Adaptive policies and protections for securing financial transaction data at rest

US 9,213,975 B2
Filed: 09/22/2014
Issued: 12/15/2015
Est. Priority Date: 06/22/2010
Status: Active Grant

First Claim

Patent Images

1. A method for challenge-response authentication, the method comprising:

receiving, over a communication network, a plurality of codes based on input provided through a user interface displaying a plurality of images;

generating an alphanumeric string from a plurality of alphanumeric characters, the alphanumeric string being generated based on (1) the received plurality of codes and (2) a table that associates each one of the plurality of codes with a respective one of the plurality of images and with a respective one of the plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters; and

determining to grant authorization when the generated alphanumeric string matches an alphanumeric user identifier stored in a memory device in association with a user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method, and computer-readable medium for challenge-response authentication are provided. A plurality of codes is received over a communication network based on input provided by way of a user interface displaying a plurality of images. An alphanumeric string is generated based on the received plurality of codes and based on a table that associates each one of the plurality of codes with a respective one of the plurality of images and with a respective one of a plurality of alphanumeric characters. A determination is made as to whether to grant authorization based on whether the generated alphanumeric string matches an alphanumeric user identifier stored in a memory device in association with a user.

108 Citations

View as Search Results

20 Claims

1. A method for challenge-response authentication, the method comprising:
- receiving, over a communication network, a plurality of codes based on input provided through a user interface displaying a plurality of images;
  
  generating an alphanumeric string from a plurality of alphanumeric characters, the alphanumeric string being generated based on (1) the received plurality of codes and (2) a table that associates each one of the plurality of codes with a respective one of the plurality of images and with a respective one of the plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters; and
  
  determining to grant authorization when the generated alphanumeric string matches an alphanumeric user identifier stored in a memory device in association with a user.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein generating the alphanumeric string includes matching each one of the received plurality of codes to a corresponding one of the plurality of alphanumeric characters based on the table.
  - 3. The method of claim 1, wherein the input provided through the user interface includes an arrangement of the plurality of images.
  - 4. The method of claim 3, wherein generating the alphanumeric string includes matching the received plurality of codes to corresponding ones of the plurality of alphanumeric characters based on the table, and arranging the corresponding ones of the plurality of alphanumeric characters in an order that corresponds to the arrangement of the plurality of images.
  - 5. The method of claim 1, wherein each one of the plurality of codes is generated by using a pseudorandom number generator, and is populated in the table in association with the respective one of the plurality of images and with the respective one of a plurality of alphanumeric characters.
  - 6. The method of claim 1, wherein a new table is generated (1) after determining to grant authorization, (2) after a predetermined number of authorization requests is received, or (3) after a predetermined amount of time has transpired since the table was previously generated.
  - 7. The method of claim 1, wherein the user interface displaying the plurality of images displays the plurality of images as any one or a combination of:
    - a multidimensional grid of the plurality of images, a horizontal arrangement of the plurality of images, or a spatial overlay of the plurality of images.

8. A system for challenge-response authentication, the system comprising:
- a memory;
  
  a processor, coupled to the memory, configured to;
  
  receive, over a communication network, a plurality of codes based on input provided through a user interface displaying a plurality of images;
  
  generate an alphanumeric string from a plurality of alphanumeric characters, the alphanumeric string being generated based on (1) the received plurality of codes and (2) a table that associates each one of the plurality of codes with a respective one of the plurality of images and with a respective one of the plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters; and
  
  determine to grant authorization when the generated alphanumeric string matches an alphanumeric user identifier stored in a memory device in association with a user.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the processor is configured to generate the alphanumeric string at least in part by matching each one of the received plurality of codes to a corresponding one of the plurality of alphanumeric characters based on the table.
  - 10. The system of claim 8, wherein the input provided through the user interface includes an arrangement of the plurality of images.
  - 11. The system of claim 10, wherein the processor is configured to generate the alphanumeric string at least in part by matching the received plurality of codes to corresponding ones of the plurality of alphanumeric characters based on the table, and arranging the corresponding ones of the plurality of alphanumeric characters in an order that corresponds to the arrangement of the plurality of images.
  - 12. The system of claim 8, wherein each one of the plurality of codes is generated by using a pseudorandom number generator, and is populated in the table in association with the respective one of the plurality of images and with the respective one of a plurality of alphanumeric characters.
  - 13. The system of claim 8, wherein a new table is generated (1) after determining to grant authorization, (2) after a predetermined number of authorization requests is received, or (3) after a predetermined amount of time has transpired since the table was previously generated.
  - 14. The system of claim 8, wherein the user interface displaying the plurality of images displays the plurality of images as any one or a combination of:
    - a multidimensional grid of the plurality of images, a horizontal arrangement of the plurality of images, or a spatial overlay of the plurality of images.

15. A non-transitory computer-readable medium having stored thereon sequences of instructions, the sequences of instructions including instructions, which, when executed by a computer system, cause the computer system to:
- receive, over a communication network, a plurality of codes based on input provided through a user interface displaying a plurality of images;
  
  generate an alphanumeric string from a plurality of alphanumeric characters, the alphanumeric string being generated based on (1) the received plurality of codes and (2) a table that associates each one of the plurality of codes with a respective one of the plurality of images and with a respective one of the plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters; and
  
  determine to grant authorization when the generated alphanumeric string matches an alphanumeric user identifier stored in a memory device in association with a user.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer readable medium of claim 15, wherein the alphanumeric string is generated at least in part by matching each one of the received plurality of codes to a corresponding one of the plurality of alphanumeric characters based on the table.
  - 17. The non-transitory computer readable medium of claim 15, wherein the input provided through the user interface includes an arrangement of the plurality of images.
  - 18. The non-transitory computer readable medium of claim 17, wherein the alphanumeric string is generated at least in part by matching the received plurality of codes to corresponding ones of the plurality of alphanumeric characters based on the table, and arranging the corresponding ones of the plurality of alphanumeric characters in an order that corresponds to the arrangement of the plurality of images.
  - 19. The non-transitory computer readable medium of claim 15, wherein each one of the plurality of codes is generated by using a pseudorandom number generator, and is populated in the table in association with the respective one of the plurality of images and with the respective one of a plurality of alphanumeric characters.
  - 20. The non-transitory computer readable medium of claim 15, wherein a new table is generated (1) after determining to grant authorization, (2) after a predetermined number of authorization requests is received, or (3) after a predetermined amount of time has transpired since the table was previously generated.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Original Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Inventors
Bailey, Samuel A. Jr.
Primary Examiner(s)
Harriman, Dant Shaifer
Assistant Examiner(s)
Getachew, Abiy

Application Number

US14/492,771
Publication Number

US 20150012979A1
Time in Patent Office

449 Days
Field of Search

726/7
US Class Current

1/1
CPC Class Codes

G06F 21/36   by graphic or iconic repres...

G06F 2221/2103   Challenge-response

G06Q 20/322   Aspects of commerce using m...

G06Q 20/325   using wireless networks

G06Q 20/382   insuring higher security of...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4014   Identity check for transact...

G09C 1/04   with sign carriers or indic...

H04L 2463/102   applying security measure f...

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/10   for controlling access to d...

H04L 63/1408   by monitoring network traff...

H04L 9/3271   using challenge-response

Adaptive policies and protections for securing financial transaction data at rest

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

108 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Adaptive policies and protections for securing financial transaction data at rest

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

108 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links