×

System, design and process for easy to use credentials management for accessing online portals using out-of-band authentication

  • US 9,742,766 B2
  • Filed: 06/24/2016
  • Issued: 08/22/2017
  • Est. Priority Date: 12/31/2012
  • Status: Active Grant
First Claim
Patent Images

1. A system of user authentication for accessing an online portal in a communications network, the system comprising:

  • a client processing application having programming for communication with a login portal and screen for access by a user;

    a hardware authentication server device having programming for establishing contact between the client processing application and the hardware authentication server device wherein a new authentication session is started;

    programming for generating a session identification (“

    ID”

    ), and programming for communicating a session ID to the client processing application through at least a first communications channel;

    wherein the client processing application includes programming for creating a multi-dimensional barcode for display at the login screen, wherein the multi-dimensional barcode has dynamic encryption keys, portal information, session ID, and a unique key; and

    programming for holding the client processing application in waiting pending notification of session validation by the hardware authentication server device;

    wherein the client processing application includes programming for authentication by receiving user credentials from a portable communications device,a portable communications device application having programming for authentication;

    including programming for receiving user credentials and displaying at least one scan option;

    programming for scanning the multi-dimensional barcode displayed at the login screen;

    programming for validating the client processing application;

    programming for finding at least one encrypted user credential with the encryption key from the multi-dimensional barcode; and

    programming for sending the at least one encrypted user credential and session ID to the hardware authentication server device via an outbound out-of-band communications channel;

    wherein the hardware authentication server device further includes programming for checking a provisioned user database and validating the session ID;

    programming for sending an encrypted payload to the waiting client processing application;

    programming for sending validation result to the portable communication device where the result can be displayed;

    wherein the client processing application includes programming for extracting and decrypting the at least one encrypted user credential; and

    programming for using an at least one decrypted user credential to access the online portal.

View all claims
  • 6 Assignments
Timeline View
Assignment View
    ×
    ×