Solicited authentication of a specific user
First Claim
1. A method of securely directing private information to a recipient via a messaging system, the method comprising:
- transmitting a first message to the recipient, the first message including a recipient-specific resource locator;
responsive to a retrieval using the recipient-specific resource locator, authenticating identity of the recipient and thereafter supplying the private information to the recipient; and
prior to the transmitting of the first message, receiving from a sender of the private information at least one criterion for authenticating identity of the recipient, wherein the criterion identifies a type of authentication information for verification against a third-party information service, but does not specify the particular information with which identity of the recipient is to be authenticated, and wherein the authenticating includes verifying information received from the recipient using the third-party information service.
3 Assignments
0 Petitions
Accused Products
Abstract
Secure web-based messaging according to a “push” paradigm is augmented by specific, intended recipient authentication. In particular, a document can be sent to a specified, intended recipient through the Web using e-mail recipient notification, and the recipient is authenticated prior to delivering the document to the recipient. Such authentication prevents a cracker from snooping a delivery notification e-mail message and retrieving the document prior to retrieval by the true intended recipient. In addition, such authentication of the recipient is driven by the sender such that prior participation by the recipient in the messaging system according to the present invention is required.
17 Citations
9 Claims
-
1. A method of securely directing private information to a recipient via a messaging system, the method comprising:
-
transmitting a first message to the recipient, the first message including a recipient-specific resource locator; responsive to a retrieval using the recipient-specific resource locator, authenticating identity of the recipient and thereafter supplying the private information to the recipient; and prior to the transmitting of the first message, receiving from a sender of the private information at least one criterion for authenticating identity of the recipient, wherein the criterion identifies a type of authentication information for verification against a third-party information service, but does not specify the particular information with which identity of the recipient is to be authenticated, and wherein the authenticating includes verifying information received from the recipient using the third-party information service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification