Systems and methods for multifactor authentication

US 9,679,293 B1
Filed: 12/03/2015
Issued: 06/13/2017
Est. Priority Date: 07/14/2006
Status: Active Grant

First Claim

Patent Images

1. A method for performing a multi-channel authentication between an authenticating entity and a customer remote from the authenticating entity, utilizing a primary communication channel and a secondary communication channel, the method comprising:

receiving from a computing device of the customer, at a processing machine of the authenticating entity, primary authentication information via the primary communication channel;

processing the primary authentication information by the processing machine of the authenticating entity, and retrieving customer information based on the primary authentication information;

sending a message to the computing device of the customer, via the primary communication channel, that identifies potential communication channels through which a secondary authentication can be performed, wherein the message does not comprise complete contact information for the potential communication channels to effect communication via the potential channels;

receiving from the computing device of the customer a selection of one of the potential communication channels, which comprises the secondary communication channel;

transmitting, by the processing machine of the authenticating entity, secondary authentication information to the customer via the secondary communication channel, the secondary communication channel being different than the primary communication channel;

receiving from the computing device of the customer, via the primary communication channel, at least a portion of the secondary authentication information; and

processing the received secondary authentication information to authenticate the customer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention provides a method for performing an authentication (and a system for performing the method), in conjunction with a transaction, utilizing a primary channel and a secondary channel. The method may include an authenticating entity, such as a bank, (1) receiving from a customer primary authentication information via a primary channel; (2) the authenticating entity processing the primary authentication information, and retrieving customer information based on the primary authentication information; (3) the authenticating entity transmitting secondary authentication information to the customer via a secondary channel, the secondary channel being different than the primary channel; (4) the authenticating entity receiving from the customer at least a portion of the secondary authentication information; and (5) the authenticating entity performing authentication processing on the secondary authentication information received from the customer. Based on the successful authentication of the primary authentication information and the secondary authentication information received from the customer, the authenticating entity approves the customer for the transaction.

601 Citations

24 Claims

1. A method for performing a multi-channel authentication between an authenticating entity and a customer remote from the authenticating entity, utilizing a primary communication channel and a secondary communication channel, the method comprising:
- receiving from a computing device of the customer, at a processing machine of the authenticating entity, primary authentication information via the primary communication channel;
  
  processing the primary authentication information by the processing machine of the authenticating entity, and retrieving customer information based on the primary authentication information;
  
  sending a message to the computing device of the customer, via the primary communication channel, that identifies potential communication channels through which a secondary authentication can be performed, wherein the message does not comprise complete contact information for the potential communication channels to effect communication via the potential channels;
  
  receiving from the computing device of the customer a selection of one of the potential communication channels, which comprises the secondary communication channel;
  
  transmitting, by the processing machine of the authenticating entity, secondary authentication information to the customer via the secondary communication channel, the secondary communication channel being different than the primary communication channel;
  
  receiving from the computing device of the customer, via the primary communication channel, at least a portion of the secondary authentication information; and
  
  processing the received secondary authentication information to authenticate the customer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1, wherein the primary communication channel is the Internet and the secondary authentication information is transmitted via at least one of a telephone call, text message, or e-mail to the customer.
  - 3. The system of claim 1, wherein the customer uses the computing device to transmit the primary authentication information to the authenticating entity and receives the secondary authentication information at a second computing device, different from the computing device.
  - 4. The method of claim 1, wherein the authenticating entity is a bank.
  - 5. The method of claim 1, wherein the processing performed by the processing machine of the authenticating entity includes referring to secondary authentication rules before invoking utilization of the secondary authentication information.
  - 6. The method of claim 5, wherein at least one rule in the secondary authentication rules is based on a dollar amount of a transaction involving the customer.
  - 7. The method of claim 5, wherein at least one rule in the secondary authentication rules is based on device identification information of the computing device of the customer.
  - 8. The method of claim 5, wherein at least one rule in the secondary authentication rules is based on geographic data with respect to the computing device of the customer.
  - 9. The method of claim 1, wherein the primary authentication information includes a username and password.
  - 10. The method of claim 1, wherein the secondary authentication information comprises a one-time password or a one-time authentication code.
  - 11. The method of claim 1, wherein the multi-channel authentication is performed in conjunction with a transaction.
  - 12. The method of claim 11, wherein the transaction is a purchase of a product or service by the customer.
  - 13. The method of claim 12, wherein the transaction is enrollment of the customer into a service offered by the authenticating entity.
  - 14. The method of claim 11, wherein the transaction requires approval from at least one transaction approver, the method further comprising soliciting approval from the at least one transaction approver before authenticating the customer.
  - 15. The method of claim 14, further comprising determining a geographical location of the at least one transaction approver;
    - andcomparing the geographical location of the at least one transaction approver with a location of the transaction, so as to assess legitimacy of the transaction.
  - 16. The method of claim 1, wherein the primary communication channel is a website of the authenticating entity and the secondary communication channel is a telephone call, text message or e-mail to the customer, the method further comprising:
    - a second customer device receiving the telephone call, text message or e-mail from the authenticating entity via the secondary communication channel; and
      
