Authentication services using mobile device

US 7,606,560 B2
Filed: 03/24/2006
Issued: 10/20/2009
Est. Priority Date: 08/08/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method, comprising:

authenticating a mobile device communicably connectable to a wireless network by an authentication parameter from a secure transaction server (STS), as a mobile device authenticator;

providing an STS correlation between a personal identification entry (PIE) and the mobile device authenticator; and

providing an authentication function upon a user attempting an access to a provider as an action with the provider, the provider including a physical environment, a computer system, or any combinations thereof, according to one or more authentication services including an authentication service of;

receiving by the STS, a provider authentication request, in response to the user attempted access to the provider computer system,transmitting by the STS a transaction token to the provider computer system, in response to the received provider authentication request,inputting, by a user, the PIE and the transaction token, to the mobile device authenticator to transmit a transformed secure user authenticable authorization request to the STS over the wireless network as a user authorization of the action with the provider, based upon the PIE, the transaction token and the authentication parameter,verifying, by the STS, the provider authentication request and the user authorization to access the provider,transmitting, by the STS, a user authentication result to the provider computer system, according to the verifying, andauthorizing the user access to the provider computer system, according to the user authentication result transmitted from the STS.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, and an apparatus performing the method, is provided by authenticating a mobile device communicably connectable to a wireless network by an authentication parameter from a secure transaction server (STS), as a mobile device authenticator; providing an STS correlation between a personal identification entry (PIE) and the mobile device authenticator; and inputting, by a user, the PIE and a provider action, to the mobile device authenticator to transmit a transformed secure user authenticable authorization request to the STS over the wireless network to authorize an action with a provider.

710 Citations

20 Claims

1. A method, comprising:
- authenticating a mobile device communicably connectable to a wireless network by an authentication parameter from a secure transaction server (STS), as a mobile device authenticator;
  
  providing an STS correlation between a personal identification entry (PIE) and the mobile device authenticator; and
  
  providing an authentication function upon a user attempting an access to a provider as an action with the provider, the provider including a physical environment, a computer system, or any combinations thereof, according to one or more authentication services including an authentication service of;
  
  receiving by the STS, a provider authentication request, in response to the user attempted access to the provider computer system,transmitting by the STS a transaction token to the provider computer system, in response to the received provider authentication request,inputting, by a user, the PIE and the transaction token, to the mobile device authenticator to transmit a transformed secure user authenticable authorization request to the STS over the wireless network as a user authorization of the action with the provider, based upon the PIE, the transaction token and the authentication parameter,verifying, by the STS, the provider authentication request and the user authorization to access the provider,transmitting, by the STS, a user authentication result to the provider computer system, according to the verifying, andauthorizing the user access to the provider computer system, according to the user authentication result transmitted from the STS.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method according to claim 1, wherein the user attempted access to the provider computer system comprises submitting a single manipulation action request to the provider computer system.
  - 3. The method according to claim 1, wherein the mobile device authenticator is a mobile phone communicably connectable with a mobile phone network, wireless Internet, or any combinations thereof, as the wireless network, and the method further comprises:
    - associating, by the provider computer system, a user password and username for accessing the computer system with a mobile phone number of the mobile phone, andinputting by the user only the mobile phone number at the provider computer system in the attempted access to the provider computer system.
  - 4. The method according to claim 1, wherein another authentication service comprises:
    - providing a login function to the provider computer system using a username and password in place of transmitting the transaction token, andauthorizing the action with the provider based upon the user inputting the PIE and the provider action, to the mobile device authenticator to transmit the transformed secure user authenticable authorization request to the STS over the wireless network.
  - 5. The method according to claim 1, wherein the wireless network is Internet, and the method further comprises:
    - logging, by the STS, Internet Protocol (IP) address of a plurality of mobile device authenticators that transmit user authenticable authorization requests to the STS,wherein the STS verifying further comprises comparing the IP address of each mobile device authenticator with a corresponding authentication parameter.
  - 6. The method according to claim 1, wherein the transmitting of the user authentication result to the provider computer system further comprises transmitting, by the STS, a verification code to the mobile device authenticator and to the provider computer system,wherein the provider computer system authorizes access in response to the STS user authentication result and user input of the verification code.
  - 7. The method according to claim 1, wherein the provider computer system comprises an Internet web site login web page, and the transaction token is displayed on the login web page as a Completely Automated Public Turing Test To Tell Computers And Humans Apart (CAPTSHA).
  - 8. The method according to claim 1, wherein the mobile device authenticator is a mobile phone communicably connectable with a mobile phone network, or wireless Internet, or any combinations thereof, as the wireless network.
  - 9. The method according to claim 1, wherein the PIE is a 4 or more digit personal identification number, biometric information of the user, or any combinations thereof.
  - 10. The method according to claim 1, wherein the transformed secure user authenticable authorization request to the STS over the wireless network is a user payment authorization, and the method further comprises:
    - verifying, by the STS, a provider payment request and the user payment authorization; and
      
