

726/4
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/33   using certificates

G06F 21/41   where a single sign-on prov...

G06F 2221/2113   Multi-level security, e.g. ...

H04L 63/0815   providing single-sign-on or...

H04L 63/105   Multiple levels of security

H04W 12/06   Authentication

System and method for graduated security in user authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

17 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for graduated security in user authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

17 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links