System and method for authenticating users

US 9,876,771 B2
Filed: 01/06/2017
Issued: 01/23/2018
Est. Priority Date: 03/25/2009
Status: Active Grant

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method for authenticating a user, comprising:

receiving, by an application running on a mobile phone, a unique user input and generating by said application a secret based upon said unique user input,storing said secret stored at the mobile phone, said secret being stored with an identifier so as to be retrievable when the unique user input is received again by the mobile phone;

receiving at the mobile phone from a remote computer-based station a first communication comprising a request for user credentials of the user of the computing device, said first communication including the identifier associated with the secret;

responsive to said receiving, the mobile phone prompting a user via a user interface for the user input, verifying said unique user input, and transmitting to the remote computer-based station a second communication encoded using the secret.

View all claims

1 Assignment

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

A security application for a computing device, e.g., a mobile phone, allows generation of a secret according to a unique user input (e.g., user credentials). The secret is stored in a directory such that it is retrievable when the unique user input is received via a user interface of a device on which the security application executes or is coupled with. Responsive to receiving an identifier associated with the secret, the security application prompts, e.g., via a user interface of the mobile phone, entry of the unique user input; and, subsequently, verifies the unique user input. Following such verification, the security application provides the secret for use in encoding a communication with a remote computer-based station. Entry of the user credentials may be required prior to the security application generating the secret, and may be responsive to receipt of an invitation (e.g., from the remote computer-based station) to generate it.

67 Citations

19 Claims

1. A method for authenticating a user, comprising:
- receiving, by an application running on a mobile phone, a unique user input and generating by said application a secret based upon said unique user input,storing said secret stored at the mobile phone, said secret being stored with an identifier so as to be retrievable when the unique user input is received again by the mobile phone;
  
  receiving at the mobile phone from a remote computer-based station a first communication comprising a request for user credentials of the user of the computing device, said first communication including the identifier associated with the secret;
  
  responsive to said receiving, the mobile phone prompting a user via a user interface for the user input, verifying said unique user input, and transmitting to the remote computer-based station a second communication encoded using the secret.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the secret comprises an encryption key and is stored along with other information and the identifier is used to distinguish the encryption key from the other information.
  - 3. The method of claim 1, wherein the other information comprises decoy encryption keys.
  - 4. The method of claim 1, wherein the secret is stored in an encrypted format.
  - 5. The method of claim 1, wherein the unique user input comprises user credentials.
  - 6. The method of claim 5, further comprising receiving at the computing device an invitation to create the secret prior to generating the secret.
  - 7. The method of claim 6, wherein the invitation to create the secret is received from the remote computer-based station.
  - 8. The method of claim 1, wherein the first and second communications comprise two related communications of a communication session.

9. A method for authenticating a user, comprising:
- receiving, by an application running on a mobile phone, a unique user input and generating by said application a secret based upon said unique user input,storing said secret stored at the mobile phone, said secret being stored in an encrypted form and with an identifier so as to be retrievable when the unique user input is received again by the mobile phone;
  
  receiving at the mobile phone from a remote computer-based station a first communication, said first communication including the identifier associated with the secret;
  
  responsive to said receiving, the mobile phone prompting a user via a user interface for the user input, verifying said unique user input, and transmitting to the remote computer-based station a second communication encoded using the secret.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The method of claim 9, wherein the secret comprises an encryption key and is stored along with other information and the identifier is used to distinguish the encryption key from the other information.
  - 11. The method of claim 9, wherein the other information comprises decoy encryption keys.
  - 12. The method of claim 9, wherein the first communication comprises a request for user credentials of the user of the computing device.
  - 13. The method of claim 9, further comprising receiving at the computing device an invitation to create the secret prior to generating the secret.
  - 14. The method of claim 13, wherein the invitation to create the secret is received from the remote computer-based station.
  - 15. The method of claim 9, wherein the first and second communications comprise two related communications of a communication session.

16. A method for authenticating a user, comprising:
- receiving, by an application running on a mobile phone, a unique user input and generating by said application a secret based upon said unique user input,storing said secret stored at the mobile phone, said secret being stored with an identifier so as to be retrievable when the unique user input is received again by the mobile phone;
  
  receiving at the mobile phone from a remote computer-based station a first communication, said first communication including the identifier associated with the secret;
  
  responsive to said receiving, the mobile phone prompting a user via a user interface for the user input, verifying said unique user input, and transmitting to the remote computer-based station a second communication encoded using the secret,wherein the first and second communications comprise two related communications of a communication session.
- View Dependent Claims (17, 18, 19)
- - 17. The method of claim 16, wherein the unique user input comprises user credentials.
  - 18. The method of claim 17, further comprising receiving at the computing device an invitation to create the secret prior to generating the secret.
  - 19. The method of claim 18, wherein the invitation to create the secret is received from the remote computer-based station.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
PACid Technologies, LLC
Original Assignee
PACid Technologies, LLC
Inventors
Fielder, Guy
Primary Examiner(s)
Shaw, Brian F

Application Number

US15/399,983
Publication Number

US 20170118182A1
Time in Patent Office

382 Days
Field of Search

713168, 713193, 713181, 713165, 726 1, 726 26, 726 17, 726 21, 726 4, 380 44, 380278, 709231
US Class Current
CPC Class Codes

G06F 21/62   Protecting access to data v...

G06F 21/6209   to a single file or object,...

G06F 2221/2123   Dummy operation

H04L 2209/24   Key scheduling, i.e. genera...

H04L 2463/121   Timestamp cryptographic mec...

H04L 63/0428   wherein the data content is...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/14   using a plurality of keys o...

H05K 999/99   dummy group

System and method for authenticating users

First Claim

1 Assignment

Litigations

0 Petitions

Accused Products

Abstract

67 Citations

19 Claims

Specification

Use Cases

Quick Links

Others

System and method for authenticating users

First Claim

1 Assignment

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

67 Citations

19 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others