Authentication method

US 8,713,656 B2
Filed: 10/23/2011
Issued: 04/29/2014
Est. Priority Date: 10/23/2011
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating the identity of a requester of access to a secured resource, said method for authenticating comprising the steps of:

receiving with at least one server a request for access by an unauthorized user to a secured resource from a requester purporting to be an authorized user of said secured resource;

generating a challenge string with said at least one server, said challenge string being a random string having a plurality of symbols, wherein at least one of the symbols of the challenge string is a null character, each null character being a specially designated symbol indicating the absence from said random string of a single symbol;

communicating said challenge string to said authorized user that said requester purports to be;

receiving from said unauthorized user a response string corresponding to said challenge string;

evaluating said response string to authenticate the identity of said requester; and

wherein said at least one server comprises at least one processor coupled to at least one processor-readable medium, said at least one processor-readable medium containing a request handler component and an authenticator component.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method whereby the identity of a person, entity, device or the like attempting to gain access to a secured resource may be securely authenticated includes a means for receiving from a requester purporting to be an authorized user of a secured resource a request for access by an unauthorized user (such as, for example, a retail store, a service station, an on-line service provider or merchandiser, a healthcare provider, a medical insurer, an information consumer or the like) to the secured resource; a means for generating and communicating to the purported authorized user a challenge string adapted to provide a basis for authenticating the identity of the requester; a means for receiving a response string corresponding to the challenge string; and a means for evaluating the response string to authenticate the identity of the requester.

39 Citations

View as Search Results

20 Claims

1. A method for authenticating the identity of a requester of access to a secured resource, said method for authenticating comprising the steps of:
- receiving with at least one server a request for access by an unauthorized user to a secured resource from a requester purporting to be an authorized user of said secured resource;
  
  generating a challenge string with said at least one server, said challenge string being a random string having a plurality of symbols, wherein at least one of the symbols of the challenge string is a null character, each null character being a specially designated symbol indicating the absence from said random string of a single symbol;
  
  communicating said challenge string to said authorized user that said requester purports to be;
  
  receiving from said unauthorized user a response string corresponding to said challenge string;
  
  evaluating said response string to authenticate the identity of said requester; and
  
  wherein said at least one server comprises at least one processor coupled to at least one processor-readable medium, said at least one processor-readable medium containing a request handler component and an authenticator component.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method for authenticating the identity of a requester of access to a secured resource as recited in claim 1, said method for authenticating further comprising the step of determining from among a plurality of secured resources associated with said authorized user the identity of a single secured resource to which said requester requests access.
  - 3. The method for authenticating the identity of a requester of access to a secured resource as recited in claim 2, wherein said step of determining said single secured resource comprises sorting said plurality of secured resources by priority values.
  - 4. The method for authenticating the identity of a requester of access to a secured resource as recited in claim 2, wherein said step of determining said single secured resource comprises:
    - generating an inquiry message, said inquiry message referring to each of said plurality of secured resources by a pseudonym;
      
      transmitting said inquiry message to said authorized user;
      
      receiving a response to said inquiry message from said authorized user; and
      
      determining based upon said response to said inquiry message the identity of a single secured resource to which said requester requests access.
  - 5. The method for authenticating the identity of a requester of access to a secured resource as recited in claim 2, wherein said step of determining said single secured resource comprises generating a plurality of challenge strings, each one of said plurality of challenge strings being associated with a single one of said plurality of said secured resources.
  - 6. The method for authenticating the identity of a requester of access to a secured resource as recited in claim 1, said method for authenticating further comprising the step of determining based upon passage of time whether said response string should be deemed invalid.
  - 7. The method for authenticating the identity of a requester of access to a secured resource as recited in claim 1, said method for authenticating further comprising the step of conducting for the benefit of said unauthorized user a transaction reliant upon access to said secured resource.
  - 8. The method for authenticating the identity of a requester of access to a secured resource as recited in claim 7, said method for authenticating further comprising the steps of:
    - generating a receipt for said transaction; and
      
      transmitting said receipt to said authorized user.
  - 9. The method for authenticating the identity of a requester of access to a secured resource as recited in claim 7, wherein said transaction comprises providing a financial benefit.
  - 10. The method for authenticating the identity of a requester of access to a secured resource as recited in claim 9, wherein said secured resource comprises a payment resource selected from the group consisting of:
    - a credit card account;
      
      a banking account; and
      
      an automated teller machine account.
  - 11. The method for authenticating the identity of a requester of access to a secured resource as recited in claim 9, wherein said unauthorized user comprises a vendor selected from the group consisting of:
    - a retail store;
      
      a service station;
      
      an on-line service provider; and
      
      an on-line merchandiser.
  - 12. The method for authenticating the identity of a requester of access to a secured resource as recited in claim 7, wherein said secured resource comprises a medical record.
  - 13. The method for authenticating the identity of a requester of access to a secured resource as recited in claim 12, wherein said unauthorized user comprises an information consumer selected from the group consisting of:
    - a healthcare provider;
      
      and a medical insurer.
  - 14. The method for authenticating the identity of a requester of access to a secured resource as recited in claim 7, wherein said secured resource comprises an information product.
  - 15. The method for authenticating the identity of a requester of access to a secured resource as recited in claim 14, wherein said information product comprises a credit data.
  - 16. The method for authenticating the identity of a requester of access to a secured resource as recited in claim 1, said method for authenticating further comprising the steps of:
    - generating a dynamic identifier for said unauthorized user;
      
      transmitting to said unauthorized user said dynamically generated identifier; and
      
      receiving said dynamically generated identifier from said requester as at least part of said request for access.
  - 17. The method of claim 1 wherein said challenge string comprises a random string having a plurality of symbols, wherein at least one of the symbols is a specially designated symbol.
  - 18. The method of claim 1 wherein the step of communicating said challenge string comprises communicating said challenge string through a discrete channel to said authorized, said discrete channel being a communications channel not readily identifiable by information submitted by said requestor.
  - 19. The method of claim 1 wherein said at least one null character comprises a plurality of null characters.
  - 20. The method of claim 1 wherein said response string corresponding to said challenge string consists of said challenge string having said null characters replaced with characters that are not null characters.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Textile Computer Systems, Inc.
Original Assignee
Gopal Nandakumar
Inventors
Nandakumar, Gopal
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
Sanders, Stephen

Application Number

US13/279,294
Publication Number

US 20130104211A1
Time in Patent Office

919 Days
Field of Search

726/7
US Class Current

726/7
CPC Class Codes

G06Q 20/3823   combining multiple encrypti...

G06Q 20/40   Authorisation, e.g. identif...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/08   for authentication of entit...

H04L 9/321   involving a third party or ...

H04L 9/3271   using challenge-response

Authentication method

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

39 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication method

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

39 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links