US20130104197A1 - Authentication system - Google Patents
Authentication system Download PDFInfo
- Publication number
- US20130104197A1 US20130104197A1 US13/279,287 US201113279287A US2013104197A1 US 20130104197 A1 US20130104197 A1 US 20130104197A1 US 201113279287 A US201113279287 A US 201113279287A US 2013104197 A1 US2013104197 A1 US 2013104197A1
- Authority
- US
- United States
- Prior art keywords
- string
- access
- challenge
- user
- end user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/40—User authentication by quorum, i.e. whereby two or more security principals are required
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/383—Anonymous user system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2103—Challenge-response
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/22—Payment schemes or models
- G06Q20/24—Credit schemes, i.e. "pay after"
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
Definitions
- the present invention relates to security protocols for use in securing and/or restricting access to personal other confidential information, physical locations and the like. More particularly, the invention relates to a system whereby the identity of a person, entity, device or the like attempting to gain access to a secured resource may be securely authenticated.
- an authentication system for authenticating the identity of a requester of access to a secured resource generally comprises a means for receiving from a requester purporting to be an authorized user of a secured resource a request for access to the secured resource; means for generating and communicating to the purported authorized user a challenge string adapted to provide a basis for authenticating the identity of the requester; a means for receiving a response string corresponding to the challenge string; and a means for evaluating the response string to authenticate the identity of the requester.
- the authentication system further comprises a means for evaluating the response string to determine whether as a result of passage of time the response string should be deemed to be invalid regardless of content.
- the authentication system further comprises a means for establishing a test adapted to detect the existence of a spoofing type deception and in at least some embodiments of these implementations the test may also be adapted to at least in part authenticate the identity of the requester.
- FIG. 1 shows, in an overview use case diagram, the various basic functionality implemented in the preferred embodiment of the authentication system and method of the present invention
- FIG. 2 shows, in a flowchart, an overview of the various steps generally taken in making a request for access to a secured resource in accordance with the present invention
- FIG. 3 shows, in a flowchart, an overview of the various steps generally taken in validating the purported access right of a user requesting access to a secured resource in accordance with the present invention
- FIG. 4 shows, in an overview sequence diagram, various interactions as generally take place during the operation of the authentication system and method of the present invention
- FIG. 5 shows, in a deployment diagram, an exemplary hardware and software implementation of the authentication system and method of the present invention
- FIG. 6 shows, in a deployment diagram, various details of a representative web interface implementation of a user interface for use in connection with the exemplary hardware and software implementation of FIG. 5 ;
- FIG. 7 shows, in an elevational representation, various details of a representative terminal device interface implementation of a user interface for use in connection with the exemplary hardware and software implementation of FIG. 5 such as may, in particular, be provided in connection with a service client implementing functionality of the present invention
- FIG. 8 shows, in a class diagram, a high level schema for a representative user database as may be implemented in connection with the exemplary hardware and software implementation of FIG. 5 ;
- FIG. 9 shows, in a class diagram, a high level schema for a representative transaction database as may be implemented in connection with the exemplary hardware and software implementation of FIG. 5 ;
- FIG. 10 shows, in a screen representation of a web browsing application, a first exemplary implementation of an order completion page from a website showing, in particular, various details of the manner for making in accordance with the present invention a request for access to a secured resource;
- FIG. 11 shows, in a top plan representation of a mobile telecommunications device screen, a first example of a challenge message such as may be implemented in accordance with the present invention
- FIG. 12 shows, in a top plan representation of a mobile telecommunications device screen, a second example of a challenge message such as may be implemented in accordance with the present invention showing, in particular, extended functionality for use in detecting a spoofing type deception;
- FIG. 13 shows, in a top plan representation of a mobile telecommunications device screen, a third example of a challenge message such as may be implemented in accordance with the present invention showing, in particular, extended functionality for accommodating constraints imposed by the available means for submitting of an authentication credential for purposes of validating the purported access right of a user requesting access to a secured resource in accordance with the present invention;
- FIG. 14 shows, in a screen representation of a web browsing application, a first exemplary implementation of a payment confirmation page from a website showing, in particular, various details of the manner for submitting of an authentication credential for purposes of validating the purported access right of a user requesting access to a secured resource in accordance with the present invention
- FIG. 15 shows, in a screen representation of a web browsing application, a second exemplary implementation of a payment confirmation page from a website showing, in particular, various details of the manner for submitting of an authentication credential for purposes of validating the purported access right of a user requesting access to a secured resource in accordance with the present invention
- FIG. 16 shows, in a screen representation of a web browsing application, an exemplary implementation of a preliminary payment confirmation page from a website showing, in particular, various details of at least one method for accessing a further payment confirmation page;
- FIG. 17 shows, in a screen representation of a web browsing application, a third exemplary implementation of a payment confirmation page from a website showing, in particular, various details of a first implementation of extended functionality for use in detecting a spoofing type deception;
- FIG. 18 shows, in a screen representation of a web browsing application, the implementation of the payment confirmation page of FIG. 17 showing, in particular, various additional details of the implemented extended functionality for use in detecting a spoofing type deception;
- FIG. 19 shows, in a screen representation of a web browsing application, a fourth exemplary implementation of a payment confirmation page from a website showing, in particular, various details of second implementation of extended functionality for use in detecting a spoofing type deception.
- the authentication system 30 of the present invention is shown to generally comprise an operative combination of a plurality of service provider implemented use cases 32 .
- the service provider 36 of the present invention will generally provide for an end user actor 34 a means 38 for requesting access to a secured resource and, additionally, a means 37 for submitting an authentication credential for use in validating the purported access right of the end user actor 34 .
- the service provider 36 of the present invention will generally provide responsive to submission by an end user actor 34 of a request for access to a secured resource a means 39 for generating and sending to an end user actor 34 a challenge message 94 designed to enable only the intended end user actor 34 to determine the content of a transient authentication credential. Still further, the service provider 36 of the present invention will generally provide responsive to submission by an end user actor 34 of an authentication credential a means 41 for validating the authentication credential.
- the service provider 36 may in combination with the means 37 for submitting an authentication credential also be adapted to provide for the end user actor 34 a means 35 for detecting the existence of a spoofing type deception.
- the service provider 36 may in combination with the means 39 for generating and sending to an end user actor 34 a challenge message 94 also be adapted to provide a means 82 for generating content for use in the means for detecting the existence of a spoofing type deception and to provide such content to the end user actor 34 .
- time 44 as an actor may be accommodated as desired in any particular implementation wherein the service provider 36 is also provided with means 45 responsive to the passage of time for revoking or otherwise invalidating an authentication credential such that an authentication credential otherwise correctly determined by an end user actor 34 in response to a service provider generated challenge message 94 may as a result of the passage of time be deemed to be incorrect, thereby resulting in a validation failure upon application of the means 45 for validating the authentication credential.
- the authentication method 46 of the present invention as operative upon the described authentication system 30 is shown to generally comprise various series of interactions, as broadly set out in FIG. 4 , wherein the interactions may be generally categorized as steps 47 implicated in requesting access to a secured resource, as broadly set out in FIG. 2 , and steps 48 implicated in validating the purported access right of the user requesting access to the secured resource, as broadly set out in FIG. 3 .
- the authentication method 46 of the present invention generally begins with an end user 34 submitting or otherwise making through an access controller 51 , firewall or like access control point a request for access to a secured resource, which end user submitted request is then forwarded by the access controller 51 to an authenticator 52 .
- an access controller 51 may, if desired, first determine whether the end user 34 making the request is authorized or otherwise permitted to make such use of the authentication system 30 .
- the instigated process 47 will generally terminate whereas if it is determined that the end user 34 is authorized or otherwise permitted to make the attempted use of the authentication system 30 the process 47 will generally continue.
- the authenticator 52 must be able to evaluate the end user submitted request to determine the specific identity of the resource for which the request is made.
- the forwarded request preferably comprises at least the common identifier for the resource. In any case, if the available information is insufficient for the authenticator 52 to positively determine the identity of the resource for which the end user 34 has requested access the process 47 will generally terminate whereas if the available information is sufficient for the authenticator 52 to positively determine the identity of the resource for which the end user 34 has requested access the process 47 will generally continue.
- the authenticator 52 In the final steps for processing 47 an end user submitted request for access to a secured resource, the authenticator 52 generates a challenge message 94 designed to enable only an authorized end user 34 to determine the content of a transient authentication credential and, thereafter, issues the challenge message 94 to the end user 34 .
- an authenticator 52 implemented as part of an authentication system 30 that also comprises a means 35 for detecting the existence of a spoofing type deception must be adapted to determine whether under the circumstances of the particular in process request for access to a secured resource such a means 35 for detecting the existence of a spoofing type deception should be deployed.
- the authenticator 52 will establish the parameters of an appropriate test and include the established parameters in connection with or as part of the issued challenge.
- the end user 34 With the challenge message 94 issued by the service provider 36 to the end user 34 , the end user 34 then formulates a response to the challenge based upon information generally known only to the end user 34 and the authenticator 52 . Once the end user 34 has formulated a response to the challenge, and assuming that the end user 34 desires to continue the in-process transaction, the end user 34 will submit the formulated response to the access controller 51 as an authentication credential.
