System and method of notifying mobile devices to complete transactions
First Claim
Patent Images
1. A method of completing a transaction comprising the steps of:
- registering a user authentication device of an authentic user on a remote auth platform comprising a web server;
registering a user authoritative device of an authoritative agent on the remote auth platform;
setting a transaction confirmation threshold requiring a confirmation response from the user authentication device of the authentic user and an authorization response from the user authoritative device of the authoritative agent to enable a completion of a transaction request;
receiving, at a user interface having Internet accessibility, user login input from a user for initiating the transaction request, wherein the user login input comprises user authentication credentials for performing an initial authentication of the user at the user interface, and wherein the user interface is maintained by a first entity;
identifying whether the user comprises the authentic user for the transaction request based on the user login input comprising the user authentication credentials received at the user interface;
in response to identifying the user as authenticated based on the user login input, transmitting by the user interface via an application programming interface (API) the transaction request to the remote auth platform that is separate and independent from the user interface and that performs at least a second authentication of the user, wherein the remote auth platform is maintained by a second entity;
separately, at the remote auth platform, performing the second authentication of the user by performing the steps of;
(i) using the transaction request to identify the user authentication device of the authentic user registered at the remote auth platform;
(ii) using the transaction request to identify the user authoritative device of the authoritative agent that is registered at the remote auth platform;
(iii) transmitting via a secure push-based communication channel a first push-based challenge to the user authentication device, the first push-based challenge comprising a message including details of the transaction request and a request to confirm or deny the transaction request by submitting one of a user input at the user authentication device to confirm the transaction request or a user input at the user authentication device to deny the transaction request;
(iv) receiving from the user authentication device, via the secure push-based communication channel, a response to the push-based challenge comprising the user input to confirm the transaction request or the user input to deny the transaction request;
(v) transmitting via a second secure push-based communication channel a second push-based challenge to the user authoritative device, the second push-based challenge comprising a message including details of the transaction request and a request to authorize or deny authorization of the transaction request of the authentic user by submitting one of an authoritative user input at the user authoritative device to authorize the transaction request or an authoritative user input at the user authoritative device to deny authorization of the transaction request;
(vi) processing the responses to the first push-based challenge and the second push-based challenge to determine whether the second authentication of the authenticated-user is successful and the transaction request is authorized; and
when the responses to the first push-based challenge confirms the transaction request and the response to the second push-based challenge authorizes the transaction request thereby satisfying the transaction confirmation threshold, transmitting, via the API, from the remote auth platform an attestation to the first entity that the authentic user of the authentication device confirmed the transaction request,orwhen the response to the first push-based challenge does not confirm the transaction request or when the response to the second push-based challenge denies authorization of the transaction request thereby not satisfying the transaction confirmation threshold, transmitting, via the API, from the remote auth platform an attestation to the first entity that the authentic user of the authentication device or the authoritative user of the authoritative device denied the transaction request.
3 Assignments
0 Petitions
Accused Products
Abstract
A method including registering an authority device for an account on an auth platform; receiving transaction request from an initiator to the auth platform; messaging the authority device with the transaction request; receiving an authority agent response from the authority device to the auth platform; if the authority agent response confirms the transaction, communicating a confirmed transaction to the initiator; and if the authority agent response denies the transaction, communicating a denied transaction to the initiator.
209 Citations
10 Claims
-
1. A method of completing a transaction comprising the steps of:
-
registering a user authentication device of an authentic user on a remote auth platform comprising a web server; registering a user authoritative device of an authoritative agent on the remote auth platform; setting a transaction confirmation threshold requiring a confirmation response from the user authentication device of the authentic user and an authorization response from the user authoritative device of the authoritative agent to enable a completion of a transaction request; receiving, at a user interface having Internet accessibility, user login input from a user for initiating the transaction request, wherein the user login input comprises user authentication credentials for performing an initial authentication of the user at the user interface, and wherein the user interface is maintained by a first entity; identifying whether the user comprises the authentic user for the transaction request based on the user login input comprising the user authentication credentials received at the user interface; in response to identifying the user as authenticated based on the user login input, transmitting by the user interface via an application programming interface (API) the transaction request to the remote auth platform that is separate and independent from the user interface and that performs at least a second authentication of the user, wherein the remote auth platform is maintained by a second entity; separately, at the remote auth platform, performing the second authentication of the user by performing the steps of; (i) using the transaction request to identify the user authentication device of the authentic user registered at the remote auth platform; (ii) using the transaction request to identify the user authoritative device of the authoritative agent that is registered at the remote auth platform; (iii) transmitting via a secure push-based communication channel a first push-based challenge to the user authentication device, the first push-based challenge comprising a message including details of the transaction request and a request to confirm or deny the transaction request by submitting one of a user input at the user authentication device to confirm the transaction request or a user input at the user authentication device to deny the transaction request; (iv) receiving from the user authentication device, via the secure push-based communication channel, a response to the push-based challenge comprising the user input to confirm the transaction request or the user input to deny the transaction request; (v) transmitting via a second secure push-based communication channel a second push-based challenge to the user authoritative device, the second push-based challenge comprising a message including details of the transaction request and a request to authorize or deny authorization of the transaction request of the authentic user by submitting one of an authoritative user input at the user authoritative device to authorize the transaction request or an authoritative user input at the user authoritative device to deny authorization of the transaction request; (vi) processing the responses to the first push-based challenge and the second push-based challenge to determine whether the second authentication of the authenticated-user is successful and the transaction request is authorized; and when the responses to the first push-based challenge confirms the transaction request and the response to the second push-based challenge authorizes the transaction request thereby satisfying the transaction confirmation threshold, transmitting, via the API, from the remote auth platform an attestation to the first entity that the authentic user of the authentication device confirmed the transaction request, or when the response to the first push-based challenge does not confirm the transaction request or when the response to the second push-based challenge denies authorization of the transaction request thereby not satisfying the transaction confirmation threshold, transmitting, via the API, from the remote auth platform an attestation to the first entity that the authentic user of the authentication device or the authoritative user of the authoritative device denied the transaction request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for facilitating a transaction involving a first authentication and a second authentication, the system comprising:
-
a user authentication device an authentic user that is registered on a remote auth platform, the remote auth platform comprising a server; a user authoritative device of an authoritative agent that is registered on the remote auth platform, wherein a transaction confirmation threshold is set that requires a confirmation response from the user authentication device of the authentic user and an authorization response from the user authoritative device of the authoritative agent to enable a completion of a transaction request; a remote user interface, wherein the transaction request is initiated by a user, wherein the first authentication of the user is performed at the remote user interface based on receipt of user login input, wherein the remote user interface is maintained by a first entity, wherein in response to authenticating the user at the remote user interface, transmitting by the user interface, via an application programming interface, the transaction request to the remote auth platform, wherein the remote auth platform is maintained by a second entity different from the first entity; wherein the remote auth platform performs the secondary authentications of the user, wherein performing the secondary authentication of the user includes the steps of; (i) using the transaction request to identify the user authentication device of the authentic user registered at the remote auth platform; (ii) using the transaction request to identify the user authoritative device of the authoritative agent that is registered at the remote auth platform; (iii) transmitting via a secure push-based communication channel a first push-based challenge to the user authentication device, the first push-based challenge comprising a message including details of the transaction request and a request to confirm or deny the transaction request by submitting one of a user input at the user authentication device to confirm the transaction request or a user input at the user authentication device to deny the transaction request; (iv) receiving from the user authentication device, via the secure push-based communication channel, a response to the push-based challenge comprising the user input to confirm the transaction request or the user input to deny the transaction request; (v) transmitting via a second secure push-based communication channel a second push-based challenge to the user authoritative device, the second push-based challenge comprising a message including details of the transaction request and a request to authorize or deny authorization of the transaction request of the authentic user by submitting one of an authoritative user input at the user authoritative device to authorize the transaction request or an authoritative user input at the user authoritative device to deny authorization of the transaction request; (vi) processing the response to the first push-based challenge and the second push-based challenge to determine whether the second authentication of the user is successful and the transaction request is authorized; and when the responses to the first push-based challenge confirms the transaction request and the response to the second push-based challenge authorizes the transaction request thereby satisfying the transaction confirmation threshold, transmitting, via the API, from the remote auth platform an attestation to the first entity that the authentic user of the authentication device confirmed the transaction request, or when the response to the first push-based challenge does not confirm the transaction request or when the response to the second push-based challenge denies authorization of the transaction request thereby not satisfying the transaction confirmation threshold, transmitting, via the API, from the remote auth platform an attestation to the first entity that the authentic user of the authentication device or the authoritative user of the authoritative device denied the transaction request.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeCisco Technology, Inc. (Cisco Systems, Inc.)
-
Original AssigneeDuo Security Incorporated (Cisco Systems, Inc.)
-
InventorsOberheide, Jon, Song, Douglas, Goodman, Adam
-
Primary Examiner(s)SCHMIDT, KARI L
-
Application NumberUS15/363,468Publication NumberTime in Patent Office553 DaysField of SearchUS Class CurrentCPC Class CodesG06F 21/305 by remotely controlling dev...G06F 21/31 User authenticationG06F 21/32 using biometric data, e.g. ...H04L 63/083 using passwords cryptograph...H04L 63/0853 using an additional device,...H04L 9/32 including means for verifyi...H04L 9/321 involving a third party or ...H04W 12/06 AuthenticationH04W 12/08 Access security
