Systems and methods for generating and authenticating one time dynamic password based on context information

US 9,292,670 B2
Filed: 06/25/2012
Issued: 03/22/2016
Est. Priority Date: 02/29/2012
Status: Active Grant

First Claim

Patent Images

1. A method for generating and authenticating a one time dynamic password based on context information comprising:

receiving, by an authentication server, from a user device and without providing any variable to the user device a first one time dynamic password and at least one of an application identifier or a device identifier for the user device, wherein the first one time dynamic password is generated based on a first dynamic value and a user personal identification number (PIN) of a user of the user device and the first dynamic value is generated based on context information related to the user;

generating, by the authentication server, a second one time dynamic password based on a second dynamic value received from a separate context management server and the user PIN, wherein the second dynamic value is generated based on the context information used to generate the first dynamic value and the context information used to generate the first and second dynamic values is only accessible by the user device and the context management server; and

authenticating, by the authentication server, the first one time dynamic password when the first one time dynamic password matches with the second one time dynamic password.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to a system and method for generating and authenticating one time dynamic password based on the context information related to a user. It involves retrieving user context information and generating a dynamic value based on that. The first one time dynamic password is generated at the user device using the first dynamic value and the user PIN. The first dynamic value along with the user identifier is sent to the authentication server. The authentication server sends the user identifier to the context management server. The context management server has access the context information used to generate the first dynamic value and based on that they generate a second dynamic value. The authentication server receives this value and generates the second one time dynamic password and if it matches with the first one time dynamic password then the authentication server authenticates the first one time dynamic password.

19 Citations

View as Search Results

11 Claims

1. A method for generating and authenticating a one time dynamic password based on context information comprising:
- receiving, by an authentication server, from a user device and without providing any variable to the user device a first one time dynamic password and at least one of an application identifier or a device identifier for the user device, wherein the first one time dynamic password is generated based on a first dynamic value and a user personal identification number (PIN) of a user of the user device and the first dynamic value is generated based on context information related to the user;
  
  generating, by the authentication server, a second one time dynamic password based on a second dynamic value received from a separate context management server and the user PIN, wherein the second dynamic value is generated based on the context information used to generate the first dynamic value and the context information used to generate the first and second dynamic values is only accessible by the user device and the context management server; and
  
  authenticating, by the authentication server, the first one time dynamic password when the first one time dynamic password matches with the second one time dynamic password.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method as claimed in claim 1, wherein the context information comprises at least one of user information, user device information or application information installed in the user device.
  - 3. The method as claimed in claim 1, wherein the first and the second dynamic values each comprise a random number.
  - 4. The method as claimed in claim 1, wherein the user PIN is a static value used to generate the one time dynamic password.
  - 5. The method as claimed in claim 1, wherein the user PIN is stored in the authentication server.
  - 6. The method as claimed in claim 1, wherein the user device comprises an electronic device.

7. A non-transitory computer readable medium having stored thereon instructions for generating and authenticating an one time dynamic password based on context information which when executed by a processor, cause the processor to perform steps comprising:
- receiving, from a user device and without providing any variable to the user device a first one time dynamic password and at least one of an application identifier or a device identifier for the user device, wherein the first one time dynamic password is generated based on a first dynamic value and a user personal identification number (PIN) of a user of the user device and the first dynamic value is generated based on context information related to the user;
  
  generating a second one time dynamic password based on a second dynamic value received from a separate context management server and the user PIN, wherein the second dynamic value is generated based on the context information used to generate the first dynamic value and the context information used to generate the first and second dynamic values is only accessible by the user device and the context management server; and
  
  authenticating the first one time dynamic password when the first one time dynamic password matches with the second one time dynamic password.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The medium as claimed in claim 7, wherein the context information comprises at least one of user information, user device information or application information installed in the user device.
  - 9. The medium as claimed in claim 7, wherein the first and the second dynamic values each comprise a random number.
  - 10. The medium as claimed in claim 7, wherein the user PIN is a static value used to generate the one time dynamic password.
  - 11. The medium as claimed in claim 7, wherein the user device comprises an electronic device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Infosys Limited
Original Assignee
Infosys Limited
Inventors
Gupta, Puneet, Sivaramamurthy, Venkat Kumar, Ponnapalli, Harigopal Kanaka Bapiraja, Darbari, Akshay
Primary Examiner(s)
JHAVERI, JAYESH M

Application Number

US13/532,472
Publication Number

US 20130227661A1
Time in Patent Office

1,366 Days
Field of Search

726 5- 7, 726/18
US Class Current

1/1
CPC Class Codes

G06F 21/00   Security arrangements for p...

G06F 21/30   Authentication, i.e. establ...

G06F 21/31   User authentication

G06F 21/313   using a call-back technique...

G06F 21/316   by observing the pattern of...

G06F 21/32   using biometric data, e.g. ...

H04L 9/32   including means for verifyi...

H04L 9/321   involving a third party or ...

Systems and methods for generating and authenticating one time dynamic password based on context information

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

19 Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for generating and authenticating one time dynamic password based on context information

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links