Automatic PIN creation using password

US 9,460,278 B2
Filed: 03/18/2015
Issued: 10/04/2016
Est. Priority Date: 11/03/2010
Status: Active Grant

First Claim

Patent Images

1. A service provider system comprising:

a non-transitory memory storing information about a user account and identification information of a user associated with the user account; and

one or more hardware processors configured to execute instructions to cause the service provider system to perform operations comprising;

automatically generating a first access credential from a second access credential for the user account, wherein the first access credential is generated based on a rule comprising mapping individual characters of the second access credential to numbers or characters, and wherein the first access credential is unknown to the user and the second access credential is known to the user;

providing instructions to a user device of the user, wherein the instructions comprise the rule to convert, by the user on a device, the second access credential to the first access credential;

receiving a user-entered access credential and identification information from the device;

comparing the user-entered access credential with the first access credential associated with the user account, wherein the user-entered access credential is known to the user through the instructions provided to the user for converting the second access credential to the user-entered access credential and wherein the first access credential is different than the second access credential; and

granting access to the user account for the user when the user-entered access credential matches the first access credential.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A PIN is automatically generated based on at least one rule when the user enters a password through a user device. In one example, the PIN is a truncated version of the password where each character in the truncated version is mapped onto a number. The mapping can be a truncation at the beginning or end of the password, or the mapping can be with any pattern or sequence of characters in the password. This PIN generation may be transparent to the user, such that the user may not even know the PIN was generated when the password was entered. When the user attempts to access restricted content, the user may enter the PIN instead of the password, where the user may be notified of the rule used to generate the PIN so that the user will know the PIN by knowing the password.

Citations

22 Claims

1. A service provider system comprising:
- a non-transitory memory storing information about a user account and identification information of a user associated with the user account; and
  
  one or more hardware processors configured to execute instructions to cause the service provider system to perform operations comprising;
  
  automatically generating a first access credential from a second access credential for the user account, wherein the first access credential is generated based on a rule comprising mapping individual characters of the second access credential to numbers or characters, and wherein the first access credential is unknown to the user and the second access credential is known to the user;
  
  providing instructions to a user device of the user, wherein the instructions comprise the rule to convert, by the user on a device, the second access credential to the first access credential;
  
  receiving a user-entered access credential and identification information from the device;
  
  comparing the user-entered access credential with the first access credential associated with the user account, wherein the user-entered access credential is known to the user through the instructions provided to the user for converting the second access credential to the user-entered access credential and wherein the first access credential is different than the second access credential; and
  
  granting access to the user account for the user when the user-entered access credential matches the first access credential.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 22)
- - 2. The system of claim 1, wherein the first access credential is not longer than the second access credential.
  - 3. The system of claim 1, wherein the second access credential is a password and the first access credential and the user-entered access credential are numeric personal identification numbers (PINs).
  - 4. The system of claim 3, wherein the PINs are four digits in length.
  - 5. The system of claim 1, wherein the instructions include truncating characters in the second access credential.
  - 6. The system of claim 1, wherein the instructions include mapping specific characters in the second access credential to numbers.
  - 7. The system of claim 1, wherein the first access credential is generated when a user logs into a site of the service provider using the second access credential.
  - 22. The service provider system of claim 1, wherein the device comprises one of the user device, a point-of-sale device, and an automatic teller machine.

8. A method, comprising:
- automatically generating, by a service provider, a converted credential from a password for a user account and identification information of a user associated with the user account, wherein the converted credential is generated based on a rule comprising mapping individual characters of the password to numbers or characters, and wherein the converted credential is unknown to the user;
  
  providing instructions to a user device of a user, wherein the instructions instruct comprise the rule to convert, by the user on a device, the password to the converted credential;
  
  receiving, by the service provider, a user-entered credential and a user identifier from the device;
  
  comparing the user-entered credential with the converted credential associated with the user account and automatically generated by the service provider from the password associated with the user account, wherein the user-entered credential is known to the user through instructions provided to the user for converting the password to the user-entered credential and wherein the converted credential is different than the password; and
  
  granting access to the user account for the user when the user-entered credential matches the converted credential.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 9. The method of claim 8, further comprising displaying the instructions on the user device.
  - 10. The method of claim 8, wherein the password is used to generate a plurality of stored credentials based on a corresponding plurality of rules.
  - 11. The method of claim 8, wherein the password is an alphanumeric password, the user-entered credential and the converted credential are numeric PINs, and the converted credential is shorter than the password.
  - 12. The method of claim 8, wherein the instructions comprise mapping individual characters of the password to numbers.
  - 13. The method of claim 8, wherein the instructions map only a portion of the password to numbers or characters.
  - 14. The method of claim 8, wherein the converted credential is different for each of a plurality of websites accessible by the user.
  - 15. The method of claim 8, wherein the instructions comprise truncating at least a portion of the password.
  - 16. The method of claim 15, wherein the at least a portion is a start or an end of the password.
  - 17. The method of claim 15, wherein the at least a portion is an interior section of the password.

18. A method, comprising:
- automatically generating, by a service provider, an access credential from a password for a user account and identification information for a user associated with the user account, wherein the access credential is generated based on a rule comprising mapping individual characters of the password to numbers or characters, and wherein the access credential is unknown to the user;
  
  providing instructions to a user device of a user, wherein the instructions comprise the rule to convert, by the user on a device, the password to the access credential;
  
  receiving, by the service provider, an access credential and a user identifier from the device;
  
  comparing the access credential with a converted credential associated with the user account and automatically generated by the service provider from the password associated with the user account, wherein the access credential is known to the user through the instructions provided to the user for converting the password to the access credential and wherein the converted credential is different than the password; and
  
  granting access to the user account for the user when the access credential matches the converted credential.
- View Dependent Claims (19, 20, 21)
- - 19. The method of claim 18, wherein the password is used to generate a plurality of different converted credentials.
  - 20. The method of claim 18, wherein the password is an alphanumeric password, the access credential and the converted credential are numeric PINs and are shorter than the password.
  - 21. The method of claim 18, wherein the instructions are displayed on the user device after the user enters the password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Original Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Inventors
Jakobsson, Bjorn Markus
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Korsak, Oleg

Application Number

US14/662,057
Publication Number

US 20150193610A1
Time in Patent Office

566 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/31 User authentication

G06F 21/46 by designing passwords or c...

Automatic PIN creation using password

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Automatic PIN creation using password

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links