System and method for authenticating users
DCFirst Claim
1. A method for authenticating a user, comprising:
- generating, by an application running on a computing device and according to a unique user input, a secret, said secret stored at the computing device with an identifier and in a directory so as to be retrievable when the unique user input is applied to the computing device;
receiving at the computing device from a remote computer-based station a first communication, said first communication including the identifier associated with the secret;
responsive to said receiving, prompting a user for the user input via a user interface of the computing device and, upon verifying said unique user input to the computing device, transmitting from the computing device to the remote computer-based station a second communication encoded using the secret.
3 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A security application for a computing device, e.g., a mobile phone, allows generation of a secret according to a unique user input (e.g., user credentials). The secret is stored in a directory such that it is retrievable when the unique user input is received via a user interface of a device on which the security application executes or is coupled with. Responsive to receiving an identifier associated with the secret, the security application prompts, e.g., via a user interface of the mobile phone, entry of the unique user input; and, subsequently, verifies the unique user input. Following such verification, the security application provides the secret for use in encoding a communication with a remote computer-based station. Entry of the user credentials may be required prior to the security application generating the secret, and may be responsive to receipt of an invitation (e.g., from the remote computer-based station) to generate it.
67 Citations
22 Claims
-
1. A method for authenticating a user, comprising:
-
generating, by an application running on a computing device and according to a unique user input, a secret, said secret stored at the computing device with an identifier and in a directory so as to be retrievable when the unique user input is applied to the computing device; receiving at the computing device from a remote computer-based station a first communication, said first communication including the identifier associated with the secret; responsive to said receiving, prompting a user for the user input via a user interface of the computing device and, upon verifying said unique user input to the computing device, transmitting from the computing device to the remote computer-based station a second communication encoded using the secret. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A token for use in connection with secure communications, comprising:
a processor and a memory communicatively coupled to the processor the memory storing a security application for execution by the processor, said security application, when executed by said processor, causing said processor to perform steps, including; generating, according to a unique user input, a secret, and storing said secret with an identifier and in a directory which the processor configures in the memory such that said secret is retrievable when a unique user input is received by the token; responsive to receiving the identifier associated with the secret, prompting, via a user interface, entry of the unique user input; and upon receipt of the unique user input, verifying said unique user input, and using said secret to encode a first communication with a remote computer-based station. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
-
22. A mobile phone, comprising:
-
a processor and a memory communicatively coupled to the processor the memory storing a security application for execution by the processor, said security application, when executed by said processor, causing said processor to perform steps, including; generating, according to a unique user input, a secret, and storing said secret with an identifier and in a directory which the processor configures in the memory such that said secret is retrievable when a unique user input is received via a user interface of the mobile phone; responsive to receiving the identifier associated with the secret, prompting, via the user interface of the mobile phone, entry of the unique user input; and upon receipt of the unique user input, verifying said unique user input, and using said secret to encode a first communication with a remote computer-based station, wherein the unique user input comprises user credentials, and said security application, when executed by said processor, further causes said processor to receive, via the user interface of the mobile phone, the user credentials prior to generating the secret.
-
Specification