- validation 48 of the purported access right of the user requesting access to a secured resource is shown to generally begin with the submission by the end user 34 through the access controller 51 of an authentication credential to be forwarded by the access controller 51 to the authenticator 52 , which authentication credential has been previously formulated by the end user 34 in response to issuance by the authenticator 52 of a challenge message 94 .
- FIG. 1 shows that the end user 34 through the access controller 51 of an authentication credential to be forwarded by the access controller 51 to the authenticator 52 , which authentication credential has been previously formulated by the end user 34 in response to issuance by the authenticator 52 of a challenge message 94 .
- the access controller 51 will prior to allowing submission by the end user 34 of an authentication credential first determine whether under the circumstances of the particular request in process for access to a secured resource such a means 35 for detecting the existence of a spoofing type deception should be deployed.
- the access controller 51 determines whether no test for detecting the existence of a spoofing type deception need be established the end user 34 is allowed by the access controller 51 to submit the authentication credential without more whereas if it is determined by the access controller 51 that a test for detecting the existence of a spoofing type deception should be deployed the access controller 51 will present to the end user 34 an appropriate test for detecting the existence of a spoofing type deception, wherein the presented test is constructed by the access controller 51 using the test parameters as previously established and provided by the authenticator 52 .
- the authenticator 52 upon successful forwarding by the access controller 51 to the authenticator 52 of the end user submitted authentication credential, the authenticator 52 proceeds to validate the responsive authentication credential by comparing the authentication credential against a key string.
- the key string will prior to or at the time of validation be determined by the authenticator 52 utilizing knowledge of the previously discussed information generally known only to the end user 34 and the authenticator 52 to formulate the key string as the known correct response to at least a portion of the previously issued challenge message 94 (the “primary challenge”).
- the authenticator 52 will be programmed or otherwise adapted to determine as part of the validation step whether as a result of the passage of time the authentication credential should be deemed to be incorrect. In any case, if the authentication credential is found or otherwise deemed to be incorrect, the authenticator 52 will report the incorrect finding to the access controller 51 and the end user 34 will be blocked by the access controller 51 from access to the requested secured resource. If, on the other hand, the authentication credential is found to be correct the authenticator 52 will report the correct finding to the access controller 51 and the access controller 51 will provide the requested access to the end user 34 .
- an end user 34 may comprise any person or machine requiring, in connection with some other use, access or other relationship with a service provider 36 , access to a secured resource for which the service provider 36 controls access.
- the resource may comprise password protected information (a secured resource) maintained in a computer system under the control of the service provider 36 and to which a human end user 34 desires access.
- the actual password or other information known by the end user 34 and the service provider 36 and through which the authenticator 52 is capable of authenticating the access right of the end user 34 is strictly prohibited from submission through the user interface 105 in connection with the making of a request or submission of an authentication credential.
- the end user 34 may, for example and without limitation, be a patient wishing to access medical information (a secured resource) held by a caregiver or an insurance carrier (a service provider 36 ); or may be the holder of a credit card account, banking account, automated teller machine (“ATM”) card and/or card or the like (a secured resource) wishing to authorize a credit card processor, financial institution or the like to complete a transaction; or may be a credit applicant or other holder of an information product wishing to access a credit score or other information (a secured resource) maintained by a credit bureau or other information provider (a service provider 36 ); or may be the holder of an on-line service account protected by a password (a secured resource) and wherein the on-line account is under the control of the service provider 36 .
- a service provider 36 may be the holder of a credit card account, banking account, automated teller machine (“ATM”) card and/or card or the like (a secured resource) wishing to authorize a credit card processor, financial institution or the like to complete a transaction
- FIG. 5 the deployment diagram of FIG. 5 , wherein there is shown the various elements of an exemplary hardware and software based implementation of an authentication system 30 constructed in accordance with the teachings of the present invention.
- FIG. 5 the implementation depicted in FIG. 5 is exemplary of the authentication system 30 of the present invention, it is in no manner meant to be all encompassing or otherwise limiting of the wide range of implementations as are possible.
- FIG. 5 it is noted that while some elements are in FIG. 5 shown to comprise hardware and others software, virtually any element could be implemented in either hardware or software or any combination thereof.
- a service provider 36 (such as, for example, may comprise a specialized provider of the authentication services of the present invention; a provider of other products or services having need of authentication services, such as, for example, a credit card processor or financial institution or an alarm monitoring company; a retail store, service station, on-line service provider or merchandiser or other business; a healthcare or medical insurance provider; an automated teller machine provider; or the like) has associated therewith one or more application servers 50 or database servers 98 upon which may be hosted software functionality necessary to operation within the framework of the present invention in addition to the unrelated operations of the service provider 36 .
- application servers 50 or database servers 98 upon which may be hosted software functionality necessary to operation within the framework of the present invention in addition to the unrelated operations of the service provider 36 .
- an application server 50 may host an access controller 51 , firewall or other access control point to process and/or otherwise handle requests and submissions from an end user 34 as well as to produce output for the end user 34 as may be necessary in the operation of the present invention.
- the application server 50 may host an authenticator 52 adapted to handle or otherwise control all aspects of the authentication process within the realm of responsibility of the authentication system 30 , including receiving authentication requests, storing and/or retrieving data pertinent to the processing of such requests, directing the generation and sending of challenge messages 94 , and directing the validation of authentication credentials submitted in response to challenge messages 94 and actions taken based upon the results of such validations.
- the authenticator component 52 may comprise one or more further specialized components such as, for example, a challenge manager 53 adapted to facilitate creation and transmission of challenge messages 94 , a random sequence generator 54 as may be useful in the highly specialized task of creating random sequences which, as will be better understood further herein, are an integral feature of the present invention, and a validation tool 55 adapted to conduct the specialized task of comparing received authentication credentials with known key strings.
- the application server 50 may also host an administration tool 56 through which various aspects of the setup, maintenance and operation of the hardware and software systems of the authentication system 30 may be managed.
- a typical database management system 57 may include a user database 58 for storing a wide variety of generally user centric data as may be required in the operation of the present invention, a transaction database 59 for storing data generally associated with the conduct of individual transactions and an image database 107 , which, as will be better understood further herein, is particularly adapted for storing data associated with implementation of the means 35 for detecting the existence of a spoofing type deception.
- a user database 58 for storing a wide variety of generally user centric data as may be required in the operation of the present invention
- a transaction database 59 for storing data generally associated with the conduct of individual transactions
- an image database 107 which, as will be better understood further herein, is particularly adapted for storing data associated with implementation of the means 35 for detecting the existence of a spoofing type deception.
- FIG. 8 shows a very high level but generally representative schema for a user database 58 and FIG. 9 shows a very high level but also generally representative schema for a transaction database 59 , each of which will be described in greater detail further herein in connection with an exemplary description of the conduct of a typical transaction.
- a preferably unified messaging gateway 60 is provided for use in issuing challenge messages 94 through various communication channels to end users 34 .
- a unified messaging gateway 60 may be utilized to transmit a generated challenge message 94 in any of a plurality of message formats (such as, for example, as a short messaging service (“SMS”) message, a standard text message, an electronic mail message, a synthesized voice message, an alphanumeric page or the like) over any of a plurality of communication channels (such as, for example, an SMS or other text channel, a simple mail transport protocol (“SMTP”) channel, a plain old telephone system (“POTS”) channel, a paging network or private broadcast channel or the like) to be received by any of a plurality of user devices (such as, for example, a mobile or landline telephone, a smart phone, an electronic mail client, a personal data assistant (“PDA”), a numeric or digital pager or the like).
- SMS short messaging service
- POTS plain old telephone system
- PDA personal data assistant
- a user interface 105 is provided and adapted to provide input from all manner of users 62 , including administrative users and end users 34 , to the hardware and/or software systems of the service provider 36 and to provide output from these systems to the various users 62 .
- the user interface 105 enables the various users 62 to maintain and/or otherwise manage the data stored in the user database 58 as may be appropriate as well as to generally manage and maintain the implemented authentication system 30 in addition to providing, in accordance with the present invention, a point of access for the end user 34 .
- the user interface 105 may take a wide variety of forms depending upon the circumstances of any particular implementation.
- a typical user interface may be implemented as a web interface 63 wherein there may be provided a page processor 64 hosted on an appropriate execution environment 65 installed on a dedicated web server 66 in Internet communication 67 with a user device 68 , such as, for example, a personal computer, a smart phone, other mobile device 78 or the like, and on which is installed and/or hosted a web browser running 69 in a provided execution environment 70 .
- a user device 68 such as, for example, a personal computer, a smart phone, other mobile device 78 or the like, and on which is installed and/or hosted a web browser running 69 in a provided execution environment 70 .
- FIG. 1 As shown in FIG.
- a user interface 105 may comprise a more dedicated and integrated arrangement such as the depicted point-of-sale (“POS”), fueling station or automated teller machine (“ATM”) terminal device 73 comprising as input modalities a keypad 95 and a card reader and comprising as an output modality a visual display such as the depicted screen 77 .
- POS point-of-sale
- ATM automated teller machine
- the user interface 105 may comprise a network interface such as may be utilized by a customer service representative (considered herein as an end user 34 acting through the representative), a telephone auto attendant, which may implement a DTMF decoder, speech recognition engine, TDD/TTY decoder or the like; or virtually any other combination of input modalities (including barcode readers or scanners, keyboards, keypads, card and/or magnetic stripe readers, pointing devices, microphones and the like) and output modalities (including visual displays such as computer or other device monitors or screens, audio output devices such as headphones or other speakers, tactile output devices such as may be adapted for the visually impaired and the like).
