METHOD FOR SECURE USER AND TRANSACTION AUTHENTICATION AND RISK MANAGEMENT

US 20160156620A1
Filed: 02/04/2016
Published: 06/02/2016
Est. Priority Date: 01/27/2010
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a user on a network, comprising:

receiving, by a security server, a request of a network site to have a user authenticated and first information;

calculating, by the security server, a one-time-password based on the first information shared by the security server and the network site, but not by the user, wherein the one-time-password is independently verifiable by the network site or the security server based on the first information; and

transmitting, by the security server to a window displayed on a first network device of the user, the calculated one-time-password being for entry by the user onto a network page associated with the network site and displayed on a second network device of the user, and for subsequent verification by the network site to thereby authenticate the user.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

To provide a user signature on a network transaction, a security server receives transaction information representing a transaction between a network user and a network site, such as a website, directly from the network site. The security server calculates a one-time-password based on the received transaction information and a secret shared by the security server and the network site, but not by the user. The security server transmits the calculated one-time-password for application as the user'"'"'s signature on the transaction. The one-time-password is independently calculable by the network site based on the shared secret.

9 Citations

View as Search Results

20 Claims

1. A method of authenticating a user on a network, comprising:
- receiving, by a security server, a request of a network site to have a user authenticated and first information;
  
  calculating, by the security server, a one-time-password based on the first information shared by the security server and the network site, but not by the user, wherein the one-time-password is independently verifiable by the network site or the security server based on the first information; and
  
  transmitting, by the security server to a window displayed on a first network device of the user, the calculated one-time-password being for entry by the user onto a network page associated with the network site and displayed on a second network device of the user, and for subsequent verification by the network site to thereby authenticate the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 12, 13, 14)
- - 2. The method of claim 1, wherein:
    - the first user network device is of a type that is different than the second user network device.
  - 3. The method of claim 1, wherein:
    - the first user network device is a mobile smart phone; and
      
      the second user network device is a computer.
  - 4. The method of claim 1, further comprising:
    - storing, at the security server, a log of transactions between the user and the network site.
  - 5. The method of claim 4, further comprising:
    - computing, by the security server, a risk profile of the user based on the stored transactions log.
  - 6. The method of claim 5, further comprising:
    - transmitting, by the security server to a third party, the stored transactions log for risk analysis.
  - 7. The method of claim 1, wherein the one-time password is based on a time stamp.
  - 8. The method of claim 1, wherein the first information comprises the user'"'"'s phone number.
  - 9. The method of claim 1, wherein the user is authenticated using the one-time-password entered into the network site on the second network device.
  - 12. The method of claim 1, further comprising:
    - receiving a request from a first user network device to perform a transaction,wherein the one-time password is received from a second user network device.
  - 13. The method of claim 12, wherein the first user network device is of a type that is different than the second user network device
  - 14. The method of claim 13, wherein:
    - the first user network device is a mobile smart phone; and
      
      the second user network device is a computer.

10. A method of authenticating a user on a network site, comprising:
- transmitting, by a network site directly to a security server, a request to have a user authenticated;
  
  receiving first information directly from the security server;
  
  receiving, by a network page associated with the network site from a network device of the user, a one-time-password for authentication;
  
  receiving, by the network site, the one-time-password which is based on the first information shared by the security server and the network site, but not by the user;
  
  receiving second information directly from the security server;
  
  andauthenticating, by the network site, the user based on the second information.
- View Dependent Claims (11, 15)
- - 11. The method of claim 10, wherein the shared secret is not associated with any particular user.
  - 15. The method of claim 10, wherein the one-time password is based on a time stamp.

16. A method of authenticating a user on a network site, comprising:
- transmitting, by a network site directly to a security server, a request to have a user authenticated, and first information;
  
  receiving, by a network page associated with the network site from a network device of the user, a one-time-password for comparing to a calculated one-time password based on the first information shared by the security server and the network site, but not by the user;
  
  receiving, by the network site, second information based on comparing the received one-time password and the calculated one-time password; and
  
  authenticating, by the network site, the user based on the second information.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16, wherein the shared secret is not associated with any particular user.
  - 18. The method of claim 16, further comprising:
    - receiving a request from a first user network device to perform a transaction,wherein the one-time password is received from a second user network device.
  - 19. The method of claim 18, wherein the first user network device is of a type that is different than the second user network device
  - 20. The method of claim 16, wherein the one-time password is based on a time stamp.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Payfone Incorporated
Original Assignee
Authentify, Inc. (Early Warning Services, LLC)
Inventors
GANESAN, Ravi

Granted Patent

US 10,284,549 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 2463/082   applying multi-factor authe...

H04L 63/0838   using one-time-passwords

H04L 63/18   using different networks or...

H04L 63/20   for managing network securi...

H04L 9/3215   using a plurality of channe...

H04L 9/3228   One-time or temporary data,...

METHOD FOR SECURE USER AND TRANSACTION AUTHENTICATION AND RISK MANAGEMENT

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

9 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD FOR SECURE USER AND TRANSACTION AUTHENTICATION AND RISK MANAGEMENT

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

9 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links