Systems and methods for authentication and verification

US 9,756,042 B2
Filed: 03/23/2015
Issued: 09/05/2017
Est. Priority Date: 11/21/2012
Status: Active Grant

First Claim

Patent Images

1. A method of using a computer system to authenticate a user seeking to conduct at least one interaction with a secured capability provided by a computer, the method comprising:

using the computer system to access a first identifier corresponding to the secured capability, the first identifier assigned to be used by the secured capability for a finite period of time;

using the computer system to send a second identifier to an electronic device being used by the user, the second identifier corresponding to the secured capability;

using the computer system to receive a signal from the electronic device being used by the user;

using a processor of the computer system to evaluate, based at least on the signal and one or both of the first identifier and the second identifier, whether the user is authorized to conduct the at least one interaction with the secured capability; and

in response to an indication from the processor that the user is authorized to conduct the at least one interaction with the secured capability, using the computer system to generate authorization information and to provide the authorized information to at least one of the electronic device and the computer providing the secured capability.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Computer systems and methods are provided for authenticating a user seeking to conduct at least one interaction with a secured capability provided by a computer. The method includes accessing a first identifier corresponding to the secured capability and sending a second identifier to an electronic device being used by the user. The second identifier corresponds to the secured capability. The method further includes receiving a signal from the electronic device being used by the user. The method further includes using a processor to evaluate, based at least on the signal and one or both of the first identifier and the second identifier, whether the user is authorized to conduct the at least one interaction with the secured capability.

Citations

31 Claims

1. A method of using a computer system to authenticate a user seeking to conduct at least one interaction with a secured capability provided by a computer, the method comprising:
- using the computer system to access a first identifier corresponding to the secured capability, the first identifier assigned to be used by the secured capability for a finite period of time;
  
  using the computer system to send a second identifier to an electronic device being used by the user, the second identifier corresponding to the secured capability;
  
  using the computer system to receive a signal from the electronic device being used by the user;
  
  using a processor of the computer system to evaluate, based at least on the signal and one or both of the first identifier and the second identifier, whether the user is authorized to conduct the at least one interaction with the secured capability; and
  
  in response to an indication from the processor that the user is authorized to conduct the at least one interaction with the secured capability, using the computer system to generate authorization information and to provide the authorized information to at least one of the electronic device and the computer providing the secured capability.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 2. The method of claim 1, wherein the authorization information is generated by a verification server.
  - 3. The method of claim 1, wherein the authorization information is provided to the computer providing the secured capability.
  - 4. The method of claim 3, wherein the authorization information comprises an identifier that is unique to the user.
  - 5. The method of claim 1, wherein the electronic device comprises a mobile phone, smartphone, or tablet.
  - 6. The method of claim 1, wherein the computer system comprises a verification server and the computer providing the secured capability.
  - 7. The method of claim 6, further comprising using the electronic device to transmit payment information to at least one of the following:
    - the verification server, the computer providing the secured capability, and a payment processing gateway.
  - 8. The method of claim 1, further comprising transmitting payment information to at least one of a payment processing gateway or the computer providing the secured capability.
  - 9. The method of claim 1, wherein sending the second identifier comprises sending a text message to the electronic device.
  - 10. The method of claim 9, wherein the text message prompts the user to respond by sending a return text message to the computer system.
  - 11. The method of claim 1, wherein sending the second identifier to the electronic device is performed by the computer providing the secured capability.
  - 12. The method of claim 1, wherein sending the second identifier to the electronic device is performed by a verification server of the computer system.
  - 13. The method of claim 1, wherein accessing the first identifier is performed by at least one verification server of the computer system, sending the second identifier is performed by the computer providing the secured capability, the computer system comprising the computer, and receiving the signal is performed by the at least one verification server.
  - 14. The method of claim 1, wherein accessing the first identifier is performed by at least one verification server of the computer system, sending the second identifier is performed by the at least one verification server, and receiving the signal is performed by the at least one verification server.
  - 15. The method of claim 14, wherein the accessed first identifier is provided by a pool of identifiers stored by the at least one verification server.
  - 16. The method of claim 1, wherein the accessed first identifier is provided by a pool of identifiers stored by the computer providing the secured capability.
  - 17. The method of claim 1, wherein the accessed first identifier is provided by a pool of identifiers stored by a software-as-a-service (SaaS) server.
  - 18. The method of claim 1, wherein the signal comprises a third identifier transmitted by the electronic device and corresponding to the secured capability.
  - 19. The method of claim 1, wherein the signal comprises verification data transmitted by the electronic device.
  - 20. The method of claim 19, wherein the signal further comprises a third identifier transmitted by the electronic device and corresponding to the secured capability.
  - 21. The method of claim 20, wherein using the processor comprises evaluating, based at least on the validation data and at least one of the first identifier, the second identifier, and the third identifier, whether the user is authorized to conduct the at least one interaction with the secured capability.
  - 22. The method of claim 1, wherein the first identifier and the second identifier are the same as one another.
  - 23. The method of claim 1, wherein the first identifier and the second identifier are related to one another with a predetermined relationship.

