Adaptive policies and protections for securing financial transaction data at rest
First Claim
1. A method for challenge-response authentication, the method comprising:
- receiving, by a terminal over a communication network, a plurality of codes and a first arrangement of a plurality of images, each one of the plurality of codes (i) corresponding to one of the plurality of images and (ii) corresponding to an alphanumeric character of a plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters;
displaying the first arrangement of the plurality of images on a user interface of the terminal;
receiving an input through the user interface associated with the plurality of images the input comprising rearranging locations of the plurality of images on the user interface;
ordering the plurality of codes in a sequence based on the input received through the user interface; and
transmitting, by the terminal over the communication network, the sequence of the plurality of codes, wherein transmitting, by the terminal over the communication network, a request for a service to a service network; and
receiving, by the terminal over the communication network, access to the service on the service network when an alphanumeric string matches a user identifier, the alphanumeric string being generated from the plurality of alphanumeric characters based on the sequence of the corresponding the plurality of codes.
1 Assignment
0 Petitions
Accused Products
Abstract
A system, method, and computer-readable medium for challenge-response authentication are provided. A plurality of codes is received over a communication network based on input provided by way of a user interface displaying a plurality of images. An alphanumeric string is generated based on the received plurality of codes and based on a table that associates each one of the plurality of codes with a respective one of the plurality of images and with a respective one of a plurality of alphanumeric characters. A determination is made as to whether to grant authorization based on whether the generated alphanumeric string matches an alphanumeric user identifier stored in a memory device in association with a user.
128 Citations
20 Claims
-
1. A method for challenge-response authentication, the method comprising:
- receiving, by a terminal over a communication network, a plurality of codes and a first arrangement of a plurality of images, each one of the plurality of codes (i) corresponding to one of the plurality of images and (ii) corresponding to an alphanumeric character of a plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters;
displaying the first arrangement of the plurality of images on a user interface of the terminal;
receiving an input through the user interface associated with the plurality of images the input comprising rearranging locations of the plurality of images on the user interface;
ordering the plurality of codes in a sequence based on the input received through the user interface; and
transmitting, by the terminal over the communication network, the sequence of the plurality of codes, wherein transmitting, by the terminal over the communication network, a request for a service to a service network; and
receiving, by the terminal over the communication network, access to the service on the service network when an alphanumeric string matches a user identifier, the alphanumeric string being generated from the plurality of alphanumeric characters based on the sequence of the corresponding the plurality of codes. - View Dependent Claims (2, 3, 4, 5, 6)
- receiving, by a terminal over a communication network, a plurality of codes and a first arrangement of a plurality of images, each one of the plurality of codes (i) corresponding to one of the plurality of images and (ii) corresponding to an alphanumeric character of a plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters;
-
7. A system for challenge-response authentication, the system comprising:
- a memory;
a user interface; and
a processor, coupled to the memory and the user interface, configured to;
receive, over a communication network, a plurality of codes and a first arrangement of a plurality of images, each one of the plurality of codes (i) corresponding to one of the plurality of images and (ii) corresponding to an alphanumeric character of a plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters;
display the first arrangement of the plurality of images on the user interface;
receive an input through the user interface associated with the plurality of images, the input comprising rearranging locations of the plurality of images on the user interface;
order the plurality of codes in a sequence based on the input received through the user interface; and
transmit, over the communication network, the sequence of the plurality of codes, wherein transmitting, by the terminal over the communication network, a request for a service to a service network; and
receiving, by the terminal over the communication network, access to the service on the service network when an alphanumeric string matches a user identifier, the alphanumeric string being generated from the plurality of alphanumeric characters based on the sequence of the corresponding the plurality of codes. - View Dependent Claims (8, 9, 10, 11, 12, 13)
- a memory;
-
14. A non-transitory computer-readable medium having stored thereon sequences of instructions, the sequences of instructions including instructions, which, when executed by a computer system, cause the computer system to:
- receive, over a communication network, a plurality of codes and a first arrangement of a plurality of images, each one of the plurality of codes (i) corresponding to one of the plurality of images and (ii) corresponding to an alphanumeric character of a plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters;
display the first arrangement of the plurality of images on a user interface;
receive an input through the user interface based on the plurality of images, the input comprising rearranging locations of the plurality of images on the user interface;
order the plurality of codes in a sequence associated with the input received through the user interface; and
transmit, over the communication network, the sequence of the plurality of codes, wherein transmitting, by the terminal over the communication network, a request for a service to a service network; and
receiving, by the terminal over the communication network, access to the service on the service network when an alphanumeric string matches a user identifier, the alphanumeric string being generated from the plurality of alphanumeric characters based on the sequence of the corresponding the plurality of codes. - View Dependent Claims (15, 16, 17, 18, 19, 20)
- receive, over a communication network, a plurality of codes and a first arrangement of a plurality of images, each one of the plurality of codes (i) corresponding to one of the plurality of images and (ii) corresponding to an alphanumeric character of a plurality of alphanumeric characters, the plurality of codes being distinct from the plurality of alphanumeric characters;
Specification