Systems and methods of authenticating and controlling access over customer data
First Claim
1. A computer implemented method executed at least in part on a system, for authenticating and controlling access to customer data by a mobile agent comprising:
- receiving by a mobile application management module, mobile agent login request from an agent device and a customer authentication request from a customer device using a pre-installed mobile application wherein unique identification data of agent device and customer device is pre-stored;
receiving by a location match module, geo-spatial location of the agent device and the customer device and performing geo-spatial location match for the agent device and the customer device;
generating by a session key generator module, a session key which is valid for pre-determined duration of a meeting session and dividing the session key into two parts wherein one part is sent to the agent device and other part to the customer device wherein the session key is generated and sent only if location match is found between the agent device and customer device;
entering the received parts of session key into agent device and customer device by mobile agent and customer respectively and comparing by a session key verification module, the entered session key with the generated session key by the session key generator module;
comparing by an ID match module, the unique identification data of agent device and customer device stored with identification data of agent device and customer device used for entering the session key; and
granting access by an access module to mobile agent through agent device only if the location match, session key match and identification data match for the agent device and customer device is found.
1 Assignment
0 Petitions
Accused Products
Abstract
Method and system for authenticating and controlling access to customer data is disclosed. Initially, a mobile agent raises a login request and a customer raises an authentication request through a pre-installed mobile application available on agent device and customer device. The unique identification details of customer device and agent device are stored on the system. The system performs a location match between the customer device and agent device thereafter a session key is generated. The session key is sent in parts to the customer device and mobile devices wherein at the time of authentication of agent device, the system performs a location match, session key match and identification detail match.
-
Citations
18 Claims
-
1. A computer implemented method executed at least in part on a system, for authenticating and controlling access to customer data by a mobile agent comprising:
-
receiving by a mobile application management module, mobile agent login request from an agent device and a customer authentication request from a customer device using a pre-installed mobile application wherein unique identification data of agent device and customer device is pre-stored; receiving by a location match module, geo-spatial location of the agent device and the customer device and performing geo-spatial location match for the agent device and the customer device; generating by a session key generator module, a session key which is valid for pre-determined duration of a meeting session and dividing the session key into two parts wherein one part is sent to the agent device and other part to the customer device wherein the session key is generated and sent only if location match is found between the agent device and customer device; entering the received parts of session key into agent device and customer device by mobile agent and customer respectively and comparing by a session key verification module, the entered session key with the generated session key by the session key generator module; comparing by an ID match module, the unique identification data of agent device and customer device stored with identification data of agent device and customer device used for entering the session key; and granting access by an access module to mobile agent through agent device only if the location match, session key match and identification data match for the agent device and customer device is found. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for authenticating and controlling access to customer data by a mobile agent comprising:
-
a memory storing instructions; a processor coupled to the memory to; receive by a mobile application management module, mobile agent login request from an agent device and a customer authentication request from a customer device using a pre-installed mobile application wherein unique identification data of agent device and customer device is pre-stored; receive by a location match module, geo-spatial location of the agent device and the customer device and performing geo-spatial location match for the agent device and the customer device; generating by a session key generator module, a session key which is valid for pre-determined duration of a meeting session and dividing the session key into two parts wherein one part is sent to the agent device and other part to the customer device wherein the session key is generated and sent only if location match is found between the agent device and customer device; entering the received parts of session key into agent device and customer device by mobile agent and customer respectively and comparing by a session key verification module, the entered session key with the generated session key by the session key generator module; comparing by an ID match module, the unique identification data of agent device and customer device stored with identification data of agent device and customer device used for entering the session key; and granting access by an access module to mobile agent through agent device only if the location match, session key match and identification data match for the agent device and customer device is found.
-
-
18. A computer program product for authenticating and controlling access of mobile agent to customer data, the computer program product comprising a non-transitory computer-readable storage medium having computer-readable program code portions stored therein, the computer-readable program code portions comprising:
-
a first executable portion for receiving mobile agent login request and customer authentication request; a second executable portion for receiving gee-spatial location of agent device and customer device and performing a location match between agent device and customer device; a third executable portion for generating a session key and dividing the session key into two parts and sending the parts to agent device and customer device only if the location match is found; a fourth executable portion for comparing the entered session key with the generated session key; a fifth executable portion for comparing pre-stored unique identification data with the identification data of agent device and customer device; and a sixth executable portion for granting access to mobile agent only if the location match, session key match and identification data match is found for agent device and customer device.
-
Specification