- a customer service representative considered herein as an end user 34 acting through the representative
- a telephone auto attendant which may implement a DTMF decoder, speech recognition engine, TDD/TTY decoder or the like
- input modalities including barcode readers or scanners, keyboards, keypads, card and/or magnetic stripe readers, pointing devices, microphones and
- the consumer will indicate a desire to make a credit card payment to the on-line retailer by using a web browser 69 to submit a request through an access controller 51 which will then forward the consumer's request (which will generally include the credit card number) to the authenticator 52 for determination of whether the identified credit card is a valid secured resource connected with the authentication system 30 , for authentication of the consumer's right of access to the identified credit card and for completing the payment transaction.
- the CV or like code required under the present example for authorization of the transaction must not be provided through the user interface 105 (in this case, a web interface 63 ).
- the consumer will use his or her web browser 69 to first navigate to the uniform resource locator (“URL”) of an order completion webpage 75 for the on-line retailer (service provider 36 ).
- the consumer's web browser 69 will send a page request to the on-line retailer's web server 66 where a hosted page processor 64 will create and send back to the consumer's web browser 69 the requested “order completion” webpage 75 , making use, if required, of the on-line retailer's database management system 57 to retrieve stored information pertaining to the consumer, the transaction or the like.
- URL uniform resource locator
- the requested page 75 may simply comprise a simple form through which the consumer may input information indicative of the nature of the consumer's request for access to a secured resource.
- the consumer enters the credit card number (the common identifier for the secured resource) for the merchant or store credit card for which he or she requests use (access) and then selects the depicted “pay now” button.
- the consumer's web browser 69 submits the data to the on-line retailer's web server 66 where the hosted page processor 64 may validate the form data for technical completeness and accurate formatting. Assuming that the submitted data is technically correct or is subsequently made technically correct, the page processor 64 submits the consumer's request to the access controller 51 hosted on the on-line retailer's application server 50 .
- the on-line retailer may choose to verify that the tentatively identified consumer presenting the credit card is permitted to make use of the on-line retailer's services for the requested purposes. For example, it may be that the on-line retailer requires registration prior to use of the authentication system 30 and method 46 of the present invention which, it is noted, may be utilized in a completely anonymous fashion to conduct extraordinarily secure financial and other transactions. If so, the access controller 51 may access the user table 85 of the user database 58 or any other accessible data store to determine that the tentatively identified consumer is a valid end user 34 .
- the access controller 51 will generally continue by creating a transaction reference for the transaction and assembling any other necessary parameters, such as payment amount.
- a service provider 36 will have available all or virtually all information necessary for submitting (on behalf of an end user 34 ) a request for access to a secured resource without need for the end user 34 to enter additional data. For example, in a case where the consumer is otherwise “logged in” to the on-line retailer's website and the on-line retailer has previously stored the consumer's credit card number the consumer need only indicate that he or she wishes to “pay now” in order to make complete use of the facilities of the present invention.
- the consumer's request is forwarded by the access controller 51 to the authenticator 52 which will generally first undertake to determine whether the credit card for which the end user 34 has requested access is recognized at the service provider 36 .
- the authenticator 52 may access the user database 58 , as generally shown in FIG. 8 , to determine whether the provided credit card number can be located in the resource table 88 of the user database 58 . If not, the authentication process 46 may be terminated with or without notice to the end user 34 or an appropriately updated webpage 75 may be generated to prompt the end user 34 for correction of the unrecognized identifying information and resubmission of the request.
- the authenticator 52 will proceed to establish a new transaction record in the transaction table 86 of the transaction database 59 , as generally shown in FIG. 9 .
- the previously created transaction reference may be used as the TRANSACTION_ID for the newly created record or, if no transaction reference was previously created the TRANSACTION_ID now created for the new transaction record may be considered the transaction reference for the transaction.
- transaction parameter records may then be created in the transaction parameter table 87 of the transaction database 59 in order to collect and store information pertinent to the continued processing of the transaction such as, for example, the unique RESOURCE_ID by which the identified credit card is known in the user database 58 , the amount of the requested payment or the like. Still further, the unique USER_ID by which the tentatively identified consumer is known in the user database 58 , as may be determined (if not provided as part of the forwarded request) with reference through the resource use table 99 to the user table 85 of the user database 58 , should also be stored in the transaction parameter table 87 of the transaction database 59 .
- a “string” shall for purposes of the present invention be expressly defined to mean “an ordered sequence of any subset of symbols selected from a set of symbols wherein each symbol forming the set may be represented in both a format that may be perceived by an end user 34 and a format that may be recognized by software or hardware,” e.g.
- null character shall for purposes of the present invention be expressly defined as “a specially designated symbol intended to indicate the absence from a sequence of a single symbol,” e.g. a box with an X character, as shown in the drawings forming a part of this specification, any symbol (such as a particular number, particular letter, an asterisk, an underscore or the like) designated at implementation to be defined as being a null character or a blank space.
- Random as applied to the characterization of a string shall for purposes of the present invention be expressly defined to mean that the symbols of the string are arranged in an order that is not readily predictable.
- the primary challenge is generated to include a random string comprising a plurality of symbols wherein at least one of the symbols of the string is a null character, such a random string being referred to herein as a challenge string 49 .
- a challenge string 49 a random string comprising a plurality of symbols wherein at least one of the symbols of the string is a null character, such a random string being referred to herein as a challenge string 49 .
- each end user 34 (and, if desired, any administrative user) will have stored in the user table 85 of the user database 58 a private string, which is a user selected or assigned (depending on implementation preferences) string comprising symbols of the same set as used for generating the challenge string 49 but most preferably excluding use of the null character.
- a private string is generally only known to the user with which it is associated and the service provider 36 and, in a critical aspect of the present invention, a private string is never required to be openly passed through the user interface 105 .
- a user will formulate a response to a challenge string 49 by using the symbols of the user's private string to replace the null character or characters of the challenge string 49 to formulate a response string.
- the response string may be passed through the user interface 105 without risk of interception of the private string and, accordingly, a system of readily established single use “passwords” is presented.
- the authentication system 30 and method 46 of the present invention may be implemented such that the protocol for creating a response string from a challenge string 49 is standardized in advance or, in the alternative, instructions 93 may be provided with the challenge message 94 or inferred from the manner of delivery of the challenge or circumstances of the use.
- the user may be directed to formulate the response string using only numbers of the private string or may assume that only numbers should be used when entering the response string into a limited keypad 95 such as depicted in FIG. 7 .
- instructions 93 may be given to use every second or third symbol of the private string, to begin with a certain symbol of the private string, to take symbols from the private string in reverse order, or any combination of these and similar instructions 93 .
- the user may be instructed as standard procedure or by challenge message 94 to repeat usage of certain symbols of the private string or the entire private string in order to respond to a challenge string 49 with more null characters than symbols available in the user's private string and/or simply as a matter of choice by the service provider 36 .
- the authenticator 52 evaluates all available information that may impact the ability of an end user 34 to readily receive a particular challenge message 94 and/or to readily respond to a particular challenge message 94 and, additionally, determines whether any special security requirements may exist for access to the particular resource.
- the authenticator 52 will preferably obtain from the channel table 111 of the user database 58 channel data indicating the type of communication channel that will be utilized to transmit the challenge message 94 .
- the user attribute table 92 of the user database 58 may indicate whether the end user 34 suffers any disability that would impact the manner of response and/or the resource attribute table 89 of the user database 58 may indicate any special resource dictated security requirements, such as minimum length or desired complexity for a response string.
- the authenticator 52 may also consider any limitations of the user interface 105 , such as being limited to entry of numeric characters only. In any case, the authenticator 52 will determine the characteristics that should be exhibited by the challenge string 49 , including the manner of issuance, and will then instruct the challenge manager 53 to initiate issuance of a challenge message 94 .
- the primary challenge (comprising the challenge string 49 and any necessary response instructions 93 ) may be supplemented with the provision of a test designed to detect the existence of a spoofing type deception.
- the present invention contemplates the use of a dynamically selected image 112 for the conduct of this test.
- the challenge manager 53 will generally at this point in the process obtain from the image database 107 image data identifying the selected image 112 and its location on a fileserver and will store the obtained image data in the image table 113 of the transaction database 59 .
- the challenge manager 53 will continue to by obtaining from the random sequence generator 54 a challenge string 49 generated to meet the requirements established and communicated by the authenticator 52 . With the challenge string 49 generated and any image data obtained, the challenge manager 53 will proceed to construct the challenge message 94 which will at least comprise the challenge string 49 , any special response instructions 93 and a copy of the image file if required. With the challenge message 94 assembled, the challenge manager 53 queues the challenge message 94 by providing the messaging gateway 60 with the challenge message 94 , the type of communication channel to be utilized and the CHANNEL_ID for the channel.
- the challenge manager 53 will inform the messaging gateway 60 that the challenge message 94 is to be transmitted by SMS text message 79 and will provide the messaging gateway 60 with a telephone number for a SMS text capable user device.
- the challenge message 94 be transmitted through a discrete channel, which is herein defined as being a communication channel not readily identifiable by information submitted by an end user 34 in making a request for access to a secured resource.
