Adaptive policies and protections for securing financial transaction data at rest
First Claim
1. A method for challenge-response authentication, the method comprising:
- receiving, over a communication network, a plurality of codes based on input provided through a user interface displaying a plurality of images;
generating an alphanumeric string from a plurality of alphanumeric characters, the alphanumeric string being generated based on (1) the received plurality of codes and (2) a table that associates each one of the plurality of codes with a respective one of the plurality of images and with a respective one of the plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters; and
determining to grant authorization when the generated alphanumeric string matches an alphanumeric user identifier stored in a memory device in association with a user.
1 Assignment
0 Petitions
Accused Products
Abstract
A system, method, and computer-readable medium for challenge-response authentication are provided. A plurality of codes is received over a communication network based on input provided by way of a user interface displaying a plurality of images. An alphanumeric string is generated based on the received plurality of codes and based on a table that associates each one of the plurality of codes with a respective one of the plurality of images and with a respective one of a plurality of alphanumeric characters. A determination is made as to whether to grant authorization based on whether the generated alphanumeric string matches an alphanumeric user identifier stored in a memory device in association with a user.
108 Citations
20 Claims
-
1. A method for challenge-response authentication, the method comprising:
-
receiving, over a communication network, a plurality of codes based on input provided through a user interface displaying a plurality of images; generating an alphanumeric string from a plurality of alphanumeric characters, the alphanumeric string being generated based on (1) the received plurality of codes and (2) a table that associates each one of the plurality of codes with a respective one of the plurality of images and with a respective one of the plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters; and determining to grant authorization when the generated alphanumeric string matches an alphanumeric user identifier stored in a memory device in association with a user. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for challenge-response authentication, the system comprising:
-
a memory; a processor, coupled to the memory, configured to; receive, over a communication network, a plurality of codes based on input provided through a user interface displaying a plurality of images; generate an alphanumeric string from a plurality of alphanumeric characters, the alphanumeric string being generated based on (1) the received plurality of codes and (2) a table that associates each one of the plurality of codes with a respective one of the plurality of images and with a respective one of the plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters; and determine to grant authorization when the generated alphanumeric string matches an alphanumeric user identifier stored in a memory device in association with a user. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable medium having stored thereon sequences of instructions, the sequences of instructions including instructions, which, when executed by a computer system, cause the computer system to:
-
receive, over a communication network, a plurality of codes based on input provided through a user interface displaying a plurality of images; generate an alphanumeric string from a plurality of alphanumeric characters, the alphanumeric string being generated based on (1) the received plurality of codes and (2) a table that associates each one of the plurality of codes with a respective one of the plurality of images and with a respective one of the plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters; and determine to grant authorization when the generated alphanumeric string matches an alphanumeric user identifier stored in a memory device in association with a user. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification