Adaptive policies and protections for securing financial transaction data at rest

US 9,847,995 B2
Filed: 11/05/2015
Issued: 12/19/2017
Est. Priority Date: 06/22/2010
Status: Active Grant

First Claim

Patent Images

1. A method for challenge-response authentication, the method comprising:

receiving, by a terminal over a communication network, a plurality of codes and a first arrangement of a plurality of images, each one of the plurality of codes (i) corresponding to one of the plurality of images and (ii) corresponding to an alphanumeric character of a plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters;

displaying the first arrangement of the plurality of images on a user interface of the terminal;

receiving an input through the user interface associated with the plurality of images the input comprising rearranging locations of the plurality of images on the user interface;

ordering the plurality of codes in a sequence based on the input received through the user interface; and

transmitting, by the terminal over the communication network, the sequence of the plurality of codes, wherein transmitting, by the terminal over the communication network, a request for a service to a service network; and

receiving, by the terminal over the communication network, access to the service on the service network when an alphanumeric string matches a user identifier, the alphanumeric string being generated from the plurality of alphanumeric characters based on the sequence of the corresponding the plurality of codes.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method, and computer-readable medium for challenge-response authentication are provided. A plurality of codes is received over a communication network based on input provided by way of a user interface displaying a plurality of images. An alphanumeric string is generated based on the received plurality of codes and based on a table that associates each one of the plurality of codes with a respective one of the plurality of images and with a respective one of a plurality of alphanumeric characters. A determination is made as to whether to grant authorization based on whether the generated alphanumeric string matches an alphanumeric user identifier stored in a memory device in association with a user.

128 Citations

20 Claims

1. A method for challenge-response authentication, the method comprising:
- receiving, by a terminal over a communication network, a plurality of codes and a first arrangement of a plurality of images, each one of the plurality of codes (i) corresponding to one of the plurality of images and (ii) corresponding to an alphanumeric character of a plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters;
  
  displaying the first arrangement of the plurality of images on a user interface of the terminal;
  
  receiving an input through the user interface associated with the plurality of images the input comprising rearranging locations of the plurality of images on the user interface;
  
  ordering the plurality of codes in a sequence based on the input received through the user interface; and
  
  transmitting, by the terminal over the communication network, the sequence of the plurality of codes, wherein transmitting, by the terminal over the communication network, a request for a service to a service network; and
  
  receiving, by the terminal over the communication network, access to the service on the service network when an alphanumeric string matches a user identifier, the alphanumeric string being generated from the plurality of alphanumeric characters based on the sequence of the corresponding the plurality of codes.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the first arrangement of the plurality of images displayed on the user interface is any one or a combination of:
    - a multidimensional grid of the plurality of images, a horizontal arrangement of the plurality of images, or a spatial overlay of the plurality of images.
  - 3. The method of claim 1, further comprising generating a second arrangement of the plurality of images based on the input received through the user interface, wherein the ordering step includes sequencing the plurality of codes based on the second arrangement of the plurality of images.
  - 4. The method of claim 3, wherein:
    - the second arraignment includes at least two images of the plurality of images arranged in an order, andthe codes are ordered in the sequence in which the corresponding image is arranged in the second arrangement.
  - 5. The method of claim 1, wherein:
    - the input received through the user interface includes the selection of at least two images of the plurality of images in an order, andthe sequence of the plurality of codes is based on the order in which the corresponding image was selected.
  - 6. The method of claim 1, further comprising encrypting the sequence of codes transmitted over the communication network.

7. A system for challenge-response authentication, the system comprising:
- a memory;
  
  a user interface; and
  
  a processor, coupled to the memory and the user interface, configured to;
  
  receive, over a communication network, a plurality of codes and a first arrangement of a plurality of images, each one of the plurality of codes (i) corresponding to one of the plurality of images and (ii) corresponding to an alphanumeric character of a plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters;
  
  display the first arrangement of the plurality of images on the user interface;
  
  receive an input through the user interface associated with the plurality of images, the input comprising rearranging locations of the plurality of images on the user interface;
  
  order the plurality of codes in a sequence based on the input received through the user interface; and
  
  transmit, over the communication network, the sequence of the plurality of codes, wherein transmitting, by the terminal over the communication network, a request for a service to a service network; and
  
