Enhanced multi factor authentication
First Claim
1. A method for confirming events initiated by a user, the method comprising:
- receiving an indication of the user initiating an event via a first device;
based at least on receiving the indication of the user initiating the event via the first device, initiating a telephone call or sending a text message over a communications network to a pre-registered number associated with a second device of the user, the pre-registered number having been registered before the user initiated event;
sending, over the communications network, an outgoing message to the user'"'"'s second device, the outgoing message comprising replayed event data information specific to the user initiated event, the replayed event data information comprising
1) information describing the user initiated event and
2) information identifying the user initiated event;
receiving, over the communications network, a response to the outgoing message, the response being generated from the user'"'"'s second device;
determining whether the response from the user'"'"'s second device matches pre-selected authentication information, the pre-selected authentication information having been pre-selected before the user initiated event is initiated; and
based at least on determining that the response from the user'"'"'s second device matches the pre-selected authentication information, confirming the user initiated event, otherwise not confirming the user initiated event, wherein, upon a condition in which the user initiated event is not confirmed, a first error message is transmitted to the first device and a second error message is transmitted to the second device, whereby the first device, which was used to initiate the event, receives the first error message and the second device, which was used to respond to the outgoing message, receives the second error message, and wherein at least one of the first error message or the second error message provides the user with an opportunity to reinitiate the event.
3 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, a network element comprises one or more processors, and a memory module communicatively coupled to the processor. The memory module comprises logic instructions which, when executed by the processor, configure the processor to receive, via a first communication channel, a primary authentication request transmitted from a user from a first device, process the primary authentication request to determine whether the user is authorized to access one or more resources, in response to a determination that the user is authorized to access one or more resources, initiate, a secondary authentication request, and transmit the secondary authentication request from the network element to the user via a second communication channel, different from the first communication channel.
118 Citations
22 Claims
-
1. A method for confirming events initiated by a user, the method comprising:
-
receiving an indication of the user initiating an event via a first device; based at least on receiving the indication of the user initiating the event via the first device, initiating a telephone call or sending a text message over a communications network to a pre-registered number associated with a second device of the user, the pre-registered number having been registered before the user initiated event; sending, over the communications network, an outgoing message to the user'"'"'s second device, the outgoing message comprising replayed event data information specific to the user initiated event, the replayed event data information comprising
1) information describing the user initiated event and
2) information identifying the user initiated event;receiving, over the communications network, a response to the outgoing message, the response being generated from the user'"'"'s second device; determining whether the response from the user'"'"'s second device matches pre-selected authentication information, the pre-selected authentication information having been pre-selected before the user initiated event is initiated; and based at least on determining that the response from the user'"'"'s second device matches the pre-selected authentication information, confirming the user initiated event, otherwise not confirming the user initiated event, wherein, upon a condition in which the user initiated event is not confirmed, a first error message is transmitted to the first device and a second error message is transmitted to the second device, whereby the first device, which was used to initiate the event, receives the first error message and the second device, which was used to respond to the outgoing message, receives the second error message, and wherein at least one of the first error message or the second error message provides the user with an opportunity to reinitiate the event. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-readable hardware storage medium with an executable program stored thereon for confirming events initiated by a user, wherein the program instructs at least one computer to:
-
receive an indication of the user initiating an event via a client device; based at least on receiving the indication of the user initiating the event via the client device, initiating a telephone call or sending a text message over a communications network to a pre-registered number associated with a telecommunications device of the user, the pre-registered number having been registered before the user initiated event; send, over the communications network, an outgoing message to the user'"'"'s telecommunications device, the outgoing message comprising replayed event data information specific to the event, the replayed event data information comprising
1) information describing the event and
2) information identifying the event;receive, over the communications network, a response to the outgoing message, the response being generated from the user'"'"'s telecommunications device; determine whether the response from the user'"'"'s telecommunications device matches pre-selected authentication information, the pre-selected authentication information having been pre-selected before the event is initiated; and based at least on determining that the response from the user'"'"'s telecommunications device matches the pre-selected authentication information, confirming the event, otherwise not confirming the event, wherein, upon a condition in which the event is not confirmed, a first error message is transmitted to the client device and a second error message is transmitted to the telecommunications device, whereby the client device, which was used to initiate the event, receives the first error message and the telecommunications device, which was used to respond to the outgoing message, receives the second error message, and wherein at least one of the first error message or the second error message provides the user with an opportunity to reinitiate the event. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A method comprising:
-
receiving an indication associated with a user-initiated event, the indication being transmitted via a first device of a user that initiated the user-initiated event; based at least on receiving the indication from the first device, sending a communication over a communication network to a telecommunications device that is known, prior to receiving the indication, to be associated with the user, the communication comprising first information, the first information being associated with the user-initiated event, the first information also describing at least a portion of the user-initiated event; receiving, over the communications network and from the telecommunications device, a response to the communication, the response including second information; determining whether the second information matches pre-selected authentication information, the pre-selected authentication information having been selected prior to receiving the indication; and based at least on determining that the second information matches the pre-selected authentication information, confirming the user-initiated event, otherwise, not confirming the user-initiated event, wherein, upon a condition in which the user-initiated event is not confirmed, a first error message is transmitted to the first device and a second error message is transmitted to the telecommunications device, whereby the first device, which was used to initiate the user-initiated event, receives the first error message and the telecommunications device, which was used to respond to the communication, receives the second error message, and wherein at least one of the first error message or the second error message provides the user with an opportunity to reinitiate the user-initiated event. - View Dependent Claims (20)
-
-
21. A system for providing enhanced secondary authentication, the system comprising:
an authentication server having at least one processor and at least one memory device, the authentication server configured to; receive a user initiated event from a device of a user; identify first information that is associated with the user initiated event, the first information also describing at least a portion of the user initiated event; identify a telecommunications device that is also associated with the user, wherein the user is authorized to approve the user initiated event via the telecommunications device; send, over a communications network, a first communication to the telecommunications device, the first communication including the first information; receive, from the telecommunications device, a second communication, the second communication including second information, the second information having pre-selected authentication information therein, wherein the pre-selected authentication information is information selected prior to receiving the user initiated event; determine whether the second information matches the pre-selected authentication information; and confirm the user initiated event when the second information matches the pre-selected authentication information, otherwise, deny the user initiated event, wherein, upon a condition in which the user initiated event is denied, a first error message is transmitted to the device and a second error message is transmitted to the telecommunications device, whereby the device, which was used to initiate the event, receives the first error message and the telecommunications device, which was used to respond to the first communication, receives the second error message, and wherein at least one of the first error message or the second error message provides the user with an opportunity to reinitiate the event. - View Dependent Claims (22)
Specification