24. A computer system for authenticating users seeking to conduct interactions with a plurality of secured capabilities provided by a plurality of computers, each computer of the plurality of computers providing at least one secured capability of the plurality of secured capabilities, the computer system comprising:
- at least one input configured to access a plurality of first identifiers, each first identifier of the plurality of first identifiers corresponding to a secured capability of the plurality of secured capabilities;
  
  at least one output configured to send a plurality of second identifiers to a plurality of electronic devices being used by the users, each second identifier of the plurality of second identifiers corresponding to a secured capability of the plurality of secured capabilities, the at least one input further configured to receive a signal from the plurality of electronic devices being used by the users;
  
  a storage device comprising;
  
  a first association of each secured capability of the plurality of secured capabilities with at least one corresponding first or second identifier; and
  
  a second association of verification data with corresponding verified users authorized to access at least one secured capability of the plurality of secured capabilities;
  
  a processor configured to evaluate, based at least on the signal and one or both of a first identifier of the plurality of first identifiers and a second identifier of the plurality of second identifiers, whether a user of the electronic device is authorized to conduct at least one interaction with a secured capability provided by the computer, the processor further configured to generate authorization information if the user of the electronic device is authorized to conduct the at least one interaction with the secured capability and to provide the authorized information to at least one of the electronic device and the computer providing the secured capability.

25. A non-transitory computer storage having stored thereon a computer program that instructs a computer system to authenticate a user seeking to conduct at least one interaction with a secured capability provided by a computer by at least:
- using the computer system to access a first identifier corresponding to the secured capability, the first identifier assigned to be used by the secured capability for a finite period of time;
  
  using the computer system to send a second identifier to an electronic device being used by the user, the second identifier corresponding to the secured capability;
  
  using the computer system to receive a signal from the electronic device being used by the user;
  
  using a processor of the computer system to evaluate, based at least on the signal and one or both of the first identifier and the second identifier, whether the user is authorized to conduct the at least one interaction with the secured capability; and
  
  in response to an indication from the processor that the user is authorized to conduct the at least one interaction with the secured capability, using the computer system to generate authorization information and to provide the authorized information to at least one of the electronic device and the computer providing the secured capability.

26. A method of using a computer system to authenticate a user seeking to conduct at least one interaction with a secured capability provided by a computer, the method comprising:
- using the computer system to access a first identifier corresponding to the secured capability;
  
  using the computer system to push a second identifier to an electronic device being used by the user, the second identifier corresponding to the secured capability and pushed to the electronic device via a push notification service;
  
  using the computer system to receive a signal from the electronic device being used by the user;
  
  using a processor of the computer system to evaluate, based at least on the signal and one or both of the first identifier and the second identifier, whether the user is authorized to conduct the at least one interaction with the secured capability; and
  
  in response to an indication from the processor that the user is authorized to conduct the at least one interaction with the secured capability, using the computer system to generate authorization information comprising information that is unique to the user and to provide the authorized information to at least one of the electronic device and the computer providing the secured capability.
- View Dependent Claims (27, 28)
- - 27. The method of claim 26, wherein the push notification service comprises Google Cloud Messaging (GCM) or IOS Push Notification.
  - 28. The method of claim 26, further comprising using the computer system to receive user verification information from the electronic device.

29. A method of using a computer system to authenticate a user seeking to conduct at least one interaction with a secured capability provided by a computer, the method comprising:
- using the computer system to access a first identifier corresponding to the secured capability;
  
  using the computer system to send a second identifier to an electronic device being used by the user, the Second identifier comprising corresponding to the secured capability, at least one of the first identifier and the second identifier assigned to be used by the secured capability for a finite period of time;
  
  using the computer system to receive a signal from the electronic device being used by the user;
  
  using a processor of the computer system to evaluate, based at least on the signal and one or both of the first identifier and the second identifier, whether the user is authorized to conduct the at least one interaction with the secured capability; and
  
  in response to an indication from the processor that the user is authorized to conduct the at least one interaction with the secured capability, using the computer system to generate authorization information and to provide the authorized information to at least one of the electronic device and the computer providing the secured capability.
- View Dependent Claims (30, 31)
- - 30. The method of claim 29, wherein at least one of the first identifier and the second identifier comprises a reusable identifier.
  - 31. The method of claim 29, wherein the second identifier is sent to the electronic device via a short message service (SMS).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Secure Matrix LLC (Jeffrey M. Gross)
Original Assignee
Jack Bicer
Inventors
Bicer, Jack
Primary Examiner(s)
LEUNG, ROBERT B

Application Number

US14/666,039
Publication Number

US 20160197915A1
Time in Patent Office

897 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/62   Protecting access to data v...

G06F 21/629   to features or functions of...

G06F 2221/2113   Multi-level security, e.g. ...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 30/0637   Approvals

H04L 63/08   for authentication of entit...

H04L 63/0838   using one-time-passwords

H04L 63/0853   using an additional device,...

H04L 63/18   using different networks or...

Systems and methods for authentication and verification

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for authentication and verification

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links