Dual code authentication system

US 9,553,864 B2
Filed: 02/27/2015
Issued: 01/24/2017
Est. Priority Date: 11/29/2011
Status: Active Grant

First Claim

Patent Images

1. A method for verifying a user who is interacting with a website, the method performed by a processor executing instructions stored in a memory, the method comprising:

receiving, from the user via the website, a request to access certain functionality of the website;

performing a first stage of a user verification, wherein the first stage of the user verification includes;

transmitting a first verification code to the user via the website;

receiving a first verification message from the user via an application on a mobile communication device, wherein the first verification message includes at least a second verification code; and

comparing the first verification code and the second verification code; and

when the first verification code matches the second verification code, performing a second stage of the user verification, wherein the second stage of the user verification includes;

deriving, from the received first verification message, addressing information associated with the mobile communication device of the user from which the first verification message is received;

transmitting a second verification message via the application on the mobile communication device using the addressing information associated with the mobile communication device of the user, wherein the second verification message includes at least a third verification code;

receiving, from the user, a fourth verification code; and

comparing the third verification code and the fourth verification code; and

verifying the user when the third verification code matches the fourth verification code.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A verification method and system are disclosed that verify a user. The user is provided a verification code via, for example, a website, to be communicated to the system via an application on a mobile communication device. If the correct verification code is communicated by the user, the user receives via the application a verification message containing another verification code, which the user submits to a website or on-line form or to another verification system for authentication.

Citations

22 Claims

1. A method for verifying a user who is interacting with a website, the method performed by a processor executing instructions stored in a memory, the method comprising:
- receiving, from the user via the website, a request to access certain functionality of the website;
  
  performing a first stage of a user verification, wherein the first stage of the user verification includes;
  
  transmitting a first verification code to the user via the website;
  
  receiving a first verification message from the user via an application on a mobile communication device, wherein the first verification message includes at least a second verification code; and
  
  comparing the first verification code and the second verification code; and
  
  when the first verification code matches the second verification code, performing a second stage of the user verification, wherein the second stage of the user verification includes;
  
  deriving, from the received first verification message, addressing information associated with the mobile communication device of the user from which the first verification message is received;
  
  transmitting a second verification message via the application on the mobile communication device using the addressing information associated with the mobile communication device of the user, wherein the second verification message includes at least a third verification code;
  
  receiving, from the user, a fourth verification code; and
  
  comparing the third verification code and the fourth verification code; and
  
  verifying the user when the third verification code matches the fourth verification code.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein:
    - the method further includes comparing the derived addressing information to stored addressing information associated with the user.
  - 3. The method of claim 1, wherein the request to access the website is part of a purchase transaction associated with the website.
  - 4. The method of claim 1, wherein transmitting the first verification code to the user includes transmitting an instruction to the user to submit the verification code via an application on the mobile communication device.
  - 5. The method of claim 1, wherein receiving from the user the request to access the website includes receiving information submitted by the user via a form of the website.
  - 6. The method of claim 1, wherein receiving from the user the fourth verification code includes receiving the fourth verification code via a field of a form of the website.
  - 7. The method of claim 1, wherein receiving, from the user, the request to access the website includes receiving login information.
  - 8. The method of claim 1, wherein the addressing information associated with the mobile communication device of the user is a phone number.

9. A system for verifying a user who is interacting with a website, the system comprising:
- a memory storing computer-executable instructions comprising;
  
  a communication component configured to;
  
  receive, from the user via the website, a request to access certain functionality of the website;
  
  transmit a first verification code to the user via the website;
  
  receive a first verification message from the user via an application on a mobile communication device, wherein the first verification message includes at least a second verification code;
  
  when the first verification code matches the second verification code, transmit a second verification message via the application using addressing information associated with the mobile communication device of the user, wherein the second verification messages includes at least a third verification code; and
  
  receive, from the user, a fourth verification code;
  
  a verification code comparison component configured to;
  
  compare the first verification code and the second verification code;
  
  compare the third verification code and the fourth verification code; and
  
  verify the user when the third verification code matches the fourth verification code; and
  
  a user analysis component configured to;
  
  derive, from the first verification message, the addressing information associated with the mobile communication device of the user from which the first verification message is received; and
  
