System and method for user authentication
First Claim
Patent Images
1. A method of authenticating a user, the method comprising:
- generating at a validation server a unique user ID number and a matching encryption key corresponding to the user;
transmitting the unique user ID number and the matching encryption key to a user device;
generating a temporary access code based on the encryption key on the user device;
providing the unique user ID number to a plurality of organization servers;
transmitting the unique user ID number and the temporary access code to the validation server;
performing on the validation server a verification of the unique user ID number and the temporary access code to obtain a validation result;
transmitting the validation result to the plurality of organization servers; and
authenticating the user at each of the organization servers based on the validation result,wherein the unique user ID number is non-confidential and shared with the plurality of organization servers each of which is maintained by respective independent host organizations.
0 Assignments
0 Petitions
Accused Products
Abstract
A system and method for providing authentication of a user is disclosed. The use of a non-confidential and unique user identification number and a temporary access code separates authentication of the user from transmission of any user passwords or user-identifiable data, as well as provides a ubiquitous means to authenticate the user with unrelated organizations, without any information passing between those organizations.
-
Citations
14 Claims
-
1. A method of authenticating a user, the method comprising:
-
generating at a validation server a unique user ID number and a matching encryption key corresponding to the user; transmitting the unique user ID number and the matching encryption key to a user device; generating a temporary access code based on the encryption key on the user device; providing the unique user ID number to a plurality of organization servers; transmitting the unique user ID number and the temporary access code to the validation server; performing on the validation server a verification of the unique user ID number and the temporary access code to obtain a validation result; transmitting the validation result to the plurality of organization servers; and authenticating the user at each of the organization servers based on the validation result, wherein the unique user ID number is non-confidential and shared with the plurality of organization servers each of which is maintained by respective independent host organizations. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system for authenticating a user, the system comprising:
-
a client-based security software component operable on at least one user device operable by the user; a server-based validation software component operable on at least one validation server adapted to run on at least one computer that is maintained by a first organization; and a plurality of host organization servers, each host organization server adapted to run on at least one computer separately maintained by an independent host organization, wherein the server-based validation software component communicates with the client-based security software component to provide the user on the at least one user device with a unique user ID number and a corresponding encryption key, wherein the client-based security software component generates a temporary access code based on the unique user ID number and the corresponding encryption key, wherein the user provides the unique user ID number to the a plurality of host organization servers, wherein an authentication request comprising the user ID number and the temporary access code is transmitted to the at least one validation server for authenticating the user, wherein the server-based validation software component generates a validation result, wherein the validation result is transmitted from the validation server to the plurality of host organization servers, wherein the at least one computer maintained by the first organization is independent and separate from the independent host organizations and their respective organization servers, and wherein the unique user ID number is non-confidential and shared with each of the plurality of organization servers maintained by respective independent host organizations. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory computer-readable storage medium storing instructions that, when executed on one or more computers, causes the computers to perform a method of authenticating a user, wherein said method comprises:
-
generating at a validation server a unique user ID number and a matching encryption key corresponding to the user; transmitting the unique user ID number and the matching encryption key to a user device; generating a temporary access code based on the encryption key on the user device; providing the unique user ID number to a plurality of organization servers; transmitting the unique user ID number and the temporary access code to the validation server; performing on the validation server a verification of the unique user ID number and the temporary access code to obtain a validation result; transmitting the validation result to the plurality of organization servers; and authenticating the user at each of the organization servers based on the validation result, wherein the unique user ID number is non-confidential and shared with the plurality of organization servers each of which is maintained by respective independent host organizations. - View Dependent Claims (12, 13, 14)
-
Specification