Methods and systems for providing bidirectional authentication

US 9,596,234 B2
Filed: 06/08/2015
Issued: 03/14/2017
Est. Priority Date: 06/19/2012
Status: Active Grant

First Claim

Patent Images

1. A method of providing access to a secure computing device, the method comprising:

receiving, by a security device, a request to generate data for a secure access between a user device and the secure computing device;

generating, by the security device, a one-time password and a unique sequence of symbologies;

transmitting, by the security device, the one-time password, the unique sequence of symbologies and location information to a secure computing device, wherein the location information corresponds to a location of the user device and wherein the one-time password, the unique sequence of symbologies and the location information are configured to provide the secure computing device with an ability to establish bidirectional authentication between the user device and the computing device; and

displaying, by the security device, the one-time password and the unique sequence of symbologies to the user such that the user provides the one-time password to the secure computing device via the user device and receives an authentication sequence of symbologies from the secure computing device in response, wherein the bidirectional authentication is established when the user device confirms the unique sequence of symbologies matches the authenticating sequence of symbologies.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for providing access to a secure computing device are disclosed. A security device is used to generate a one-time password, a sequence of symbologies, and location information. The security device transmits the password, sequence and location information to the secure computing device for storage and displays the password and sequence to a user. A user device provides a password to the secure computing device in order to obtain access. The secure computing device compares the password with the stored one-time password to verify the user of the user device and sends the sequence to the user device in response. The user or user device verifies the sequence of symbologies to confirm the secure access. The location information may be used to detect fraudulent accesses to the user account.

52 Citations

18 Claims

1. A method of providing access to a secure computing device, the method comprising:
- receiving, by a security device, a request to generate data for a secure access between a user device and the secure computing device;
  
  generating, by the security device, a one-time password and a unique sequence of symbologies;
  
  transmitting, by the security device, the one-time password, the unique sequence of symbologies and location information to a secure computing device, wherein the location information corresponds to a location of the user device and wherein the one-time password, the unique sequence of symbologies and the location information are configured to provide the secure computing device with an ability to establish bidirectional authentication between the user device and the computing device; and
  
  displaying, by the security device, the one-time password and the unique sequence of symbologies to the user such that the user provides the one-time password to the secure computing device via the user device and receives an authentication sequence of symbologies from the secure computing device in response, wherein the bidirectional authentication is established when the user device confirms the unique sequence of symbologies matches the authenticating sequence of symbologies.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the location information comprises location information determined by a global positioning satellite (GPS) system.
  - 3. The method of claim 1, wherein the one-time password expires after a time period.
  - 4. The method of claim 1, wherein generating the one-time password and the unique sequence of symbologies comprises randomly or pseudo-randomly generating the one-time password.
  - 5. The method of claim 1, wherein generating the one-time password and the unique sequence of symbologies comprises randomly or pseudo-randomly generating the unique sequence of symbologies.

6. A method of establishing bidirectional authentication between a user device and a secure computing device, the method comprising:
- receiving, at the secure computing device, a one-time password and a unique sequence of symbologies from a security device;
  
  displaying, at the secure computing device, the one-time password and the unique sequence of symbologies;
  
  receiving, from the user device, another sequence of symbologiesverifying that the unique sequence of symbologies matches the another sequence of symbologies; and
  
  responsive to verifying that the unique sequence of symbologies matches the another sequence of symbologies, granting, using the secure computing device, secure access to the user device.
- View Dependent Claims (7, 8, 9, 10, 11, 17, 18)
- - 7. The method of claim 6, further comprising receiving, by the securing computing device, location information for the user device.
  - 8. The method of claim 7, wherein the location information comprises location information determined by a global positioning satellite (GPS) system.
  - 9. The method of claim 6, further comprising:
    - receiving, by the securing computing device, a request for location information pertaining to a location at which the one-time password was generated; and
      
      receiving, by the securing computing device, the location information.
  - 10. The method of claim 6, further comprising:
    - receiving, by the securing computing device, a request for location information pertaining to a location of the last valid login to an account; and
      
      receiving, by the securing computing device, the location information.
  - 11. The method of claim 6, wherein the one-time password expires after a time period.
  - 17. The method of claim 6, further comprising:
    - if the one-time password does not match the another one-time password, preventing, by the secure computing device, access to the user device.
  - 18. The method of claim 6, further comprising:
    - if the one-time password does not match the another one-time password, granting, by the secure computing device, non-secure access to the user device.

12. A system for establishing bidirectional authentication between a user device and a secure computing device, the system comprising:
- a processing device; and
  
  a processor-readable storage medium in operable communication with the processing device, wherein the processor-readable storage medium contains one or more programming instructions that, when executed, cause the processing device to;
  
  receive a request to generate data for a secure access,generate a one-time password and a unique sequence of symbologies,transmit the one-time password, the unique sequence of symbologies and location information to the secure computing device,receive, from the user device, the one-time password, andtransmit the unique sequence of symbologies to the user device.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The system of claim 12, wherein the location information comprises location information determined by a global positioning satellite (GPS) system.
  - 14. The system of claim 12, wherein the one-time password expires after a time period.
  - 15. The system of claim 12, wherein the one or more programming instructions that, when executed, cause the processing device to generate the one-time password and the unique sequence of symbologies comprise one or more programming instructions that, when executed, cause the processing device to randomly or pseudo-randomly generate the one-time password.
  - 16. The system of claim 12, wherein one or more programming instructions that, when executed, cause the processing device to generate the one-time password and the unique sequence of symbologies comprise one or more programming instructions that, when executed, cause the processing device to randomly or pseudo-randomly generate the unique sequence of symbologies.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Drumwave Inc
Original Assignee
Paychief, LLC
Inventors
Vellozo Luz, Andre Gustavo
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
Tran, Tongoc

Application Number

US14/732,991
Publication Number

US 20150304314A1
Time in Patent Office

645 Days
Field of Search

726/6
US Class Current

1/1
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/36   by graphic or iconic repres...

G06F 21/45   Structures or tools for the...

H04L 63/0838   using one-time-passwords

Methods and systems for providing bidirectional authentication

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

52 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for providing bidirectional authentication

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

52 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links