- a discrete channel which is herein defined as being a communication channel not readily identifiable by information submitted by an end user 34 in making a request for access to a secured resource.
- the schema for the user database 58 and/or the authenticator 52 should ensure that the challenge message 94 is not transmitted by electronic mail to the same electronic mail address.
- an end user 34 requesting access to a secured resource using his or her mobile telephone number as an identifier will not be able to receive a challenge message 94 by SMS or standard text message 79 or synthesized voice call to the same mobile telephone number.
- the schema as depicted in FIG. 8 contemplates that a single user may have more than one possible message channels assigned. As a result, a channel may be discrete for some requests, but not for others depending upon the information provided by the end user 34 in making a particular request.
- a typical simple challenge message 94 as may be transmitted to an end user 34 through an SMS text enable smart phone or like mobile device 78 .
- the challenge message 94 may also include information helpful to the consumer in making a response.
- the challenge message 94 depicted in FIG. 13 includes the name of the on-line service provider, the purchase amount for which the user requests access to his or her secured resource and also the client reference used by the on-line service provider.
- the authenticator 52 obtains the consumer's private string from the user table 85 of the user database 58 , as shown in FIG. 8 , and then submits the challenge string 49 (along with any special instructions 93 ) and the private string to the validation tool 55 , which in turn determines the correct response string.
- the determined correct response string is then assigned as the key string for the transaction and stored in the key string table 97 of the transaction database 59 .
- a timestamp may also be entered into the transaction table 86 of the transaction database 59 in order to provide a reference by which may be calculated a timeout event for the validity of the key string (response string submitted as an authentication credential).
- FIGS. 12 and 13 depict some variation of possible challenge messages 94 and/or additional detail regarding the presentation to the consumer of an image 112 for use in detecting a possible spoofing type deception.
- an image 112 is shown as being presented with the challenge string 49 as part of the challenge message 94 .
- the consumer is directed to look for a corresponding image to be displayed on the website of the on-line retail store and to not enter a response string unless the correct image is observed.
- FIG. 12 depict some variation of possible challenge messages 94 and/or additional detail regarding the presentation to the consumer of an image 112 for use in detecting a possible spoofing type deception.
- an image 112 is shown as being presented with the challenge string 49 as part of the challenge message 94 .
- the consumer is directed to look for a corresponding image to be displayed on the website of the on-line retail store and to not enter a response string unless the correct image is observed.
- FIG. 12 depict some variation of possible challenge messages 94 and/or additional detail regarding the presentation to
- FIG. 13 shows in particular one simple example of the many previously discussed possibilities for providing special instructions 93 in connection with the issuance of a challenge message 94 .
- the consumer is directed to respond to the challenge string 49 using only numbers from his or her private string.
- this instruction 93 will be particularly beneficial when it is known that the consumer will be forced to enter the response string through a limited input modality such as, for example, the simple keypad 95 depicted in FIG. 7 .
- an end user 34 of the present invention will necessarily formulate a response string corresponding to a challenge string 49 outside of the hardware and/or software provided as part of the authentication system 30 of the present invention. That said, the validation steps begin with the consumer using his or her web browser 69 to first navigate to the uniform resource locator (“URL”) of a payment confirmation webpage 75 for the on-line retailer (the service provider 36 ).
- URL uniform resource locator
- the consumer's web browser 69 will send a page request to the on-line retailer's web server 66 where a hosted page processor 64 will create and send back to the consumer's web browser 69 the requested “payment confirmation” webpage 75 , making use of the on-line retailer's database management system 57 to retrieve stored information pertaining to the consumer, the transaction or the like.
- the requested page 75 may simply comprise a simple form through which the consumer may input his or her formulated response string and then select the depicted “confirm” button.
- this simple example assumes that the consumer has remained on the website of the on-line retailer such that the transaction reference remains known to the page processor 64 and also that no test designed to detect the existence of a spoofing type deception will be presented.
- the requested page 75 as depicted in FIG. 15 also assumes that no test designed to detect the existence of a spoofing type deception will be presented, but contemplates that the consumer may have left and returned to the website for completion of the purchase transaction.
- the depictions of FIGS. 14 and 15 may be appropriate for responding to the challenge as depicted in FIG. 11 .
- the consumer's private string is 2F46DAH525.
- the correct response string for the challenge string 49 of FIG. 11 would be 24FA63462B, which would be entered by the consumer.
- the consumer's web browser 69 submits the data to the on-line retailer's web server 66 where the hosted page processor 64 may validate the form data for technical completeness and accurate formatting. Assuming that the submitted data is technically correct or is subsequently made technically correct, the page processor 64 submits the consumer's response string to the access controller 51 hosted on the on-line retailer's application server 50 .
- the requested page 75 may comprise a slightly more complex form through which the consumer may be required to enter the transaction reference for the transaction although, as shown in FIG. 16 , the transaction reference data may be pre-populated if the consumer has not left the website.
- this form contemplates that the consumer may want to address a different transaction than presently being handled by the webpage 75 or that the consumer has left and returned to the website for completion of the purchase transaction. Additionally, this exemplary form contemplates that a test designed to detect the existence of a spoofing type deception may or may not be presented.
- the consumer will then select the depicted “continue” button, whereafter the consumer's web browser 69 submits the data to the on-line retailer's web server 66 where the hosted page processor 64 may validate the form data for technical completeness and accurate formatting. Assuming that the submitted data is technically correct or is subsequently made technically correct, the page processor 64 submits the consumer's response string to the access controller 51 hosted on the on-line retailer's application server 50 . Once received by the access controller 51 , the client reference will be utilized to retrieve the stored request data from the transaction database 59 and the access controller 51 will determine whether a test designed to detect the existence of a spoofing type deception should be presented. If not, the access controller 51 will so inform the page processor 64 which, in turn, may then update or otherwise create and send back to the consumer's web browser 69 a “payment confirmation” webpage 75 like that of FIG. 14 , whereafter the consumer continues as previously discussed.
- the access controller 51 determines that a test designed to detect the existence of a spoofing type deception should be presented the request handler 51 will retrieve from the image table 113 of the transaction database 59 the previously stored image data associated by the transaction reference with the present transaction. As previously noted, the challenge manager 53 will have previously sent to the consumer, as part of a challenge message 94 , an image file. Rather than utilizing an actually image file at this stage, however, the preferred implementation of the test comprises the access controller 51 retrieving the file location for a copy of the image matching the image file transmitted as part of the challenge message 94 and which file location (external web address) has preferably been made temporary on a publicly accessible fileserver associated with the service provider 36 .
- the page processor 64 will then create a page 75 such as depicted in FIG. 17 , wherein the webpage 75 presents the image 112 by linking to the external web address (the temporary file location) at which the image 112 is hosted.
- the depiction of FIG. 17 may be appropriate for responding to the challenge as depicted in FIG. 12 .
- the consumer's private string is 2F46DAH525
- the correct response string for the challenge string 49 of FIG. 12 would again be 24FA63462B, which would be entered by the consumer.
- the preferred implementation of the test designed to detect the existence of a spoofing type deception comprises providing a web link pointing to a copy of the image file on a fileserver associated with the service provider 36 , which file location may then be made temporary. By making the file location temporary, the file can be removed or restricted and/or replaced with a warning image once accessed through the web link. In this manner, if the consumer has accidently navigated to a spoofed website conducting a man-in-the-middle type deception in particular, the bad actor will in the course of accessing the true on-line retailer's website access the image link.
- the image 112 will have been removed or replaced by the time that the consumer links to the web address for the image. In this case, as shown in FIG. 18 , the consumer will see the bad actor generated webpage with the prominently displayed warning image 114 .
- the consumer may be required to actually select one image 112 from a plurality of images 115 at the same time as he or she is required to enter his or her response string.
- the image selection will be transmitted with the response string and will form a part of the overall response to be evaluated by the authenticator 52 .
- this embodiment serves to ensure that a careless consumer does not fail to carefully check for the required image 112 .
- the consumer's web browser 69 submits the data to the on-line retailer's web server 66 where the hosted page processor 64 may validate the form data for technical completeness and accurate formatting. Assuming that the submitted data is technically correct or is subsequently made technically correct, the page processor 64 submits the consumer's response string to the access controller 51 hosted on the on-line retailer's application server 50 whereafter the response message is submitted to the authenticator 52 hosted on the service provider's application server 50 .
- the authenticator 52 will then direct the validation tool 55 to evaluate the response string based upon the transaction reference for the response message.
- the validation tool 55 will access the key string table 97 of the transaction database 59 to retrieve the key string associated with the particular transaction reference and will evaluate the submitted response string against the retrieved key string taking into account, if appropriate for the particular implementation, the passage of time. Additionally, in a case where the selection of a particular image also forms part of the required response in addition to the response string, the validation tool 55 will also determine whether the correct image was selected by the end user 34 . In any case, the validation tool 55 will then report the result of the evaluation to the authenticator 52 .
- the process 48 will terminate and the failure will be reported to the access controller 51 , which in turn will block the end user 34 from access to the requested secured resource. If, on the other hand, the evaluation passes the authenticator 52 will report the authenticated status to the access controller 51 , which in turn will allow the access as requested by the end user 34 .
- the authentication system 30 may determine an otherwise unknown unique USER_ID for the consumer from knowledge of the unique RESOURCE_ID for an identified secured resource (the credit card number in the presented example) it was stated that from the resource table 88 (holding the unique RESOURCE_ID for the credit card) the user table 85 (holding the unique USER_ID for the consumer) could be accessed through the resource user table 99 .
