Multifactor authentication with changing unique values

US 20100153451A1
Filed: 12/16/2008
Published: 06/17/2010
Est. Priority Date: 12/16/2008
Status: Active Grant

First Claim

Patent Images

1. A method for multifactor authentication having changing unique values, comprising the steps of:

maintaining an access history database of transactions made by a user;

maintaining a client device history log on an input device;

receiving a request for a transaction from the input device;

causing the input device to select a subset from the client device history log;

sending the subset along with the request to an authentication server;

comparing the subset to the access history database;

proceeding with the transaction when a match is found between the subset and the access history database; and

terminating the transaction when no match is found between the subset and the access history database.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of authentication includes the steps of providing a transaction service provider having a secure server; providing a user; requesting access authorization to the server of the service provider by the user, the server storing a set of use parameters obtained from the authorization access request, the use parameters including at least several prior location coordinates, methods of access, transaction information and access hardware used during the authentication to be used by the transaction service provider in subsequent requests by the user to access the server, the use parameters used in the authentication to be continually updated with the most recent data.

64 Citations

View as Search Results

9 Claims

1. A method for multifactor authentication having changing unique values, comprising the steps of:
- maintaining an access history database of transactions made by a user;
  
  maintaining a client device history log on an input device;
  
  receiving a request for a transaction from the input device;
  
  causing the input device to select a subset from the client device history log;
  
  sending the subset along with the request to an authentication server;
  
  comparing the subset to the access history database;
  
  proceeding with the transaction when a match is found between the subset and the access history database; and
  
  terminating the transaction when no match is found between the subset and the access history database.
- View Dependent Claims (2, 3)
- - 2. A method according to claim 1, wherein the step of proceeding further comprises the steps of:
    - updating the client device history log in the client device with a record of the transaction; and
      
      updating the access history database with the record of the transaction.
  - 3. A method according to claim 2, wherein the access history database includes, for each transaction, a device ID, an account, a password associated with the account, a date of the transaction, a time of the transaction, a location of the transaction, a service location, a service type, and a biometric ID of the user.

4. A computer program product for multifactor authentication having changing unique values, said computer program product comprising:
- a computer readable medium;
  
  first program instructions to maintain an access history database of transactions made by a user;
  
  second program instructions maintain a client device history log on an input device;
  
  third program instructions to receive a request for a transaction from the input device;
  
  fourth program instructions to cause the input device to select a subset from the client device history log;
  
  fifth program instructions to send the subset along with the request to an authentication server;
  
  sixth program instructions to compare the subset to the access history database;
  
  seventh program instructions to proceed with the transaction when a match is found between the subset and the access history database;
  
  eighth program instructions to terminate the transaction when no match is found between the subset and the access history database;
  
  wherein said first, second, third, fourth, fifth, sixth, seventh, and eighth program instructions are stored on said computer readable media.
- View Dependent Claims (5, 6)
- - 5. A computer program product according to claim 4, further comprising:
    - ninth program instructions to update the client device history log in the client device with a record of the transaction; and
      
      tenth program instructions to update the access history database with the record of the transaction;
      
      wherein said first, second, third, fourth, fifth, sixth, seventh, eighth, ninth, and tenth program instructions are stored on said computer readable media.
  - 6. A computer program product according to claim 5, wherein the access history database includes, for each transaction, a device ID, an account, a password associated with the account, a date of the transaction, a time of the transaction, a location of the transaction, a service location, a service type, and a biometric ID of the user.

7. A system which performs multifactor authentication with changing unique values, comprising:
- an access history database of transactions made by a user;
  
  a client device history log on an input device;
  
  means for receiving a request for a transaction from the input device;
  
  means for causing the input device to select a subset from the client device history log;
  
  means for sending the subset along with the request to an authentication server;
  
  means for comparing the subset to the access history database;
  
  means for proceeding with the transaction when a match is found between the subset and the access history database; and
  
  means for terminating the transaction when no match is found between the subset and the access history database.
- View Dependent Claims (8, 9)
- - 8. A system according to claim 7, further comprising:
    - means for updating the client device history log in the client device with a record of the transaction; and
      
      means for updating the access history database with the record of the transaction.
  - 9. A system according to claim 8, wherein the access history database includes, for each transaction, a device ID, an account, a password associated with the account, a date of the transaction, a time of the transaction, a location of the transaction, a service location, a service type, and a biometric ID of the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Kelley, Edward E., Motika, Franco, Delia, Wayne M.

Granted Patent

US 8,095,519 B2
Time in Patent Office

Days
Field of Search
US Class Current

707/781
CPC Class Codes

G06F 21/316   by observing the pattern of...

G06Q 20/3224   Transactions dependent on l...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4014   Identity check for transact...

Multifactor authentication with changing unique values

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

64 Citations

9 Claims

Specification

Use Cases

Quick Links

Others

Multifactor authentication with changing unique values

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

9 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others