Authentication method and system

US 9,275,214 B2
Filed: 10/06/2008
Issued: 03/01/2016
Est. Priority Date: 10/04/2007
Status: Active Grant

First Claim

Patent Images

1. A method of authentication for access to an electronic service comprising the steps of:

receiving, by a user device via a secure electronic communications interface, a notification from an authenticating computing device, the notification identifying an order subset of reference sequences of a codebook comprising a plurality of different reference sequences, each of said reference sequences comprising a plurality of symbols and each of said reference sequences having a unique identifier, wherein the notification includes a reference sequence in the subset using the unique identifier;

applying an extraction pattern defining a sequence of positions of symbols in each of the ordered subset of reference sequences and a key code specifying positions in the ordered subset of reference sequences to extract request symbols from the ordered subset of reference sequences, wherein a position of a request symbol is determined according to the key code, the extraction pattern and an order of the reference sequence in the ordered subset of reference sequences; and

returning, by the user device via the secure electronic communications interface, the extracted request symbols to the authenticating computing device;

applying, by the authenticating computing device, said extraction pattern to said subset of reference sequences so as to extract authentication symbols therefrom, and comparing the authentication symbols to the corresponding request symbols returned from a requesting party via the user device, and in response to said authentication symbols matching said request symbols, said authenticating computing device authenticating said requesting party.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A codebook, comprising a number of groups of symbols in a predetermined pattern printed on a card or the like is issued to a user. The user is attributed or selects an extraction pattern representing an order of progression through the symbols in each group of symbols. When the user wishes to make an authentication action an authentication party challenges the user to submit the symbols found at selected positions in the extraction pattern. The user applies the extraction pattern to the codebook and retrieves the symbols found at the selected positions, and submits these to the authenticating party. The authenticating party applies the same extraction pattern to the same codebook, and determines whether the results match those submitted by the user, and in a case where the two sets of symbols match, authenticates the user.

Citations

11 Claims

1. A method of authentication for access to an electronic service comprising the steps of:
- receiving, by a user device via a secure electronic communications interface, a notification from an authenticating computing device, the notification identifying an order subset of reference sequences of a codebook comprising a plurality of different reference sequences, each of said reference sequences comprising a plurality of symbols and each of said reference sequences having a unique identifier, wherein the notification includes a reference sequence in the subset using the unique identifier;
  
  applying an extraction pattern defining a sequence of positions of symbols in each of the ordered subset of reference sequences and a key code specifying positions in the ordered subset of reference sequences to extract request symbols from the ordered subset of reference sequences, wherein a position of a request symbol is determined according to the key code, the extraction pattern and an order of the reference sequence in the ordered subset of reference sequences; and
  
  returning, by the user device via the secure electronic communications interface, the extracted request symbols to the authenticating computing device;
  
  applying, by the authenticating computing device, said extraction pattern to said subset of reference sequences so as to extract authentication symbols therefrom, and comparing the authentication symbols to the corresponding request symbols returned from a requesting party via the user device, and in response to said authentication symbols matching said request symbols, said authenticating computing device authenticating said requesting party.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1 further comprising:
    - defining said codebook;
      
      assigning said extraction pattern; and
      
      providing via the secure communications electronic communications interface said codebook and said extraction pattern to the authenticating computing device and the requesting party.
  - 3. The method of claim 1 further comprising:
    - receiving, by said authenticating computing device, a selection of the extraction pattern from a plurality of potential extraction patterns.
  - 4. The method of claim 1 wherein said codebook further comprises physical media.

5. A method of authentication for access to an electronic service comprising the steps of:
- defining a codebook comprising a plurality of different reference sequences, each of said reference sequences comprising a plurality of symbols and having a unique identifier;
  
  providing via a secure electronic communications interface said codebook to a requesting party;
  
  assigning an extraction pattern defining a sequence of positions of symbols for the reference sequences;
  
  receiving via the secure electronic communications interface a request from the requesting party for authentication;
  
  in response to the request, communicating to a user device of the requesting party an indication of an order subset of the reference sequence using the unique identifier of each reference sequence in the ordered subset;
  
  receiving a sequence of data via the secure electronic communications interface from the user device, the sequence of data based on extracted symbols determined from said ordered subset of the reference sequences, a key code specifying an ordered set of positions, and said predetermined extraction pattern;
  
  comparing the sequence of data with an expected sequence based upon said codebook, said reference sequence, said extraction pattern and said key code;
  
  authenticating said requesting party if said comparison of returned data matches said expected sequence.
- View Dependent Claims (6, 7, 8)
- - 6. The method of claim 5 wherein said codebook further comprises physical media possessed by said requesting party.
  - 7. The method of claim 5 wherein said codebook is further stored in a memory.
  - 8. The method of claim 5 wherein said extraction pattern is based upon input received via the secure electronic communications interface from said requesting party.

9. A system comprising:
- an authenticating computer system comprising a processor, a memory and a network communication interface;
  
  a codebook comprising a plurality of reference sequences;
  
  a computer program stored in said memory to receive, from a user device, an authentication request via said network communication interface, said program responding to said authentication request by transmitting via the network communication interface an ordered subset of the plurality of reference sequences to the user device, receiving from the user device a response based on said specified ordered subset of the plurality of reference sequences, an extraction pattern and a key code specifying positions for the ordered subset of the plurality of reference sequence, comparing said response with an expected result, and conveying, to the user device, an authentication signal when said response matches said expected result.
- View Dependent Claims (10, 11)
- - 10. The system of claim 9 wherein said authentication signal is further conveyed across said network communication interface to the user device.
  - 11. The system of claim 9 wherein said authentication signal is further conveyed to a second computer program executing on the user device to authorize use of said second computer program.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Gargaro, Gianluca, Trinchini, Patrizio
Primary Examiner(s)
Schwartz, Darren B

Application Number

US12/245,971
Publication Number

US 20090094689A1
Time in Patent Office

2,703 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/36 by graphic or iconic repres...

Authentication method and system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication method and system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links