Bidirectional authentication

US 9,887,996 B1
Filed: 09/22/2016
Issued: 02/06/2018
Est. Priority Date: 10/13/2014
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

generating a token, via a device having a hardware processor, in response to receiving a communication request from an electronic entity, wherein the token comprises at least two of biometric data associated with a user of the device, a personal identification number (PIN), an alphanumeric value, a code word, a pass phrase, and a security question;

transmitting the generated token to the electronic entity; and

receiving notification that the token was received by the electronic entity, wherein the notification is employed to establish a communication channel between the device and the electronic entity.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, and other embodiments associated with bidirectional authentication are described herein. According to one embodiment, a method includes a user receiving a communication from an entity. In response to receiving the communication from the entity, the method further includes generating a token. The token may be a one-time passcode, personal identification number (PIN), alphanumeric value, code word, pass phrase, or security question. The token is received by a device of the user. Additionally, the token is transmitted to the entity. The user may then receive evidence of the token from the entity.

Citations

20 Claims

1. A method, comprising:
- generating a token, via a device having a hardware processor, in response to receiving a communication request from an electronic entity, wherein the token comprises at least two of biometric data associated with a user of the device, a personal identification number (PIN), an alphanumeric value, a code word, a pass phrase, and a security question;
  
  transmitting the generated token to the electronic entity; and
  
  receiving notification that the token was received by the electronic entity, wherein the notification is employed to establish a communication channel between the device and the electronic entity.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the notification includes the token, a portion of the token, or a response to the token.
  - 3. The method of claim 1, further comprising:
    - requesting, via the device, that the electronic entity respond with evidence of receipt of the token.
  - 4. The method of claim 1, further comprising:
    - registering the device with the electronic entity, wherein registration associates the device with the user.
  - 5. The method of claim 1, wherein the communication request is received on a communication channel that is a first digital channel, and wherein the token is transmitted on an authentication channel that is a second digital channel.
  - 6. The method of claim 5, wherein the first digital channel is different from the second digital channel.
  - 7. The method of claim 1, wherein the token is a one-time passcode.

8. A non-transitory computer-readable medium storing computer-executable instructions that when executed by a computer cause the computer to perform a method, the method comprising:
- initiating a communication request via an electronic entity having a hardware processor;
  
  receiving a request to generate a token;
  
  generating a token that comprises biometric data and a variable component, wherein the biometric data is associated with a user of a device;
  
  transmitting the generated token to the electronic entity; and
  
  establishing a communication channel between the electronic entity and the device based at least in part upon receipt of the generated token at the electronic entity.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The method of claim 8, further comprising:
    - registering the user in association with the device.
  - 10. The method of claim 9, wherein registering the user further comprising:
    - storing at least one of user data and device data.
  - 11. The method of claim 8, further comprising:
    - receiving a request to verify the token; and
      
      transmitting evidence of verification of the token to the device.
  - 12. The method of claim 11, wherein the evidence is the token, a portion of the token, or a response to the token.
  - 13. The method of claim 8, wherein the token comprises a personal identification number (PIN), an alphanumeric value, a code word, a pass phrase, or a security question.

14. A system, the system comprising:
- a token logic configured to;
  
  generate a token in response to receiving a communication between the token logic and an entity, wherein the token includes biometric data, and a personal identification number (PIN), an alphanumeric value, a code word, a pass phrase, or a security question, wherein the biometric data identifies a user of the device, andtransmit the token to the entity; and
  
  a communication logic configured to establish a communication channel between the device and the entity and to send and receive communication between the device and the entity, wherein the communication channel is established, at least in part, based upon receipt of the generated token at the electronic entity.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The system of claim 14, further comprising:
    - a registration interface configured to facilitate registration of the device with the entity, wherein the registration associates the device to the user.
  - 16. The system of claim 14, wherein the registration interface is further configured to transmit the token to a registration logic of the entity.
  - 17. The system of claim 14, wherein the communication channel is a first digital channel, and wherein the token is transmitted on authentication channel that is a second digital channel.
  - 18. The system of claim 17, wherein the first digital channel is different from the second digital channel.
  - 19. The system of claim 16, wherein the registration logic is configured to associate multiple users with the device.
  - 20. The system of claim 14, wherein the communication logic is further configured to receive evidence of the token from the entity, wherein the evidence includes the token, a portion of the token, or a response to the token.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wells Fargo Bank NA (Wells Fargo & Company)
Original Assignee
Wells Fargo Bank NA (Wells Fargo & Company)
Inventors
Clausen, Christopher Phillip, Lepage, Lisa Michelle, Suen, Darrell Lee, Cornman, Jeffrey A.
Primary Examiner(s)
Revak, Christopher

Application Number

US15/272,609
Time in Patent Office

502 Days
Field of Search

None
US Class Current
CPC Class Codes

G06Q 10/10   Office automation; Time man...

G06Q 50/265   Personal security, identity...

H04L 63/0838   using one-time-passwords

H04L 63/0861   using biometrical features,...

H04L 63/0869   for achieving mutual authen...

Bidirectional authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Bidirectional authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links