- provision of the resource user table 99 as join table for the resource table 88 and the user table 85 establishes a many-to-many relationship between the records of the resource table 88 and the user table 85 , whereby additional functionality is imparted to the authentication system 30 and method 46 of the present invention.
- joint or other plural access control may be established for the secured resource.
- a parent of child patient presenting for treatment at a medical clinic may provide the child's Social Security Number to the clinic for use by the clinic in requesting access to the child's electronic medical records accessible by either one of two passwords held one each by two parents.
- the authentication system 30 implemented to provide for multiple user association with a single secured resource may simply look up each parent end user 34 associated with the child's identified medical record (secured resource) and send a separate challenge message 94 to each, storing the appropriate key strings in separate records of the key string table 97 of the transaction database 59 , each record being connected by TRANSACTION_ID to the single transaction record established in the transaction table 86 of the transaction database 59 for the request for access to the child's medical record.
- the validation tool 55 of the authentication system 30 will evaluate a received response string against each key string associated with the transaction and will find valid a response string matching either.
- this aspect of the present invention will have broad application, including for use in authorizing transactions against shared credit card or banking accounts, accessing shared on-line service accounts, deactivating an alarm system or accessing a computer controlled door for a home, business or other facility shared by many occupants or similar applications.
- this aspect of the present invention may also be implemented such that a correct response string must be received from a plurality of end users 34 in order for the authentication system 30 and process 46 to authenticate a particular request for access to a secured resource.
- a correct response string must be received from a plurality of end users 34 in order for the authentication system 30 and process 46 to authenticate a particular request for access to a secured resource.
- “two-person control” and like security protocols may be readily handled within the scope of the present invention.
- the magnetic card may be encoded with an identification code for the user including no confidential or sensitive information, but preferably useful only in connection with identifying the end user 34 to an authentication system 30 implemented in accordance with the teachings of the present invention.
- an identification code for the user including no confidential or sensitive information, but preferably useful only in connection with identifying the end user 34 to an authentication system 30 implemented in accordance with the teachings of the present invention.
Abstract
A system and method whereby the identity of a person, entity, device or the like attempting to gain access to a secured resource may be securely authenticated includes a means for receiving from a requester purporting to be an authorized user of a secured resource a request for access to the secured resource; means for generating and communicating to the purported authorized user a challenge string adapted to provide a basis for authenticating the identity of the requester; a means for receiving a response string corresponding to the challenge string; and a means for evaluating the response string to authenticate the identity of the requester.
Description
- The present invention relates to security protocols for use in securing and/or restricting access to personal other confidential information, physical locations and the like. More particularly, the invention relates to a system whereby the identity of a person, entity, device or the like attempting to gain access to a secured resource may be securely authenticated.
- The protection of personal information and/or other secured resources, such as, for example, credit data, medical history, financial account information, secured physical locations and the like is of ever increasing concern to businesses and individuals alike. To be sure, each passing day reveals more sophisticated attacks by those who would gain unauthorized access to such resources absent the constant vigilance of those charged with the protection of such resources. To this end, the various security protocols employed for the protection of such resources almost universally includes some means for authenticating the identity of a person, entity, device or the like attempting to gain access to a secured resource.
- More often than not the critical authentication is carried out by the age old process of a providing a privately held password, personal identification number or the like in connection with some generally publicly known identifier for the person, entity, device or the like attempting to gain access to the secured resource. Unfortunately, however, this protocol is dogged by vulnerability to interception through spoofing, eavesdropping, and countless other techniques though which a password, personal identification number or the like may become known to an attacker. Additionally, it is common to find that a single person, entity, device or the like uses the same password, personal identification number or the like in connection with gaining access to multiple secured resources. In such case, a security breach in connection with a single secured resource may jeopardize the security of all other secured resources.
- Giving the fundamentally flawed state of the art with respect to password type protection, it is therefore the overriding object of the present invention to improve over the prior art by providing a system by which authentication may be more securely conducted. Additionally, it is an object of the present invention to provide such a system that is robust in specific implementation and readily usable by any manner of person, entity, device or the like. Finally, it is an object of the present invention to provide such a system that is economical in implementation and therefore readily accessible to virtually any application.
- In accordance with the foregoing objects, the present invention—an authentication system for authenticating the identity of a requester of access to a secured resource—generally comprises a means for receiving from a requester purporting to be an authorized user of a secured resource a request for access to the secured resource; means for generating and communicating to the purported authorized user a challenge string adapted to provide a basis for authenticating the identity of the requester; a means for receiving a response string corresponding to the challenge string; and a means for evaluating the response string to authenticate the identity of the requester.
- In at least some implementations of the present invention, the authentication system further comprises a means for evaluating the response string to determine whether as a result of passage of time the response string should be deemed to be invalid regardless of content.
- In at least some implementations of the present invention, the authentication system further comprises a means for establishing a test adapted to detect the existence of a spoofing type deception and in at least some embodiments of these implementations the test may also be adapted to at least in part authenticate the identity of the requester.
- Finally, many other features, objects and advantages of the present invention will be apparent to those of ordinary skill in the relevant arts, especially in light of the foregoing discussions and the following drawings, exemplary detailed description and appended claims.
- Although the scope of the present invention is much broader than any particular embodiment, a detailed description of the preferred embodiment follows together with illustrative figures, wherein like reference numerals refer to like components, and wherein:
-
FIG. 1 shows, in an overview use case diagram, the various basic functionality implemented in the preferred embodiment of the authentication system and method of the present invention; -
FIG. 2 shows, in a flowchart, an overview of the various steps generally taken in making a request for access to a secured resource in accordance with the present invention; -
FIG. 3 shows, in a flowchart, an overview of the various steps generally taken in validating the purported access right of a user requesting access to a secured resource in accordance with the present invention; -
FIG. 4 shows, in an overview sequence diagram, various interactions as generally take place during the operation of the authentication system and method of the present invention; -
FIG. 5 shows, in a deployment diagram, an exemplary hardware and software implementation of the authentication system and method of the present invention; -
FIG. 6 shows, in a deployment diagram, various details of a representative web interface implementation of a user interface for use in connection with the exemplary hardware and software implementation ofFIG. 5 ; -
FIG. 7 shows, in an elevational representation, various details of a representative terminal device interface implementation of a user interface for use in connection with the exemplary hardware and software implementation ofFIG. 5 such as may, in particular, be provided in connection with a service client implementing functionality of the present invention; -
FIG. 8 shows, in a class diagram, a high level schema for a representative user database as may be implemented in connection with the exemplary hardware and software implementation ofFIG. 5 ; -
FIG. 9 shows, in a class diagram, a high level schema for a representative transaction database as may be implemented in connection with the exemplary hardware and software implementation ofFIG. 5 ; -
FIG. 10 shows, in a screen representation of a web browsing application, a first exemplary implementation of an order completion page from a website showing, in particular, various details of the manner for making in accordance with the present invention a request for access to a secured resource; -
FIG. 11 shows, in a top plan representation of a mobile telecommunications device screen, a first example of a challenge message such as may be implemented in accordance with the present invention; -
FIG. 12 shows, in a top plan representation of a mobile telecommunications device screen, a second example of a challenge message such as may be implemented in accordance with the present invention showing, in particular, extended functionality for use in detecting a spoofing type deception; -
FIG. 13 shows, in a top plan representation of a mobile telecommunications device screen, a third example of a challenge message such as may be implemented in accordance with the present invention showing, in particular, extended functionality for accommodating constraints imposed by the available means for submitting of an authentication credential for purposes of validating the purported access right of a user requesting access to a secured resource in accordance with the present invention; -
FIG. 14 shows, in a screen representation of a web browsing application, a first exemplary implementation of a payment confirmation page from a website showing, in particular, various details of the manner for submitting of an authentication credential for purposes of validating the purported access right of a user requesting access to a secured resource in accordance with the present invention; -
FIG. 15 shows, in a screen representation of a web browsing application, a second exemplary implementation of a payment confirmation page from a website showing, in particular, various details of the manner for submitting of an authentication credential for purposes of validating the purported access right of a user requesting access to a secured resource in accordance with the present invention; -
FIG. 16 shows, in a screen representation of a web browsing application, an exemplary implementation of a preliminary payment confirmation page from a website showing, in particular, various details of at least one method for accessing a further payment confirmation page; -
FIG. 17 shows, in a screen representation of a web browsing application, a third exemplary implementation of a payment confirmation page from a website showing, in particular, various details of a first implementation of extended functionality for use in detecting a spoofing type deception; -
FIG. 18 shows, in a screen representation of a web browsing application, the implementation of the payment confirmation page ofFIG. 17 showing, in particular, various additional details of the implemented extended functionality for use in detecting a spoofing type deception; and -
FIG. 19 shows, in a screen representation of a web browsing application, a fourth exemplary implementation of a payment confirmation page from a website showing, in particular, various details of second implementation of extended functionality for use in detecting a spoofing type deception. - Although those of ordinary skill in the art will readily recognize many alternative embodiments, especially in light of the illustrations provided herein, this detailed description is exemplary of the preferred embodiment of the present invention, the scope of which is limited only by the claims appended hereto.
- Referring now to the figures, and to
FIG. 1 in particular, theauthentication system 30 of the present invention is shown to generally comprise an operative combination of a plurality of service provider implementeduse cases 32. In particular, theservice provider 36 of the present invention will generally provide for an end user actor 34 ameans 38 for requesting access to a secured resource and, additionally, ameans 37 for submitting an authentication credential for use in validating the purported access right of theend user actor 34. - Additionally, as also particularly shown in
FIG. 1 , theservice provider 36 of the present invention will generally provide responsive to submission by anend user actor 34 of a request for access to a secured resource ameans 39 for generating and sending to an end user actor 34 achallenge message 94 designed to enable only the intendedend user actor 34 to determine the content of a transient authentication credential. Still further, theservice provider 36 of the present invention will generally provide responsive to submission by anend user actor 34 of an authentication credential ameans 41 for validating the authentication credential. - In an extension of the present invention particularly useful in implementations comprising an Internet website-based or
other user interface 105 generally susceptible to spoofing type deceptions, theservice provider 36 may in combination with themeans 37 for submitting an authentication credential also be adapted to provide for the end user actor 34 ameans 35 for detecting the existence of a spoofing type deception. In implementation of such an extension of the present invention, theservice provider 36 may in combination with themeans 39 for generating and sending to an end user actor 34 achallenge message 94 also be adapted to provide ameans 82 for generating content for use in the means for detecting the existence of a spoofing type deception and to provide such content to theend user actor 34. - Finally, it is noted that
time 44 as an actor may be accommodated as desired in any particular implementation wherein theservice provider 36 is also provided withmeans 45 responsive to the passage of time for revoking or otherwise invalidating an authentication credential such that an authentication credential otherwise correctly determined by anend user actor 34 in response to a service provider generatedchallenge message 94 may as a result of the passage of time be deemed to be incorrect, thereby resulting in a validation failure upon application of themeans 45 for validating the authentication credential. - Referring now then to
FIGS. 2 through 4 in particular, theauthentication method 46 of the present invention as operative upon the describedauthentication system 30 is shown to generally comprise various series of interactions, as broadly set out inFIG. 4 , wherein the interactions may be generally categorized assteps 47 implicated in requesting access to a secured resource, as broadly set out inFIG. 2 , andsteps 48 implicated in validating the purported access right of the user requesting access to the secured resource, as broadly set out inFIG. 3 . - As particularly shown in
FIGS. 2 and 4 , theauthentication method 46 of the present invention generally begins with anend user 34 submitting or otherwise making through anaccess controller 51, firewall or like access control point a request for access to a secured resource, which end user submitted request is then forwarded by theaccess controller 51 to anauthenticator 52. Although generally considered to be an optional feature of the present invention, it is noted that prior to forwarding the end user submitted request to theauthenticator 52 theaccess controller 51 may, if desired, first determine whether theend user 34 making the request is authorized or otherwise permitted to make such use of theauthentication system 30. If in an implementation of this feature it is determined that theend user 34 is not authorized or otherwise permitted to make the attempted use of theauthentication system 30 the instigatedprocess 47 will generally terminate whereas if it is determined that theend user 34 is authorized or otherwise permitted to make the attempted use of theauthentication system 30 theprocess 47 will generally continue. - In any case, once an end user submitted request is forwarded by the
access controller 51 to theauthenticator 52 the remaining processing of the request is conducted by theauthenticator 52. In particular, it is noted that in an important aspect of the present invention theauthenticator 52 must be able to evaluate the end user submitted request to determine the specific identity of the resource for which the request is made. To this end, as will be better understood further herein, the forwarded request preferably comprises at least the common identifier for the resource. In any case, if the available information is insufficient for theauthenticator 52 to positively determine the identity of the resource for which theend user 34 has requested access theprocess 47 will generally terminate whereas if the available information is sufficient for theauthenticator 52 to positively determine the identity of the resource for which theend user 34 has requested access theprocess 47 will generally continue. - In the final steps for processing 47 an end user submitted request for access to a secured resource, the
authenticator 52 generates achallenge message 94 designed to enable only an authorizedend user 34 to determine the content of a transient authentication credential and, thereafter, issues thechallenge message 94 to theend user 34. In connection with the step of generating thechallenge message 94, however, and as a predicate to the step of issuing thechallenge message 94, anauthenticator 52 implemented as part of anauthentication system 30 that also comprises ameans 35 for detecting the existence of a spoofing type deception must be adapted to determine whether under the circumstances of the particular in process request for access to a secured resource such ameans 35 for detecting the existence of a spoofing type deception should be deployed. If in such an implementation it is determined that no test for detecting the existence of a spoofing type deception need be established thechallenge message 94 is issued without more whereas if it is determined that a test for detecting the existence of a spoofing type deception should be deployed theauthenticator 52 will establish the parameters of an appropriate test and include the established parameters in connection with or as part of the issued challenge. - With the
challenge message 94 issued by theservice provider 36 to theend user 34, theend user 34 then formulates a response to the challenge based upon information generally known only to theend user 34 and theauthenticator 52. Once theend user 34 has formulated a response to the challenge, and assuming that theend user 34 desires to continue the in-process transaction, theend user 34 will submit the formulated response to theaccess controller 51 as an authentication credential. - Referring now then to
FIGS. 3 and 4 in particular,validation 48 of the purported access right of the user requesting access to a secured resource is shown to generally begin with the submission by theend user 34 through theaccess controller 51 of an authentication credential to be forwarded by theaccess controller 51 to theauthenticator 52, which authentication credential has been previously formulated by theend user 34 in response to issuance by theauthenticator 52 of achallenge message 94. As shown inFIG. 3 , however, in an implementation of anauthentication system 30 that comprises ameans 35 for detecting the existence of a spoofing type deception, theaccess controller 51 will prior to allowing submission by theend user 34 of an authentication credential first determine whether under the circumstances of the particular request in process for access to a secured resource such ameans 35 for detecting the existence of a spoofing type deception should be deployed. If in such an implementation it is determined by theaccess controller 51 that no test for detecting the existence of a spoofing type deception need be established theend user 34 is allowed by theaccess controller 51 to submit the authentication credential without more whereas if it is determined by theaccess controller 51 that a test for detecting the existence of a spoofing type deception should be deployed theaccess controller 51 will present to theend user 34 an appropriate test for detecting the existence of a spoofing type deception, wherein the presented test is constructed by theaccess controller 51 using the test parameters as previously established and provided by theauthenticator 52. - In any case, upon successful forwarding by the
access controller 51 to theauthenticator 52 of the end user submitted authentication credential, theauthenticator 52 proceeds to validate the responsive authentication credential by comparing the authentication credential against a key string. As will be appreciated by those of ordinary skill in the art in light of this exemplary description, the key string will prior to or at the time of validation be determined by theauthenticator 52 utilizing knowledge of the previously discussed information generally known only to theend user 34 and theauthenticator 52 to formulate the key string as the known correct response to at least a portion of the previously issued challenge message 94 (the “primary challenge”). In addition to comparison of the authentication credential to a known key string, however, it is noted that in anauthentication system 30 utilizingtime 44 as an actor in order to provide a timeout for the validity of anoutstanding challenge message 94, theauthenticator 52 will be programmed or otherwise adapted to determine as part of the validation step whether as a result of the passage of time the authentication credential should be deemed to be incorrect. In any case, if the authentication credential is found or otherwise deemed to be incorrect, theauthenticator 52 will report the incorrect finding to theaccess controller 51 and theend user 34 will be blocked by theaccess controller 51 from access to the requested secured resource. If, on the other hand, the authentication credential is found to be correct theauthenticator 52 will report the correct finding to theaccess controller 51 and theaccess controller 51 will provide the requested access to theend user 34. - With the foregoing broad overview of the general structure and function of the
authentication system 30 of the present invention in mind, it is now noted that in accordance with the present invention anend user 34 may comprise any person or machine requiring, in connection with some other use, access or other relationship with aservice provider 36, access to a secured resource for which theservice provider 36 controls access. By way of simple example, the resource may comprise password protected information (a secured resource) maintained in a computer system under the control of theservice provider 36 and to which ahuman end user 34 desires access. In a critical aspect of all implementations of the present invention, however, the actual password or other information known by theend user 34 and theservice provider 36 and through which theauthenticator 52 is capable of authenticating the access right of theend user 34 is strictly prohibited from submission through theuser interface 105 in connection with the making of a request or submission of an authentication credential. - With this in mind, the
end user 34 may, for example and without limitation, be a patient wishing to access medical information (a secured resource) held by a caregiver or an insurance carrier (a service provider 36); or may be the holder of a credit card account, banking account, automated teller machine (“ATM”) card and/or card or the like (a secured resource) wishing to authorize a credit card processor, financial institution or the like to complete a transaction; or may be a credit applicant or other holder of an information product wishing to access a credit score or other information (a secured resource) maintained by a credit bureau or other information provider (a service provider 36); or may be the holder of an on-line service account protected by a password (a secured resource) and wherein the on-line account is under the control of theservice provider 36. - In any case, in order to better describe the critical and other aspects of the present invention reference is now made to the deployment diagram of
FIG. 5 , wherein there is shown the various elements of an exemplary hardware and software based implementation of anauthentication system 30 constructed in accordance with the teachings of the present invention. Before continuing, however, it is noted that while the implementation depicted inFIG. 5 is exemplary of theauthentication system 30 of the present invention, it is in no manner meant to be all encompassing or otherwise limiting of the wide range of implementations as are possible. In addition, it is noted that while some elements are inFIG. 5 shown to comprise hardware and others software, virtually any element could be implemented in either hardware or software or any combination thereof. Still further, it is noted that while for clarity of discussion various hardware elements are segregated between different machines and various software elements are segregated into various components, no such segregation should be deemed as required unless specifically stated herein and further or differing division into various particular components, modules, classes, objects or the like should be taken as within the scope of the present invention as limited only by the claims appended hereto. Finally, to the extent that any structural (including software) element is stated as being adapted to perform some function, such language is to be taken as a positive structural limitation imposed upon the referenced element whereby the element is required to be actually adapted, programmed, configured or otherwise provided with the actual capability for performing the specified function. In no case shall such language be taken as merely a statement of intended use or the like, but to the contrary such language shall be in every case taken to read on all structures of the referenced element that are in any manner actually in the present tense configured to perform the specified function (as opposed to being merely capable of adaption for the conduct of the specified function). - Turning then to
FIG. 5 , a service provider 36 (such as, for example, may comprise a specialized provider of the authentication services of the present invention; a provider of other products or services having need of authentication services, such as, for example, a credit card processor or financial institution or an alarm monitoring company; a retail store, service station, on-line service provider or merchandiser or other business; a healthcare or medical insurance provider; an automated teller machine provider; or the like) has associated therewith one ormore application servers 50 ordatabase servers 98 upon which may be hosted software functionality necessary to operation within the framework of the present invention in addition to the unrelated operations of theservice provider 36. In particular, anapplication server 50 may host anaccess controller 51, firewall or other access control point to process and/or otherwise handle requests and submissions from anend user 34 as well as to produce output for theend user 34 as may be necessary in the operation of the present invention. Additionally, theapplication server 50 may host an authenticator 52 adapted to handle or otherwise control all aspects of the authentication process within the realm of responsibility of theauthentication system 30, including receiving authentication requests, storing and/or retrieving data pertinent to the processing of such requests, directing the generation and sending ofchallenge messages 94, and directing the validation of authentication credentials submitted in response to challengemessages 94 and actions taken based upon the results of such validations. In order to improve efficiency, theauthenticator component 52 may comprise one or more further specialized components such as, for example, achallenge manager 53 adapted to facilitate creation and transmission ofchallenge messages 94, arandom sequence generator 54 as may be useful in the highly specialized task of creating random sequences which, as will be better understood further herein, are an integral feature of the present invention, and avalidation tool 55 adapted to conduct the specialized task of comparing received authentication credentials with known key strings. Additionally, theapplication server 50 may also host anadministration tool 56 through which various aspects of the setup, maintenance and operation of the hardware and software systems of theauthentication system 30 may be managed. - In order to efficiently manage and handle the large quantity of data that may typically be stored in connection with an implementation of the present invention, one or more
dedicated database servers 98 hostingdatabase management systems 57 are generally desired. As shown inFIG. 5 , a typicaldatabase management system 57 may include auser database 58 for storing a wide variety of generally user centric data as may be required in the operation of the present invention, atransaction database 59 for storing data generally associated with the conduct of individual transactions and animage database 107, which, as will be better understood further herein, is particularly adapted for storing data associated with implementation of themeans 35 for detecting the existence of a spoofing type deception. Although those of ordinary skill in the art will recognize that virtually unlimited alternatives are possible,FIG. 8 shows a very high level but generally representative schema for auser database 58 andFIG. 9 shows a very high level but also generally representative schema for atransaction database 59, each of which will be described in greater detail further herein in connection with an exemplary description of the conduct of a typical transaction. - Additionally, a preferably unified
messaging gateway 60 is provided for use in issuingchallenge messages 94 through various communication channels to endusers 34. As will be appreciated by those of ordinary skill in the art, such aunified messaging gateway 60 may be utilized to transmit a generatedchallenge message 94 in any of a plurality of message formats (such as, for example, as a short messaging service (“SMS”) message, a standard text message, an electronic mail message, a synthesized voice message, an alphanumeric page or the like) over any of a plurality of communication channels (such as, for example, an SMS or other text channel, a simple mail transport protocol (“SMTP”) channel, a plain old telephone system (“POTS”) channel, a paging network or private broadcast channel or the like) to be received by any of a plurality of user devices (such as, for example, a mobile or landline telephone, a smart phone, an electronic mail client, a personal data assistant (“PDA”), a numeric or digital pager or the like). Still further, auser interface 105 is provided and adapted to provide input from all manner ofusers 62, including administrative users andend users 34, to the hardware and/or software systems of theservice provider 36 and to provide output from these systems to thevarious users 62. As will be appreciated by those of ordinary skill in the art, theuser interface 105 enables thevarious users 62 to maintain and/or otherwise manage the data stored in theuser database 58 as may be appropriate as well as to generally manage and maintain the implementedauthentication system 30 in addition to providing, in accordance with the present invention, a point of access for theend user 34. - As exemplified by
FIGS. 6 and 7 , theuser interface 105 may take a wide variety of forms depending upon the circumstances of any particular implementation. For example, as shown inFIG. 6 , a typical user interface may be implemented as aweb interface 63 wherein there may be provided apage processor 64 hosted on anappropriate execution environment 65 installed on adedicated web server 66 inInternet communication 67 with auser device 68, such as, for example, a personal computer, a smart phone, othermobile device 78 or the like, and on which is installed and/or hosted a web browser running 69 in a providedexecution environment 70. On the other hand, as shown inFIG. 7 , auser interface 105 may comprise a more dedicated and integrated arrangement such as the depicted point-of-sale (“POS”), fueling station or automated teller machine (“ATM”)terminal device 73 comprising as input modalities akeypad 95 and a card reader and comprising as an output modality a visual display such as the depictedscreen 77. Additionally, those of ordinary skill in the art will recognize that in addition to the depicted implementations, theuser interface 105 may comprise a network interface such as may be utilized by a customer service representative (considered herein as anend user 34 acting through the representative), a telephone auto attendant, which may implement a DTMF decoder, speech recognition engine, TDD/TTY decoder or the like; or virtually any other combination of input modalities (including barcode readers or scanners, keyboards, keypads, card and/or magnetic stripe readers, pointing devices, microphones and the like) and output modalities (including visual displays such as computer or other device monitors or screens, audio output devices such as headphones or other speakers, tactile output devices such as may be adapted for the visually impaired and the like). - Continuing then with the example generally described with respect to
FIG. 5 , further details of the implementation are now described by way of the following detailed description of a possible use of the implementation for conducting a retail purchase transaction, which, for purposes of this present example, shall be taken as completion of a purchase at an on-line retailer (the service provider 36) by a consumer (the end user 34) having available for payment a merchant or store credit card (secured resource) for which a Card Verification (“CV”) or like code must be provided as a condition precedent to authorization of a credit card charge. To complete the transaction, the consumer will indicate a desire to make a credit card payment to the on-line retailer by using aweb browser 69 to submit a request through anaccess controller 51 which will then forward the consumer's request (which will generally include the credit card number) to theauthenticator 52 for determination of whether the identified credit card is a valid secured resource connected with theauthentication system 30, for authentication of the consumer's right of access to the identified credit card and for completing the payment transaction. In accordance with a critical aspect of the present invention, however, the CV or like code required under the present example for authorization of the transaction must not be provided through the user interface 105 (in this case, a web interface 63). - To begin the process, then, the consumer (end user 34) will use his or her
web browser 69 to first navigate to the uniform resource locator (“URL”) of anorder completion webpage 75 for the on-line retailer (service provider 36). As is otherwise conventional, the consumer'sweb browser 69 will send a page request to the on-line retailer'sweb server 66 where a hostedpage processor 64 will create and send back to the consumer'sweb browser 69 the requested “order completion”webpage 75, making use, if required, of the on-line retailer'sdatabase management system 57 to retrieve stored information pertaining to the consumer, the transaction or the like. As shown inFIG. 10 , the requestedpage 75 may simply comprise a simple form through which the consumer may input information indicative of the nature of the consumer's request for access to a secured resource. In this case, the consumer enters the credit card number (the common identifier for the secured resource) for the merchant or store credit card for which he or she requests use (access) and then selects the depicted “pay now” button. With the data entered as shown, the consumer'sweb browser 69 submits the data to the on-line retailer'sweb server 66 where the hostedpage processor 64 may validate the form data for technical completeness and accurate formatting. Assuming that the submitted data is technically correct or is subsequently made technically correct, thepage processor 64 submits the consumer's request to theaccess controller 51 hosted on the on-line retailer'sapplication server 50. - At this point, in an optional feature of the present invention, the on-line retailer may choose to verify that the tentatively identified consumer presenting the credit card is permitted to make use of the on-line retailer's services for the requested purposes. For example, it may be that the on-line retailer requires registration prior to use of the
authentication system 30 andmethod 46 of the present invention which, it is noted, may be utilized in a completely anonymous fashion to conduct extraordinarily secure financial and other transactions. If so, theaccess controller 51 may access the user table 85 of theuser database 58 or any other accessible data store to determine that the tentatively identified consumer is avalid end user 34. - In any case, the
