System and method for authenticating users
DCFirst Claim
1. A method for authenticating a user, comprising:
- receiving, by an application running on a mobile phone, a unique user input and generating by said application a secret based upon said unique user input,storing said secret stored at the mobile phone, said secret being stored with an identifier so as to be retrievable when the unique user input is received again by the mobile phone;
receiving at the mobile phone from a remote computer-based station a first communication comprising a request for user credentials of the user of the computing device, said first communication including the identifier associated with the secret;
responsive to said receiving, the mobile phone prompting a user via a user interface for the user input, verifying said unique user input, and transmitting to the remote computer-based station a second communication encoded using the secret.
1 Assignment
Litigations
0 Petitions
Accused Products
Abstract
A security application for a computing device, e.g., a mobile phone, allows generation of a secret according to a unique user input (e.g., user credentials). The secret is stored in a directory such that it is retrievable when the unique user input is received via a user interface of a device on which the security application executes or is coupled with. Responsive to receiving an identifier associated with the secret, the security application prompts, e.g., via a user interface of the mobile phone, entry of the unique user input; and, subsequently, verifies the unique user input. Following such verification, the security application provides the secret for use in encoding a communication with a remote computer-based station. Entry of the user credentials may be required prior to the security application generating the secret, and may be responsive to receipt of an invitation (e.g., from the remote computer-based station) to generate it.
67 Citations
19 Claims
-
1. A method for authenticating a user, comprising:
-
receiving, by an application running on a mobile phone, a unique user input and generating by said application a secret based upon said unique user input, storing said secret stored at the mobile phone, said secret being stored with an identifier so as to be retrievable when the unique user input is received again by the mobile phone; receiving at the mobile phone from a remote computer-based station a first communication comprising a request for user credentials of the user of the computing device, said first communication including the identifier associated with the secret; responsive to said receiving, the mobile phone prompting a user via a user interface for the user input, verifying said unique user input, and transmitting to the remote computer-based station a second communication encoded using the secret. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for authenticating a user, comprising:
-
receiving, by an application running on a mobile phone, a unique user input and generating by said application a secret based upon said unique user input, storing said secret stored at the mobile phone, said secret being stored in an encrypted form and with an identifier so as to be retrievable when the unique user input is received again by the mobile phone; receiving at the mobile phone from a remote computer-based station a first communication, said first communication including the identifier associated with the secret; responsive to said receiving, the mobile phone prompting a user via a user interface for the user input, verifying said unique user input, and transmitting to the remote computer-based station a second communication encoded using the secret. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method for authenticating a user, comprising:
-
receiving, by an application running on a mobile phone, a unique user input and generating by said application a secret based upon said unique user input, storing said secret stored at the mobile phone, said secret being stored with an identifier so as to be retrievable when the unique user input is received again by the mobile phone; receiving at the mobile phone from a remote computer-based station a first communication, said first communication including the identifier associated with the secret; responsive to said receiving, the mobile phone prompting a user via a user interface for the user input, verifying said unique user input, and transmitting to the remote computer-based station a second communication encoded using the secret, wherein the first and second communications comprise two related communications of a communication session. - View Dependent Claims (17, 18, 19)
-
Specification