System and method for authenticating users

US 9,577,993 B2
Filed: 06/28/2016
Issued: 02/21/2017
Est. Priority Date: 03/25/2009
Status: Active Grant

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method for authenticating a user, comprising:

generating, by an application running on a computing device and according to a unique user input, a secret, said secret stored at the computing device with an identifier and in a directory so as to be retrievable when the unique user input is applied to the computing device;

receiving at the computing device from a remote computer-based station a first communication, said first communication including the identifier associated with the secret;

responsive to said receiving, prompting a user for the user input via a user interface of the computing device and, upon verifying said unique user input to the computing device, transmitting from the computing device to the remote computer-based station a second communication encoded using the secret.

View all claims

3 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

A security application for a computing device, e.g., a mobile phone, allows generation of a secret according to a unique user input (e.g., user credentials). The secret is stored in a directory such that it is retrievable when the unique user input is received via a user interface of a device on which the security application executes or is coupled with. Responsive to receiving an identifier associated with the secret, the security application prompts, e.g., via a user interface of the mobile phone, entry of the unique user input; and, subsequently, verifies the unique user input. Following such verification, the security application provides the secret for use in encoding a communication with a remote computer-based station. Entry of the user credentials may be required prior to the security application generating the secret, and may be responsive to receipt of an invitation (e.g., from the remote computer-based station) to generate it.

67 Citations

22 Claims

1. A method for authenticating a user, comprising:
- generating, by an application running on a computing device and according to a unique user input, a secret, said secret stored at the computing device with an identifier and in a directory so as to be retrievable when the unique user input is applied to the computing device;
  
  receiving at the computing device from a remote computer-based station a first communication, said first communication including the identifier associated with the secret;
  
  responsive to said receiving, prompting a user for the user input via a user interface of the computing device and, upon verifying said unique user input to the computing device, transmitting from the computing device to the remote computer-based station a second communication encoded using the secret.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein the computing device is a mobile communication device.
  - 3. The method of claim 1, wherein the secret is stored in the directory along with other secrets and the identifier is used to distinguish the secret from the other secrets.
  - 4. The method of claim 1, wherein the secret comprises an encryption key, the encryption key is stored in the directory along with other encryption keys, and the identifier is used to distinguish the encryption key from the other encryption keys.
  - 5. The method of claim 1, wherein the secret comprises an encryption key, the encryption key is stored in the directory along with decoy encryption keys, and the identifier is used to distinguish the encryption key from the decoy encryption keys.
  - 6. The method of claim 1, wherein the first communication comprises an encrypted communication.
  - 7. The method of claim 1, wherein the first communication comprises a request for user credentials of the user of the computing device.
  - 8. The method of claim 1, further comprising encrypting said secret prior to storing said secret in said directory.
  - 9. The method of claim 1, wherein the unique user input comprises user credentials, and further comprising receiving, via the user interface of the computing device, the user credentials prior to generating the secret.
  - 10. The method of claim 9, further comprising receiving at the computing device an invitation to create the secret prior to generating the secret.
  - 11. The method of claim 10, wherein the invitation to create the secret is received from the remote computer-based station.
  - 12. The method of claim 1, wherein the first and second communications comprise two related communications of a communication session.

13. A token for use in connection with secure communications, comprising:
- a processor and a memory communicatively coupled to the processor the memory storing a security application for execution by the processor, said security application, when executed by said processor, causing said processor to perform steps, including;
  
  generating, according to a unique user input, a secret, and storing said secret with an identifier and in a directory which the processor configures in the memory such that said secret is retrievable when a unique user input is received by the token;
  
  responsive to receiving the identifier associated with the secret, prompting, via a user interface, entry of the unique user input; and
  
  upon receipt of the unique user input, verifying said unique user input, and using said secret to encode a first communication with a remote computer-based station.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
- - 14. The token of claim 13, wherein the secret is stored in the directory along with other secrets and the processor uses the identifier to distinguish the secret from the other secrets.
  - 15. The token of claim 13, wherein the secret comprises an encryption key, the encryption key is stored in the directory along with other encryption keys, and the processor uses the identifier to distinguish the encryption key from the other encryption keys.
  - 16. The token of claim 13, wherein the secret comprises an encryption key, the encryption key is stored in the directory along with decoy encryption keys, and the processor uses the identifier to distinguish the encryption key from the decoy encryption keys.
  - 17. The token of claim 13, wherein the identifier is received in a second communication with the remote computer-based station.
  - 18. The token of claim 15, wherein the second communication comprises a request for user credentials.
  - 19. The token of claim 13, wherein said security application, when executed by said processor, further causes said processor to encrypt said secret prior to storing said secret in said directory.
  - 20. The token of claim 13, wherein the unique user input comprises user credentials, and said security application, when executed by said processor, further causes said processor to receive, via the user interface of the mobile communication device, the user credentials prior to generating the secret.
  - 21. The token of claim 20, wherein said security application, when executed by said processor, further causes said processor to generate said secret responsive to an invitation to create the secret received prior to generating the secret.

22. A mobile phone, comprising:
- a processor and a memory communicatively coupled to the processor the memory storing a security application for execution by the processor, said security application, when executed by said processor, causing said processor to perform steps, including;
  
  generating, according to a unique user input, a secret, and storing said secret with an identifier and in a directory which the processor configures in the memory such that said secret is retrievable when a unique user input is received via a user interface of the mobile phone;
  
  responsive to receiving the identifier associated with the secret, prompting, via the user interface of the mobile phone, entry of the unique user input; and
  
  upon receipt of the unique user input, verifying said unique user input, and using said secret to encode a first communication with a remote computer-based station,wherein the unique user input comprises user credentials, and said security application, when executed by said processor, further causes said processor to receive, via the user interface of the mobile phone, the user credentials prior to generating the secret.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Ebackpack, Inc., PACid Technologies, LLC
Original Assignee
PACid Technologies, LLC
Inventors
Fielder, Guy
Primary Examiner(s)
SHAW, BRIAN F

Application Number

US15/195,606
Publication Number

US 20160308844A1
Time in Patent Office

238 Days
Field of Search

713/168, 713/193, 713/181, 713/165, 726/1, 726/26, 726/17, 726/21, 726/4, 380/44, 380/278, 709/231
US Class Current

1/1
CPC Class Codes

G06F 21/62   Protecting access to data v...

G06F 21/6209   to a single file or object,...

G06F 2221/2123   Dummy operation

H04L 2209/24   Key scheduling, i.e. genera...

H04L 2463/121   Timestamp cryptographic mec...

H04L 63/0428   wherein the data content is...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/14   using a plurality of keys o...

H05K 999/99   dummy group

System and method for authenticating users

First Claim

3 Assignments

Litigations

0 Petitions

Accused Products

Abstract

67 Citations

22 Claims

Specification

Use Cases

Quick Links

Others

System and method for authenticating users

First Claim

3 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

67 Citations

22 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others