Direct authentication system and method via trusted authenticators
DCFirst Claim
Patent Images
1. An authentication method for enhancing computer network security, the method comprising:
- engaging in an electronic communication with a user via a computer network;
receiving, after engaging in the electronic communication, user-authentication information from the user via the computer network, the user-authentication information including SecureCode, wherein;
the SecureCode is generated by an authentication system and provided to the user after the user engages in the electronic communication,the SecureCode generated by the authentication system is configured to be valid for a predetermined time and to become invalid after the predetermined time, andthe SecureCode is configured to become invalid after a first use to authenticate the user;
providing, via the computer network, a request for authenticating the user to the authentication system, wherein the request includes the SecureCode and user-identification information;
receiving, prior to completion of the electronic communication, a response to the request for authenticating the user via the computer network, wherein the response to the request for authenticating the user indicates that whether the authentication system authenticated the user based on a determination of whether the SecureCode included in the authentication request is valid and whether the user-identification information included in the authentication request is correct; and
proceeding with the electronic communication based on the response to the request for authenticating the user,wherein the electronic communication comprises accessing an online system that requires user authentication.
2 Assignments
Litigations
0 Petitions
Accused Products
Abstract
Systems and methods are provided for enabling online entities to determine whether a user is truly the person who he says using a “two-factor” authentication technique and authenticating customer'"'"'s identity utilizing a trusted authenticator.
-
Citations
26 Claims
-
1. An authentication method for enhancing computer network security, the method comprising:
-
engaging in an electronic communication with a user via a computer network; receiving, after engaging in the electronic communication, user-authentication information from the user via the computer network, the user-authentication information including SecureCode, wherein; the SecureCode is generated by an authentication system and provided to the user after the user engages in the electronic communication, the SecureCode generated by the authentication system is configured to be valid for a predetermined time and to become invalid after the predetermined time, and the SecureCode is configured to become invalid after a first use to authenticate the user; providing, via the computer network, a request for authenticating the user to the authentication system, wherein the request includes the SecureCode and user-identification information; receiving, prior to completion of the electronic communication, a response to the request for authenticating the user via the computer network, wherein the response to the request for authenticating the user indicates that whether the authentication system authenticated the user based on a determination of whether the SecureCode included in the authentication request is valid and whether the user-identification information included in the authentication request is correct; and proceeding with the electronic communication based on the response to the request for authenticating the user, wherein the electronic communication comprises accessing an online system that requires user authentication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for enhancing computer network security comprising one or more computing devices configured to perform operations, the operations comprising:
-
engaging in an electronic communication with a user via a computer network; receiving, after engaging in the electronic communication, user-authentication information from the user via the computer network, the user-authentication information including an authentication code a SecureCode, wherein; the SecureCode is generated by an authentication system and provided to the user after the user engages in the electronic communication, the SecureCode generated by the authentication system is configured to be valid for a predetermined time and to become invalid after the predetermined time and the SecureCode is configured to become invalid after a first use to authenticate the user; providing, via the computer network, a request for authenticating the user to the authentication system, wherein the request including the SecureCode and user-identification information; receiving, prior to completion of the electronic communication, a response to the request for authenticating the user via the computer network, wherein the response to the request for authenticating the user indicates that whether the authentication system authenticated the user based on a determination of whether the SecureCode included in the authentication request is valid and whether the user-identification information included in the authentication request is correct; and proceeding with the electronic communication based on the response to the authentication request, wherein the electronic communication comprises accessing an online system that requires user authentication. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A system for enhancing computer network security by authenticating a user in an electronic communication between the user and an online entity, the system comprising one or more computing devices configured to perform operations, the operations comprising:
-
receiving, after initiation of the electronic communication, a request for a SecureCode via a computer network; generating the SecureCode in response to the request for the SecureCode, wherein; the SecureCode is an alphanumeric value, the SecureCode is configured to be valid for a predetermined time and to become invalid after a predetermined time, and the SecureCode is configured to become invalid after a first use to authenticate the user; providing, via the computer network, the SecureCode in response to the request for the SecureCode; receiving, via the computer network, an authentication request for authenticating the user comprising user-authentication information including the SecureCode and user-identification information; determining a validity of the SecureCode included in the authentication request; determining a correctness of the user-identification information included in the authentication request; authenticating the user based on at least the validity of the SecureCode included in the authentication request and the user-identification information included in the authentication request; and providing, via the computer network, prior to completion of the electronic communication, a result of authenticating the user to the online entity in response to the authentication request, wherein the electronic communication comprises accessing an online system that requires user authentication. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
-
25. The system of claim of 28, wherein the receiving the request, the generating the SecureCode, the providing the SecureCode of the user, the receiving the authentication request, the authenticating the user, and the providing the result of authenticating occur during the real-time interaction.
-
26. A method for enhancing computer network security by authenticating a user in an electronic communication between the user and an online entity, the method comprising:
-
receiving, after initiation of the electronic communication, a request for a SecureCode via a computer network; generating the SecureCode in response to the request for the SecureCode, wherein; the SecureCode is configured to be valid for a predetermined time and to become invalid after a predetermined time, and the SecureCode is configured to become invalid after a first use to authenticate the user; providing, via the computer network, the SecureCode in response to the request for the SecureCode; receiving, via the computer network, an authentication request for authenticating the user, comprising user authentication information including the SecureCode and user-identification information; determining a validity of the SecureCode included in the authentication request; determining a correctness of the user-identification information included in the authentication request; authenticating the user based on at least the validity of the SecureCode included in the authentication request and the user-identification information included in the authentication request; and providing, via the computer network, prior to completion of the electronic communication, a result of authenticating the user to the online entity in response to the authentication request, wherein the electronic communication comprises accessing an online system that requires user authentication.
-
Specification