SYSTEM AND METHOD FOR VERIFYING USER IDENTITY IN A VIRTUAL ENVIRONMENT
First Claim
Patent Images
1. A computer-implemented method of providing third party user authentication for a first party user attempting to access a network service provided by a second party, said method comprising:
- registering a network service;
registering a user device with a first user;
generating a first encryption key associated with the user device;
receiving a first encrypted check message from the user device;
receiving a second encrypted check message from the network service;
decrypting the first check message and the second check message using the first encryption key;
comparing timestamps included in the first check message and the second check message;
authorizing at least one of a network access or a transaction between the first user and the network service based at least in part on a difference between the timestamps being less than a threshold; and
sending an authorization message to the network service based on said authorizing.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods for verifying user identity in a virtual environment are provided that may include the use of a trusted third party to perform identity verification. Devices may be configured such that the device is unalterably bound to a particular user via biometric data stored on the device and/or with the third party.
42 Citations
20 Claims
-
1. A computer-implemented method of providing third party user authentication for a first party user attempting to access a network service provided by a second party, said method comprising:
-
registering a network service; registering a user device with a first user; generating a first encryption key associated with the user device; receiving a first encrypted check message from the user device; receiving a second encrypted check message from the network service; decrypting the first check message and the second check message using the first encryption key; comparing timestamps included in the first check message and the second check message; authorizing at least one of a network access or a transaction between the first user and the network service based at least in part on a difference between the timestamps being less than a threshold; and sending an authorization message to the network service based on said authorizing. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of registering a secure identity device, comprising:
-
receiving an authorization proof message from an authorizing agent, the authorization proof message including an authorization device identifier, location information, and a timestamp; receiving a composite proof message via the user device, the composite proof message including a unique device identifier, an encrypted version of the authorization proof message, and a timestamp; generating a first encryption key associated with the user device based at least in part on a comparison of the authorization proof message and the composite proof message; and sending the first encryption key to at least one of the authorizing agent and the user device. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A secure identity user device, comprising:
-
a processor, memory including instructions configured to; establish local communication with an authorization device; receive an authorization proof message from the authorization device, the authorization proof message including an authorization device identifier, location information, and a timestamp; generate a composite proof message including a unique user device identifier, an encrypted version of the authorization proof message, and a timestamp; send the composite proof message to an authorization service; receive a first encryption key via at least one of the authorization device and the device authorization service; and authenticate the user device with a second party service provider including; encrypt a first check message using the first encryption key; encrypt a second check message using the first encryption key; send the first check message to the authorization service; send the second check message to the service provider; wherein, the first check message and the second check message include the user device identifier and a timestamp. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification