Authentication method and system
First Claim
1. A method of authentication for access to an electronic service comprising the steps of:
- receiving, by a user device via a secure electronic communications interface, a notification from an authenticating computing device, the notification identifying an order subset of reference sequences of a codebook comprising a plurality of different reference sequences, each of said reference sequences comprising a plurality of symbols and each of said reference sequences having a unique identifier, wherein the notification includes a reference sequence in the subset using the unique identifier;
applying an extraction pattern defining a sequence of positions of symbols in each of the ordered subset of reference sequences and a key code specifying positions in the ordered subset of reference sequences to extract request symbols from the ordered subset of reference sequences, wherein a position of a request symbol is determined according to the key code, the extraction pattern and an order of the reference sequence in the ordered subset of reference sequences; and
returning, by the user device via the secure electronic communications interface, the extracted request symbols to the authenticating computing device;
applying, by the authenticating computing device, said extraction pattern to said subset of reference sequences so as to extract authentication symbols therefrom, and comparing the authentication symbols to the corresponding request symbols returned from a requesting party via the user device, and in response to said authentication symbols matching said request symbols, said authenticating computing device authenticating said requesting party.
1 Assignment
0 Petitions
Accused Products
Abstract
A codebook, comprising a number of groups of symbols in a predetermined pattern printed on a card or the like is issued to a user. The user is attributed or selects an extraction pattern representing an order of progression through the symbols in each group of symbols. When the user wishes to make an authentication action an authentication party challenges the user to submit the symbols found at selected positions in the extraction pattern. The user applies the extraction pattern to the codebook and retrieves the symbols found at the selected positions, and submits these to the authenticating party. The authenticating party applies the same extraction pattern to the same codebook, and determines whether the results match those submitted by the user, and in a case where the two sets of symbols match, authenticates the user.
-
Citations
11 Claims
-
1. A method of authentication for access to an electronic service comprising the steps of:
-
receiving, by a user device via a secure electronic communications interface, a notification from an authenticating computing device, the notification identifying an order subset of reference sequences of a codebook comprising a plurality of different reference sequences, each of said reference sequences comprising a plurality of symbols and each of said reference sequences having a unique identifier, wherein the notification includes a reference sequence in the subset using the unique identifier; applying an extraction pattern defining a sequence of positions of symbols in each of the ordered subset of reference sequences and a key code specifying positions in the ordered subset of reference sequences to extract request symbols from the ordered subset of reference sequences, wherein a position of a request symbol is determined according to the key code, the extraction pattern and an order of the reference sequence in the ordered subset of reference sequences; and returning, by the user device via the secure electronic communications interface, the extracted request symbols to the authenticating computing device; applying, by the authenticating computing device, said extraction pattern to said subset of reference sequences so as to extract authentication symbols therefrom, and comparing the authentication symbols to the corresponding request symbols returned from a requesting party via the user device, and in response to said authentication symbols matching said request symbols, said authenticating computing device authenticating said requesting party. - View Dependent Claims (2, 3, 4)
-
-
5. A method of authentication for access to an electronic service comprising the steps of:
-
defining a codebook comprising a plurality of different reference sequences, each of said reference sequences comprising a plurality of symbols and having a unique identifier; providing via a secure electronic communications interface said codebook to a requesting party; assigning an extraction pattern defining a sequence of positions of symbols for the reference sequences; receiving via the secure electronic communications interface a request from the requesting party for authentication; in response to the request, communicating to a user device of the requesting party an indication of an order subset of the reference sequence using the unique identifier of each reference sequence in the ordered subset; receiving a sequence of data via the secure electronic communications interface from the user device, the sequence of data based on extracted symbols determined from said ordered subset of the reference sequences, a key code specifying an ordered set of positions, and said predetermined extraction pattern; comparing the sequence of data with an expected sequence based upon said codebook, said reference sequence, said extraction pattern and said key code; authenticating said requesting party if said comparison of returned data matches said expected sequence. - View Dependent Claims (6, 7, 8)
-
-
9. A system comprising:
-
an authenticating computer system comprising a processor, a memory and a network communication interface; a codebook comprising a plurality of reference sequences; a computer program stored in said memory to receive, from a user device, an authentication request via said network communication interface, said program responding to said authentication request by transmitting via the network communication interface an ordered subset of the plurality of reference sequences to the user device, receiving from the user device a response based on said specified ordered subset of the plurality of reference sequences, an extraction pattern and a key code specifying positions for the ordered subset of the plurality of reference sequence, comparing said response with an expected result, and conveying, to the user device, an authentication signal when said response matches said expected result. - View Dependent Claims (10, 11)
-
Specification