      settling by the STS the payment to the provider.
  - 11. The method according to claim 1, wherein the provider computer system is an automated teller machine (ATM), or a website, or any combinations thereof.
  - 12. The method according to claim 1, wherein the transformed secure user authenticable authorization request to the STS over the wireless network is according to Universal Pervasive Transaction Framework Secure Agreement Submission (UPTF SAS) protocol.
  - 13. The method according to claim 1, wherein the transformed secure user authenticable authorization request is a time-dependent and authentication parameter dependent user key, and another authentication service further comprises:
    - presenting, by the user, the user key to the provider;
      
      transmitting, by the provider, the user key to the STS;
      
      generating, by the STS, an STS-generated user key for a current time, in response to receipt of the provider-submitted user key;
      
      verifying a match between the STS-generated user key and the provider-submitted user key; and
      
      authenticating, by the STS, the user for the provider, according to the verifying.
  - 14. The method according to claim 1,wherein the generated transformed secure user authenticable authorization request is a user generated authentication token, based upon the PIE, the transaction token and the authentication parameter, and another authentication service comprises:
    - presenting, by the user, the user generated authentication token at the provider;
      
      transmitting, by the provider, the user generated authentication token to the STS;
      
      generating, by the STS, an STS-generated user authentication token, in response to receipt of the provider-submitted user generated authentication token;
      
      verifying a match between the STS-generated user authentication token and the provider-submitted user generated authentication token; and
      
      authenticating, by the STS, the user for the provider, according to the verifying.
  - 15. The computer system according to claim 1, wherein the generated transformed secure user authenticable authorization request is a user generated authentication token, based upon the PIE, the transaction token and the authentication parameter, and wherein the provider computer system provides another authentication service by:
    - requesting the user to present the user generated authentication token at the provider;
      
      transmitting the user generated authentication token to the STS; and
      
      receiving an authentication result from the STS based upon verifying a match between the STS-generated user authentication token and the provider-submitted user generated authentication token.

16. A computer system, comprising:
- a secure transaction server (STS) authenticating a mobile device communicably connectable to a wireless network by an authentication parameter as a mobile device authenticator, and providing a correlation between a personal identification entry (PIE) and the mobile device authenticator; and
  
  a provider computer system providing an authentication function upon a user attempting an access to the provider as an action with the provider, the provider including a physical environment, a computer system, or any combinations thereof, according to one or more authentication services including an authentication service of;
  
  providing to the STS a provider authentication request, in response to the user attempted access to the provider computer system,receiving from the STS a transaction token, in response to the received provider authentication request,requesting a user to input the PIE and the transaction token, to the mobile device authenticator to transmit a transformed secure user authenticable authorization request to the STS over the wireless network as a user authorization of the action with the provider, based upon the PIE, the transaction token and the authentication parameter,receiving from the STS a user authentication result, based upon verifying, by the STS, the provider authentication request and the user authorization to access the provider, andauthorizing the user access to the provider computer system, according to the user authentication result received from the STS.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The computer system according to claim 16, wherein the authentication service further includes prompting the user to submit a single manipulation action request to the provider computer system as the user attempted access to the provider computer system.
  - 18. The computer system according to claim 16, wherein the mobile device authenticator is a mobile phone communicably connectable with a mobile phone network, wireless Internet, or any combinations thereof, as the wireless network, and the authentication service of the provider computer system further comprises:
    - associating, by the provider computer system, a user password and username for accessing the computer system with a mobile phone number of the mobile phone, andprompting the user to input only the mobile phone number at the provider computer system in the attempted access to the provider computer system.
  - 19. The computer system according to claim 16, wherein the provider computer system provides another authentication service comprising:
    - providing a login function to the provider computer system using a username and password in place of transmitting the transaction token, andauthorizing the action with the provider based upon the user inputting the PIE and the provider action, to the mobile device authenticator to transmit the transformed secure user authenticable authorization request to the STS over the wireless network.
  - 20. The computer system according to claim 16, wherein the transformed secure user authenticable authorization request is a time-dependent and authentication parameter dependent user key, and the provider computer system provides another authentication service by:
    - requesting the user to present the user key to the provider;
      
      transmitting the user key to the STS; and
      
      receiving an authentication result from the STS based upon verifying a match between an STS-generated user key for a current time and the transmitted provider-submitted user key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PCMS Holdings Incorporated (InterDigital, Inc.)
Original Assignee
Fujitsu Limited
Inventors
Agre, Jonathan Russell, Labrou, Yannis
Primary Examiner(s)
Le; Danh C

Application Number

US11/388,202
Publication Number

US 20060206709A1
Time in Patent Office

1,306 Days
Field of Search

455/411, 455/410, 455/414.1, 455/423, 455/67.11, 713/172, 705/50, 370/245, 370/328, 370/338, 709/224
US Class Current

455/411
CPC Class Codes

G06Q 20/18   involving self-service term...

G06Q 20/4014   Identity check for transact...

G07F 19/211   Software architecture withi...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04W 12/069   using certificates or pre-s...

H04W 8/26   Network addressing or numbe...

H04W 88/02   Terminal devices

Authentication services using mobile device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

710 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication services using mobile device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

710 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links