Solicited authentication of a specific user

US 7,356,834 B2
Filed: 01/23/2004
Issued: 04/08/2008
Est. Priority Date: 08/31/1999
Status: Expired due to Term

First Claim

Patent Images

1. A method of securely directing private information to a recipient via a messaging system, the method comprising:

transmitting a first message to the recipient, the first message including a recipient-specific resource locator;

responsive to a retrieval using the recipient-specific resource locator, authenticating identity of the recipient and thereafter supplying the private information to the recipient; and

prior to the transmitting of the first message, receiving from a sender of the private information at least one criterion for authenticating identity of the recipient, wherein the criterion identifies a type of authentication information for verification against a third-party information service, but does not specify the particular information with which identity of the recipient is to be authenticated, and wherein the authenticating includes verifying information received from the recipient using the third-party information service.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Secure web-based messaging according to a “push” paradigm is augmented by specific, intended recipient authentication. In particular, a document can be sent to a specified, intended recipient through the Web using e-mail recipient notification, and the recipient is authenticated prior to delivering the document to the recipient. Such authentication prevents a cracker from snooping a delivery notification e-mail message and retrieving the document prior to retrieval by the true intended recipient. In addition, such authentication of the recipient is driven by the sender such that prior participation by the recipient in the messaging system according to the present invention is required.

17 Citations

View as Search Results

9 Claims

1. A method of securely directing private information to a recipient via a messaging system, the method comprising:
- transmitting a first message to the recipient, the first message including a recipient-specific resource locator;
  
  responsive to a retrieval using the recipient-specific resource locator, authenticating identity of the recipient and thereafter supplying the private information to the recipient; and
  
  prior to the transmitting of the first message, receiving from a sender of the private information at least one criterion for authenticating identity of the recipient, wherein the criterion identifies a type of authentication information for verification against a third-party information service, but does not specify the particular information with which identity of the recipient is to be authenticated, and wherein the authenticating includes verifying information received from the recipient using the third-party information service.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1,wherein, prior to transmission of the first message, the recipient has not been enrolled for access to the private information.
  - 3. The method of claim 1, further comprising:
    - enrolling the recipient for subsequent access to private information after identity of the recipient has been authenticated.
  - 4. The method of claim 1,wherein the supplying includes transmitting a second message that verifies enrollment of the recipient and includes a second resource locator by which the recipient may retrieve the private information.
  - 5. The method of claim 1,wherein the supplying includes delivering the private information in response to a retrieval by the authenticated recipient.
  - 6. The method of claim 1,wherein the third-party information service includes a credit card authorization server.
  - 7. The method of claim 1, further comprising:
    - communicating at least some of the information received from the recipient to the third-party information service; and
      
      receiving verification from the third-party information service.
  - 8. The method of claim 1,wherein the criterion specifies authentication information known, or separately communicated to, the intended recipient but generally unknown to others;
    - andwherein the authenticating includes verifying information received from the recipient against the authentication information received from the sender.
  - 9. The method of claim 1,wherein the first message is an e-mail message;
    - wherein the private information includes a document encoding; and
      
      wherein the resource locator includes an URL and the authenticating is performed using a dialog that is at least initiated using content supplied to the recipient based on the URL.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Axway Incorporated (Axway Software SA)
Original Assignee
Tumbleweed Communications Corporation (Axway Software SA)
Inventors
Bandini, Jean-Christophe, Smith, Jeffrey C.
Primary Examiner(s)
Song, Hosuk

Application Number

US10/763,968
Publication Number

US 20040153645A1
Time in Patent Office

1,537 Days
Field of Search

726 2- 4, 705/64, 705/67, 705/78, 713/168
US Class Current

726/2
CPC Class Codes

H04L 51/08   Annexed information, e.g. a...

H04L 51/224   providing notification on i...

H04L 63/08   for authentication of entit...

Solicited authentication of a specific user

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

17 Citations

9 Claims

Specification

Use Cases

Quick Links

Others

Solicited authentication of a specific user

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

17 Citations

9 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others