System and method for second factor authentication

US 9,788,205 B2
Filed: 03/24/2016
Issued: 10/10/2017
Est. Priority Date: 12/31/2008
Status: Active Grant

First Claim

Patent Images

1. A method of enhanced communication, the method comprising:

receiving a request for second factor authentication (SFA) generation from a third party, wherein the request comprises information regarding a user and a desired characteristic of the SFA;

generating an SFA token based on at least the received information regarding the user and the desired characteristic of the SFA;

associating the SFA token with an identifier of the user in a repository;

sending the generated SFA token towards a device associated with the user;

receiving either;

a) a request for SFA validation from the third party, wherein the request comprises information regarding the user and the SFA token, orb) a response from the device associated with the user, wherein the response comprises information regarding the user and the SFA token;

performing one or more processing steps to validate the SFA token yielding at least an indicia of validation; and

sending the indicia of validation to the third party;

wherein at least one of the receiving, generating, associating, sending, and performing is accomplished using one or more computers.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

As individuals increasingly engage in different types of transactions they face a growing threat from, possibly among other things, identity theft, financial fraud, information misuse, etc. and the serious consequences or repercussions of same. Leveraging the ubiquitous nature of wireless devices and the popularity of (Short Message Service, Multimedia Message Service, etc.) messaging, an infrastructure that enhances the security of the different types of transactions within which a wireless device user may participate through a Second Factor Authentication facility. The infrastructure may optionally leverage the capabilities of a centrally-located Messaging Inter-Carrier Vendor.

Citations

15 Claims

1. A method of enhanced communication, the method comprising:
- receiving a request for second factor authentication (SFA) generation from a third party, wherein the request comprises information regarding a user and a desired characteristic of the SFA;
  
  generating an SFA token based on at least the received information regarding the user and the desired characteristic of the SFA;
  
  associating the SFA token with an identifier of the user in a repository;
  
  sending the generated SFA token towards a device associated with the user;
  
  receiving either;
  
  a) a request for SFA validation from the third party, wherein the request comprises information regarding the user and the SFA token, orb) a response from the device associated with the user, wherein the response comprises information regarding the user and the SFA token;
  
  performing one or more processing steps to validate the SFA token yielding at least an indicia of validation; and
  
  sending the indicia of validation to the third party;
  
  wherein at least one of the receiving, generating, associating, sending, and performing is accomplished using one or more computers.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the SFA token comprises a sequence of one or more letters, numbers, and special characters.
  - 3. The method of claim 1, wherein the SFA token is designated as being single use or multi-use.
  - 4. The method of claim 1, wherein the SFA token comprises a lifetime indicator.
  - 5. The method of claim 1, wherein the one or more processing steps to validate the SFA token considers information on a current physical location of the device.

6. A system for enhanced communication, the system comprising:
- a memory; and
  
  at least one processor coupled to the memory and configured to receive a request for second factor authentication (SFA) generation from a third party, wherein the request comprises information regarding a user and a desired characteristic of the SFA;
  
  a first workflow component executing in the processor and configured to generate an SFA token based on the information regarding the user and the desired characteristic of the SFA;
  
  a repository configured to associate the SFA token with an identifier of the user; and
  
  a second workflow component executing in the processor and configured to validate the SFA token yielding at least an indicia of validation;
  
  wherein the processor is further configured to;
  
  send the SFA token towards a device associated with the user,receive either (a) a request for SFA validation from the third party, wherein the request comprises information regarding the user and the SFA token, or (b) a response from the device associated with the user, wherein the response comprises information regarding the user and the SFA token, andsend the indicia of validation to the third party.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The system of claim 6, wherein the SFA token comprises a sequence of one or more letters, numbers, and special characters.
  - 8. The system claim 6, wherein the SFA token is designated as being single use or multi-use.
  - 9. The system of claim 6, wherein the SFA. token comprises a lifetime indicator.
  - 10. The system of claim 6, wherein the second workflow component processes information on a current physical location of the device.

11. A non-transitory computer readable medium containing computer instructions that, when executed by one or more processors, cause the one or more processors to take actions, comprising:
- receiving a request for second factor authentication (SFA) generation from a third party, wherein the request comprises information regarding a user and a desired characteristic of the SFA;
  
  generating an SFA token based on at least the received information regarding the user and the desired characteristic of the SFA;
  
  associating the SFA token with an identifier of the user in a repository;
  
  sending the generated SFA token towards a device associated with the user;
  
  receiving either;
  
  a) a request for SFA validation from the third party, wherein the request comprises information regarding the user and the SFA token, orb) a response from the device associated with the user, wherein the response comprises information regarding the user and the SFA token;
  
  performing one or more processing steps to validate the SFA token yielding at least an indicia of validation; and
  
  sending the indicia of validation to the third party;
  
  wherein at least one of the receiving, generating, associating, sending, and performing is accomplished using one or more computers.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The non-transitory computer readable medium of claim 11, wherein the SFA token comprises a sequence of one or more letters, numbers, and special characters.
  - 13. The non-transitory computer readable medium of claim 11, wherein the SFA token is designated as being single use or multi-use.
  - 14. The non-transitory computer readable medium of claim 11, wherein the SFA token comprises a lifetime indicator.
  - 15. The non-transitory computer readable medium of claim 11, wherein the one or more processing steps to validate the SFA token considers information on a current physical location of the device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sybase Incorporated (SAP SE)
Original Assignee
Sybase Incorporated (SAP SE)
Inventors
Sarmah, Dilip, Erickson, Kyle Warner, Gadagkar, Rajat Mounendrababu
Primary Examiner(s)
Su, Sarah

Application Number

US15/079,363
Publication Number

US 20160212619A1
Time in Patent Office

565 Days
Field of Search

726 6, 726 2, 726 16, 726 17, 726 20, 726 26, 726 27, 726 28, 713172, 713182, 713185
US Class Current
CPC Class Codes

H04L 2209/80   Wireless

H04L 63/083   using passwords cryptograph...

H04L 9/3213   using tickets or tokens, e....

H04W 12/06   Authentication

H04W 4/14   Short messaging services, e...

System and method for second factor authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for second factor authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links