      the customer device transmitting, via the website, the at least a portion of the secondary authentication information back to the authenticating entity.
  - 17. The method of claim 1, wherein the customer information comprises a land-line telephone number, a cell number, an email address, or SMS information of the customer, by which to contact the customer on a channel different than the primary communication channel.
  - 18. The method of claim 1, wherein the authentication times out upon expiration of a time-out period, which time-out period starts upon one of receipt of the primary authentication information via the primary communication channel, sending the message to the computing device of the customer, receiving the selection of one of the potential communication channels, or transmitting the secondary authentication information via the secondary communication channel.

19. A system that performs multi-channel authentication processing, the system comprising:
- at least one computer processor; and
  
  memory having instructions stored thereon, the instructions, when executed by the at least one processor, cause the at least one processor to perform operations, the operations comprising;
  
  receiving primary authentication information from a computing device of a customer via a primary communication channel;
  
  authenticating the primary authentication information received from the computing device of the customer, and based on the primary authentication information, retrieving customer information;
  
  sending a message to the computing device of the customer, via the primary communication channel, that identifies potential communication channels through which secondary authentication information can be sent, wherein the message does not comprise complete contact information for the potential communication channels;
  
  receiving from the computing device of the customer a selection of one of the potential communication channels, which comprises a secondary communication channel;
  
  outputting secondary authentication information to the customer via the secondary communication channel that is different than the primary communication channel;
  
  receiving from the computing device of the customer, via the primary communication channel, at least a portion of the secondary authentication information; and
  
  processing the received secondary authentication information to authenticate the customer.
- View Dependent Claims (20, 21, 22, 23, 24)
- - 20. The system of claim 19, wherein the primary communication channel is the Internet and the secondary authentication information is transmitted via at least one of a telephone call, text message, or e-mail to the customer.
  - 21. The system of claim 19, wherein the customer information comprises complete contact information for the potential communication channels of at least one of a land-line telephone number, a cell number, an email address, or SMS information of the customer, by which to contact the customer on a channel different than the primary communication channel.
  - 22. The system of claim 19, wherein the instructions further cause the at least one processor to determine whether the system recognizes the computing device that the customer is using to send the primary authentication information via the primary communication channel.
  - 23. The system of claim 19, wherein the message is sent to the computing device of the customer based on a determination of risk with respect to the customer or the computing device of the customer.
  - 24. The system of claim 19, wherein the instructions further cause the at least one processor to monitor an elapsed time during primary and/or secondary authentication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
JP Morgan Chase Bank, N.A. (JP Morgan Chase & Co)
Original Assignee
JP Morgan Chase Bank, N.A. (JP Morgan Chase & Co)
Inventors
Szwalbenest, Stanley A.
Primary Examiner(s)
Hoffman, Brandon
Assistant Examiner(s)
Anderson, Michael D

Application Number

US14/958,193
Time in Patent Office

558 Days
Field of Search

705 42, 705 67, 380 33, 726 3
US Class Current
CPC Class Codes

G06Q 20/4014   Identity check for transact...

G06Q 20/425   using two different network...

G06Q 30/06   Buying, selling or leasing ...

H04L 63/0853   using an additional device,...

H04L 63/18   using different networks or...

H04L 69/14   Multichannel or multilink p...

H04M 1/66   with means for preventing u...

Y02D 30/50   in wire-line communication ...

Systems and methods for multifactor authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

601 Citations

24 Claims

Specification

Use Cases

Quick Links

Others

Systems and methods for multifactor authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

601 Citations

24 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others