  a processor for executing the computer-executable instructions stored in the memory.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The system of claim 9, wherein:
    - the verification code comparison component is further configured to compare the derived addressing information to stored addressing information associated with the user.
  - 11. The system of claim 9, wherein the request to access the website is part of a purchase transaction associated with the website.
  - 12. The system of claim 9, wherein the communication component is further configured to transmit an instruction to the user to submit the second verification code using an application on the mobile communication device.
  - 13. The system of claim 9, wherein the communication component is further configured to receive information submitted by the user via a form of the website.
  - 14. The system of claim 9, wherein the communication component is further configured to receive the fourth verification code via a field of a form of the website.
  - 15. The system of claim 9, wherein the communication component is further configured to receive login information as at least part of the request to access the website.
  - 16. The system of claim 9, wherein the addressing information associated with the mobile communication device of the user is a phone number.

17. A non-transitory computer-readable storage medium with instructions stored thereon that, when executed by a computing system, cause the computing system to perform a method that verifies a user interacting with a website, the method comprising:
- receiving, from the user via the website, a request to access certain functionality of the website;
  
  performing a first stage of a user verification, wherein the first stage of the user verification includes;
  
  transmitting a first verification code to the user via the website;
  
  receiving a first verification message from the user via an application on a mobile communication device, wherein the first verification message includes at least a second verification code; and
  
  comparing the first verification code and the second verification code; and
  
  when the first verification code matches the second verification code, performing a second stage of the user verification, wherein the second stage of the user verification includes;
  
  deriving, from the received first verification message, addressing information associated with the mobile communication device of the user from which the first verification message is received;
  
  transmitting a second verification message via the application on the mobile communication device using the addressing information associated with the mobile communication device of the user, wherein the second verification message includes at least a third verification code;
  
  receiving, from the user, a fourth verification code; and
  
  comparing the third verification code and the fourth verification code; and
  
  verifying the user when the third verification code matches the fourth verification code.
- View Dependent Claims (18, 19)
- - 18. The non-transitory computer-readable storage medium of claim 17, wherein:
    - the method further comprises comparing the derived addressing information to a stored addressing information associated with the user.
  - 19. The non-transitory computer-readable storage medium of claim 17, wherein the request to access the website is part of a purchase transaction associated with the website.

20. A non-transitory computer-readable storage medium with instructions stored thereon that, when executed by a computing system, cause the computing system to perform a method that verifies a user interacting with a website, the method comprising:
- receiving, from the user via the website, information submitted by the user to the website via a form displayed on the webpage;
  
  performing a first stage of a user verification, wherein the first stage of the user verification includes;
  
  transmitting a first verification code to the user via the website;
  
  receiving a first verification message from the user via an application on a mobile communication device, wherein the first verification message includes at least a second verification code; and
  
  comparing the first verification code and the second verification code; and
  
  when the first verification code matches the second verification code, performing a second stage of the user verification, wherein the second stage of the user verification includes;
  
  deriving, from the received first verification message, addressing information associated with the mobile communication device of the user from which the first verification message is received;
  
  transmitting a second verification message via the application on the mobile communication device using the addressing information associated with the mobile communication device of the user, wherein the second verification message includes at least a third verification code;
  
  receiving, from the user, a fourth verification code; and
  
  comparing the third verification code and the fourth verification code; and
  
  verifying the user when the third verification code matches the fourth verification code.
- View Dependent Claims (21, 22)
- - 21. The non-transitory computer-readable storage medium of claim 20, wherein:
    - the method further comprises comparing the derived addressing information to a stored addressing information associated with the user.
  - 22. The non-transitory computer-readable storage medium of claim 20, wherein transmitting the first verification code includes transmitting an instruction to the user to submit the verification code via an application on the mobile communication device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
TeleSign Corporation (Government of Belgium)
Original Assignee
TeleSign Corporation (Government of Belgium)
Inventors
Jillings, Steven H.
Primary Examiner(s)
ABYANEH, ALI S

Application Number

US14/634,520
Publication Number

US 20150180855A1
Time in Patent Office

697 Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/12   Applying verification of th...

H04L 63/18   using different networks or...

Dual code authentication system

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Dual code authentication system

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links