Identity-independent authentication tokens

US 9,426,138 B2
Filed: 09/15/2014
Issued: 08/23/2016
Est. Priority Date: 08/20/2007
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

generating, via a processor, multiple authentication tokens, each authentication token comprising a unique identifier used to access one or more online accounts;

responsive to receiving a request from an individual for an authentication token without an identification of the individual, issuing, via the processor, a selected one of the multiple authentication tokens to the individual after receiving one or more answers to one or more questions and without requiring the individual to provide a legal name of the individual;

receiving a validation request, including the unique identifier for the selected authentication token, from a service provider of a specific online account after the individual has mapped the authentication token to the specific online account; and

sending a validation of the selected authentication token to the service provider.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Identity-independent authentication tokens enable issuance of a single strong credential that can be mapped to an individual at each of multiple accounts within the online world. An issuer generates one or more authentication tokens for issuance to individuals or other entities. In some instances, each of these authentication tokens comprises a unique serial number. The individual or other entity may then request an authentication token from the issuer. The issuer may then issue the token to the individual without the need to ask or require the individual to identify his or herself. The individual may then map this issued authentication token to the individual'"'"'s password at each of the individual'"'"'s online accounts.

93 Citations

25 Claims

1. A computer-implemented method comprising:
- generating, via a processor, multiple authentication tokens, each authentication token comprising a unique identifier used to access one or more online accounts;
  
  responsive to receiving a request from an individual for an authentication token without an identification of the individual, issuing, via the processor, a selected one of the multiple authentication tokens to the individual after receiving one or more answers to one or more questions and without requiring the individual to provide a legal name of the individual;
  
  receiving a validation request, including the unique identifier for the selected authentication token, from a service provider of a specific online account after the individual has mapped the authentication token to the specific online account; and
  
  sending a validation of the selected authentication token to the service provider.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The computer-implemented method as recited in claim 1, wherein at least some of the multiple authentication tokens are embodied as digital certificates.
  - 3. The computer-implemented method as recited in claim 1, wherein each unique identifier comprises a serial number.
  - 4. The computer-implemented method as recited in claim 1, further comprising mapping the selected authentication token to the individual.
  - 5. The computer-implemented method as recited in claim 1, further comprising mapping the selected authentication token to the individual, and wherein the mapping comprises:
    - asking the one or more questions to the individual; and
      
      storing the one or more answers to the one or more questions.
  - 6. The computer-implemented method as recited in claim 1, further comprising reissuing the selected authentication token to the individual in response to a subsequent request.
  - 7. The computer-implemented method as recited in claim 1, further comprising:
    - requesting the specific online account with the service provider; and
      
      mapping the specific online account to the selected authentication token.
  - 8. The computer-implemented method as recited in claim 1, further comprising:
    - requesting a first online account with a first service provider;
      
      mapping the first online account with the first service provider to the selected authentication token;
      
      requesting a second online account with a second service provider; and
      
      mapping the second online account with the second service provider to the selected authentication token.
  - 9. The computer-implemented method as recited in claim 1, further comprising:
    - requesting the specific online account with the service provider;
      
      identifying the individual; and
      
      mapping the specific online account to the selected authentication token.
  - 10. The computer-implemented method as recited in claim 1, further comprising substituting a password with the selected authentication token for the specific online account of the individual with the service provider.
  - 11. The computer-implemented method as recited in claim 1, further comprising:
    - substituting a first password with the selected authentication token for a first online account of the individual with a first service provider; and
      
      substituting a second password with the selected authentication token for a second online account of the individual with a second service provider.

12. One or more non-transitory computer-readable media storing computer-executable instructions that, when executed by one or more processors, cause a machine to:
- receive, from a requestor, a request for an authentication token comprising a unique identifier used to access an online account;
  
  issue the authentication token to the requestor after receiving one or more answers to one or more questions and without requiring the requestor to provide a legal name of the requestor in the request;
  
  receive a validation request, including the unique identifier for the authentication token, from a service provider of the online account after the requestor has mapped the authentication token to the online account; and
  
  send a validation of the authentication token to the service provider.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The one or more non-transitory computer-readable media as recited in claim 12, wherein the unique identifier comprises a unique serial number.
  - 14. The one or more non-transitory computer-readable media as recited in claim 12, further storing computer-executable instructions that, when executed by the one or more processors, cause the machine to map the authentication token to the requestor such that the authentication token is able to be issued to the requestor a second time.
  - 15. The one or more non-transitory computer-readable media as recited in claim 12, further storing computer-executable instructions that, when executed by the one or more processors, cause the machine to substitute a password for the online account with the authentication token.
  - 16. The one or more non-transitory computer-readable media as recited in claim 12, wherein the authentication token is embodied as a digital certificate.
  - 17. The one or more non-transitory computer-readable media as recited in claim 12, further storing computer-executable instructions that, when executed by the one or more processors, cause the machine to receive a notification from the service provider when the requestor accesses the online account with use of the authentication token.
  - 18. The one or more non-transitory computer-readable media as recited in claim 12, further storing computer-executable instructions that, when executed by the one or more processors, cause the machine to:
    - receive a notification from the service provider when the requestor accesses the online account with use of the authentication token; and
      
      responsive to the notification, requesting payment from the service provider.

19. A computer-implemented method comprising:
- requesting an authentication token from an issuer without providing an identification of an individual, the authentication token comprising a unique identifier for use in accessing multiple online accounts accessible by the individual;
  
  receiving the authentication token responsive to the requesting after submitting one or more answers to one or more questions and without providing a legal name of the individual;
  
  ,creating a new online account with a service provider;
  
  mapping the new online account to the authentication token such that the individual is allowed to access the new online account with use of the authentication token, wherein the authentication token is validated by the issuer.
- View Dependent Claims (20, 21, 22, 23, 24, 25)
- - 20. The computer-implemented method as recited in claim 19, wherein the unique identifier includes a unique serial number.
  - 21. The computer-implemented method as recited in claim 19, wherein the multiple online accounts include at least one online account provided by an investment management organization.
  - 22. The computer-implemented method as recited in claim 19, wherein the multiple online accounts include at least one online account provided by a financial institution.
  - 23. The computer-implemented method as recited in claim 19, further comprising mapping the authentication token to at least one of the multiple online accounts such that the individual is allowed to access the at least one of the multiple online accounts with use of the authentication token.
  - 24. The computer-implemented method as recited in claim 19, further comprising mapping the authentication token to the multiple online accounts such that the individual is allowed to access each of the multiple online accounts with use of the authentication token.
  - 25. The computer-implemented method as recited in claim 19, wherein creating the new online account with the service provider comprises providing a government issued identification to the service provider.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Goldman Sachs & Company (Goldman Sachs Group Incorporated)
Original Assignee
Goldman Sachs & Company (Goldman Sachs Group Incorporated)
Inventors
Horn, Richard Van
Primary Examiner(s)
Cervetti, David Garcia

Application Number

US14/486,732
Publication Number

US 20150007301A1
Time in Patent Office

708 Days
Field of Search

726/6, 726/9, 726/10
US Class Current

1/1
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 63/08   for authentication of entit...

H04L 9/32   including means for verifyi...

H04L 9/3234   involving additional secure...

Identity-independent authentication tokens

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

93 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Identity-independent authentication tokens

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

93 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links