Secure remote authentication through an untrusted network
First Claim
1. A method for securely authenticating a user of a portable consumer device, said method comprising:
- receiving from an access device a dynamic data element and a first set of transactional information;
creating an authentication code as a function of at least a password, the dynamic data element, and a subset of the first set of transactional information; and
sending the authentication code to the access device, wherein the access device uses the authentication code to authenticate the user by sending an authentication request message to a service provider, wherein the authentication request message contains at least the authentication code and additional information sufficient to allow the service provider to recreate the authentication code, and wherein the service provider responds to the authentication request message by sending an authentication response message indicating if the recreated authentication code corresponds to the authentication code sent in the authentication request message,wherein the password is a small value password for a transaction value below a threshold amount, the small value password being stored in the portable consumer device, thereby allowing the small value password to be used without having to be manually entered into the portable consumer device each time the small value password is used.
0 Assignments
0 Petitions
Accused Products
Abstract
A method for securely authenticating a user of a portable consumer device at an access device comprising the following steps. First, a dynamic data element and a first set of transactional information is sent to the portable consumer device from the access device. Next, the portable consumer device creates an authentication code as a function of at least the dynamic data element, a subset of the first set of transactional information, and a password. The authentication code, along with other data, is then sent from the portable consumer device back to the access device. The access device then uses the authentication code to send an authentication request message to the service provider of the user. The service provider then attempts to authenticate the user by recreating the authentication code and comparing the recreated authentication code with the authentication code received from the access device.
33 Citations
18 Claims
-
1. A method for securely authenticating a user of a portable consumer device, said method comprising:
-
receiving from an access device a dynamic data element and a first set of transactional information; creating an authentication code as a function of at least a password, the dynamic data element, and a subset of the first set of transactional information; and sending the authentication code to the access device, wherein the access device uses the authentication code to authenticate the user by sending an authentication request message to a service provider, wherein the authentication request message contains at least the authentication code and additional information sufficient to allow the service provider to recreate the authentication code, and wherein the service provider responds to the authentication request message by sending an authentication response message indicating if the recreated authentication code corresponds to the authentication code sent in the authentication request message, wherein the password is a small value password for a transaction value below a threshold amount, the small value password being stored in the portable consumer device, thereby allowing the small value password to be used without having to be manually entered into the portable consumer device each time the small value password is used. - View Dependent Claims (2, 3, 4, 5, 6, 7, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
8. A non-transitory computer-readable medium comprising code executable by a processor, for implementing a method comprising:
-
receiving from an access device a dynamic data element and a first set of transactional information; creating an authentication code as a function of at least a password, the dynamic data element, and a subset of the first set of transactional information; and sending the authentication code to the access device, wherein the access device uses the authentication code to authenticate a user by sending an authentication request message to a service provider, wherein the authentication request message contains at least the authentication code and additional information sufficient to allow the service provider to recreate the authentication code, and wherein the service provider responds to the authentication request message by sending an authentication response message indicating if the recreated authentication code corresponds to the authentication code sent in the authentication request message, wherein the password is a small value password for a transaction value below a threshold amount, the small value password being stored in the portable consumer device, thereby allowing the small value password to be used without having to be manually entered into the portable consumer device each time the small value password is used.
-
-
9. A cellular phone with a processor and a non-transitory computer-readable medium, the computer readable medium comprising code executable by the processor, for implementing a method comprising:
-
receiving from an access device a dynamic data element and a first set of transactional information; creating an authentication code as a function of at least a password, the dynamic data element, and a subset of the first set of transactional information; and sending the authentication code to the access device, wherein the access device uses the authentication code to authenticate a user by sending an authentication request message to a service provider, wherein the authentication request message contains at least the authentication code and additional information sufficient to allow the service provider to recreate the authentication code, and wherein the service provider responds to the authentication request message by sending an authentication response message indicating if the recreated authentication code corresponds to the authentication code sent in the authentication request message, wherein the password is a small value password for a transaction value below a threshold amount, the small value password being stored in the portable consumer device, thereby allowing the small value password to be used without having to be manually entered into the portable consumer device each time the small value password is used.
-
Specification