  receiving, by the terminal over the communication network, access to the service on the service network when an alphanumeric string matches a user identifier, the alphanumeric string being generated from the plurality of alphanumeric characters based on the sequence of the corresponding the plurality of codes.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The system of claim 7, wherein the first arrangement of the plurality of images displayed on the user interface is any one or a combination of:
    - a multidimensional grid of the plurality of images, a horizontal arrangement of the plurality of images, or a spatial overlay of the plurality of images.
  - 9. The system of claim 7, wherein the processor is further configured to:
    - generate a second arrangement of the plurality of images based on the input received through the user interface, andsequence the plurality of codes based on the second arrangement of the plurality of images.
  - 10. The system of claim 9, wherein:
    - the second arraignment includes at least two images of the plurality of images arranged in an order, andthe codes are ordered in the sequence in which the corresponding image is arranged in the second arrangement.
  - 11. The system of claim 7, wherein:
    - the input received through the user interface includes the selection of at least two images of the plurality of images in an order, andthe sequence of the plurality of codes is based on the order in which the corresponding image was selected.
  - 12. The system of claim 7, wherein the processor is further configured to:
    - transmit, over the communication network, a request for a service to a service network; and
      
      receive, over the communication network, access to the service on the service network when an alphanumeric string matches a user identifier, the alphanumeric string being generated from the plurality of alphanumeric characters based on the sequence of the corresponding the plurality of codes.
  - 13. The system of claim 7, wherein the processor is further configured to encrypt the sequence of codes transmitted over the communication network.

14. A non-transitory computer-readable medium having stored thereon sequences of instructions, the sequences of instructions including instructions, which, when executed by a computer system, cause the computer system to:
- receive, over a communication network, a plurality of codes and a first arrangement of a plurality of images, each one of the plurality of codes (i) corresponding to one of the plurality of images and (ii) corresponding to an alphanumeric character of a plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters;
  
  display the first arrangement of the plurality of images on a user interface;
  
  receive an input through the user interface based on the plurality of images, the input comprising rearranging locations of the plurality of images on the user interface;
  
  order the plurality of codes in a sequence associated with the input received through the user interface; and
  
  transmit, over the communication network, the sequence of the plurality of codes, wherein transmitting, by the terminal over the communication network, a request for a service to a service network; and
  
  receiving, by the terminal over the communication network, access to the service on the service network when an alphanumeric string matches a user identifier, the alphanumeric string being generated from the plurality of alphanumeric characters based on the sequence of the corresponding the plurality of codes.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The non-transitory computer readable medium of claim 14, wherein the first arrangement of the plurality of images displayed on the user interface is any one or a combination of:
    - a multidimensional grid of the plurality of images, a horizontal arrangement of the plurality of images, or a spatial overlay of the plurality of images.
  - 16. The non-transitory computer readable medium of claim 14, the sequences of instructions including instructions, which, when executed by a computer system, further cause the computer system to:
    - generate a second arrangement of the plurality of images based on the input received through the user interface, andsequence the plurality of codes based on the second arrangement of the plurality of images.
  - 17. The non-transitory computer readable medium of claim 16, wherein:
    - the second arraignment includes at least two images of the plurality of images arranged in an order, andthe codes are ordered in the sequence in which the corresponding image is arranged in the second arrangement.
  - 18. The non-transitory computer readable medium of claim 14, wherein:
    - the input received through the user interface includes the selection of at least two images of the plurality of images in an order, andthe sequence of the plurality of codes is based on the order in which the corresponding image was selected.
  - 19. The non-transitory computer readable medium of claim 14, the sequences of instructions including instructions, which, when executed by a computer system, further cause the computer system to:
    - transmit, over the communication network, a request for a service to a service network; and
      
      receive, over the communication network, access to the service on the service network when an alphanumeric string matches a user identifier, the alphanumeric string being generated from the plurality of alphanumeric characters based on the sequence of the corresponding the plurality of codes.
  - 20. The non-transitory computer readable medium of claim 14, the sequences of instructions including instructions, which, when executed by a computer system, further cause the computer system to encrypt the sequence of codes transmitted over the communication network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Original Assignee
American Express Travel Related Services Company, Inc. (American Express Company)
Inventors
Bailey, Jr., Samuel A.
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
Getachew, Abiy

Application Number

US14/933,165
Publication Number

US 20160057129A1
Time in Patent Office

775 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/36   by graphic or iconic repres...

G06F 2221/2103   Challenge-response

G06Q 20/322   Aspects of commerce using m...

G06Q 20/325   using wireless networks

G06Q 20/382   insuring higher security of...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4014   Identity check for transact...

G09C 1/04   with sign carriers or indic...

H04L 2463/102   applying security measure f...

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/10   for controlling access to d...

H04L 63/1408   by monitoring network traff...

H04L 9/3271   using challenge-response

Adaptive policies and protections for securing financial transaction data at rest

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

128 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Adaptive policies and protections for securing financial transaction data at rest

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

128 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links