access controller 51 will generally continue by creating a transaction reference for the transaction and assembling any other necessary parameters, such as payment amount. As will be appreciated by those of ordinary skill in the art, under many circumstances aservice provider 36 will have available all or virtually all information necessary for submitting (on behalf of an end user 34) a request for access to a secured resource without need for theend user 34 to enter additional data. For example, in a case where the consumer is otherwise “logged in” to the on-line retailer's website and the on-line retailer has previously stored the consumer's credit card number the consumer need only indicate that he or she wishes to “pay now” in order to make complete use of the facilities of the present invention. - In any case, once assembled, the consumer's request is forwarded by the
access controller 51 to theauthenticator 52 which will generally first undertake to determine whether the credit card for which theend user 34 has requested access is recognized at theservice provider 36. To this end, theauthenticator 52 may access theuser database 58, as generally shown inFIG. 8 , to determine whether the provided credit card number can be located in the resource table 88 of theuser database 58. If not, theauthentication process 46 may be terminated with or without notice to theend user 34 or an appropriately updatedwebpage 75 may be generated to prompt theend user 34 for correction of the unrecognized identifying information and resubmission of the request. If, on the other hand, the provided credit card number is recognized theauthenticator 52 will proceed to establish a new transaction record in the transaction table 86 of thetransaction database 59, as generally shown inFIG. 9 . As will be appreciated by those of ordinary skill in the art, the previously created transaction reference may be used as the TRANSACTION_ID for the newly created record or, if no transaction reference was previously created the TRANSACTION_ID now created for the new transaction record may be considered the transaction reference for the transaction. In any case, transaction parameter records may then be created in the transaction parameter table 87 of thetransaction database 59 in order to collect and store information pertinent to the continued processing of the transaction such as, for example, the unique RESOURCE_ID by which the identified credit card is known in theuser database 58, the amount of the requested payment or the like. Still further, the unique USER_ID by which the tentatively identified consumer is known in theuser database 58, as may be determined (if not provided as part of the forwarded request) with reference through the resource use table 99 to the user table 85 of theuser database 58, should also be stored in the transaction parameter table 87 of thetransaction database 59. - With the
end user 34 and the resource for which theend user 34 requests access both identified and logged to thetransaction database 59, theauthenticator 52 next undertakes to direct the generation of anappropriate challenge message 94, the response to which may be used to positively authenticate the identity of the presently tentatively identifiedend user 34. In order to best understand the challenge and response protocols of the present invention, however, it is instructive to expressly define a number of terms. To that end, a “string” shall for purposes of the present invention be expressly defined to mean “an ordered sequence of any subset of symbols selected from a set of symbols wherein each symbol forming the set may be represented in both a format that may be perceived by anend user 34 and a format that may be recognized by software or hardware,” e.g. the set of all alphabetic and numeric characters in the English language, each of which, of course, may be presented in written or audible form for perception by anend user 34 and also may be encoded as binary data for recognition by software or hardware. A “null character” shall for purposes of the present invention be expressly defined as “a specially designated symbol intended to indicate the absence from a sequence of a single symbol,” e.g. a box with an X character, as shown in the drawings forming a part of this specification, any symbol (such as a particular number, particular letter, an asterisk, an underscore or the like) designated at implementation to be defined as being a null character or a blank space. “Random” as applied to the characterization of a string shall for purposes of the present invention be expressly defined to mean that the symbols of the string are arranged in an order that is not readily predictable. - In accordance then with the
authentication system 30 andmethod 46 of the present invention, the primary challenge is generated to include a random string comprising a plurality of symbols wherein at least one of the symbols of the string is a null character, such a random string being referred to herein as achallenge string 49. Additionally, each end user 34 (and, if desired, any administrative user) will have stored in the user table 85 of the user database 58 a private string, which is a user selected or assigned (depending on implementation preferences) string comprising symbols of the same set as used for generating thechallenge string 49 but most preferably excluding use of the null character. A private string is generally only known to the user with which it is associated and theservice provider 36 and, in a critical aspect of the present invention, a private string is never required to be openly passed through theuser interface 105. In any case, as will be better understood further herein, a user will formulate a response to achallenge string 49 by using the symbols of the user's private string to replace the null character or characters of thechallenge string 49 to formulate a response string. In this manner, the response string may be passed through theuser interface 105 without risk of interception of the private string and, accordingly, a system of readily established single use “passwords” is presented. Additionally, as also will be better understood further herein, theauthentication system 30 andmethod 46 of the present invention may be implemented such that the protocol for creating a response string from achallenge string 49 is standardized in advance or, in the alternative,instructions 93 may be provided with thechallenge message 94 or inferred from the manner of delivery of the challenge or circumstances of the use. For example, the user may be directed to formulate the response string using only numbers of the private string or may assume that only numbers should be used when entering the response string into alimited keypad 95 such as depicted inFIG. 7 . Further,instructions 93 may be given to use every second or third symbol of the private string, to begin with a certain symbol of the private string, to take symbols from the private string in reverse order, or any combination of these andsimilar instructions 93. Still further, the user may be instructed as standard procedure or bychallenge message 94 to repeat usage of certain symbols of the private string or the entire private string in order to respond to achallenge string 49 with more null characters than symbols available in the user's private string and/or simply as a matter of choice by theservice provider 36. - Returning then to the example use of the
authentication system 30 of the present invention it is noted that in the most preferred embodiment of the present invention prior to directing the generation of achallenge message 94 theauthenticator 52 evaluates all available information that may impact the ability of anend user 34 to readily receive aparticular challenge message 94 and/or to readily respond to aparticular challenge message 94 and, additionally, determines whether any special security requirements may exist for access to the particular resource. In particular, theauthenticator 52 will preferably obtain from the channel table 111 of theuser database 58 channel data indicating the type of communication channel that will be utilized to transmit thechallenge message 94. Additionally, the user attribute table 92 of theuser database 58 may indicate whether theend user 34 suffers any disability that would impact the manner of response and/or the resource attribute table 89 of theuser database 58 may indicate any special resource dictated security requirements, such as minimum length or desired complexity for a response string. Additionally, theauthenticator 52 may also consider any limitations of theuser interface 105, such as being limited to entry of numeric characters only. In any case, theauthenticator 52 will determine the characteristics that should be exhibited by thechallenge string 49, including the manner of issuance, and will then instruct thechallenge manager 53 to initiate issuance of achallenge message 94. - At this point it is noted that in accordance with an extension of the present invention, the primary challenge (comprising the
challenge string 49 and any necessary response instructions 93) may be supplemented with the provision of a test designed to detect the existence of a spoofing type deception. In particular, the present invention contemplates the use of a dynamically selectedimage 112 for the conduct of this test. Although the particular conduct of this test will be described in greater detail further herein, it should at this time be noted that in an implementation wherein such a test will be required thechallenge manager 53 will generally at this point in the process obtain from theimage database 107 image data identifying the selectedimage 112 and its location on a fileserver and will store the obtained image data in the image table 113 of thetransaction database 59. In any case, thechallenge manager 53 will continue to by obtaining from the random sequence generator 54 achallenge string 49 generated to meet the requirements established and communicated by theauthenticator 52. With thechallenge string 49 generated and any image data obtained, thechallenge manager 53 will proceed to construct thechallenge message 94 which will at least comprise thechallenge string 49, anyspecial response instructions 93 and a copy of the image file if required. With thechallenge message 94 assembled, thechallenge manager 53 queues thechallenge message 94 by providing themessaging gateway 60 with thechallenge message 94, the type of communication channel to be utilized and the CHANNEL_ID for the channel. For example, if thechallenge message 94 is to be sent bySMS text message 79, thechallenge manager 53 will inform themessaging gateway 60 that thechallenge message 94 is to be transmitted bySMS text message 79 and will provide themessaging gateway 60 with a telephone number for a SMS text capable user device. - At this juncture it is noted that it is considered critical to the present invention that the
challenge message 94 be transmitted through a discrete channel, which is herein defined as being a communication channel not readily identifiable by information submitted by anend user 34 in making a request for access to a secured resource. For example, if theend user 34 chooses to utilize his or her electronic mail address as a user or resource identification, the schema for theuser database 58 and/or theauthenticator 52 should ensure that thechallenge message 94 is not transmitted by electronic mail to the same electronic mail address. Likewise, anend user 34 requesting access to a secured resource using his or her mobile telephone number as an identifier will not be able to receive achallenge message 94 by SMS orstandard text message 79 or synthesized voice call to the same mobile telephone number. That said, however, it is noted that the schema as depicted inFIG. 8 contemplates that a single user may have more than one possible message channels assigned. As a result, a channel may be discrete for some requests, but not for others depending upon the information provided by theend user 34 in making a particular request. - Referring to
FIG. 11 in particular, there is shown a typicalsimple challenge message 94 as may be transmitted to anend user 34 through an SMS text enable smart phone or likemobile device 78. Following with the presented example, it is noted that in an optional but useful feature of the present invention thechallenge message 94 may also include information helpful to the consumer in making a response. For example, thechallenge message 94 depicted inFIG. 13 includes the name of the on-line service provider, the purchase amount for which the user requests access to his or her secured resource and also the client reference used by the on-line service provider. - Finally, the
authenticator 52 obtains the consumer's private string from the user table 85 of theuser database 58, as shown inFIG. 8 , and then submits the challenge string 49 (along with any special instructions 93) and the private string to thevalidation tool 55, which in turn determines the correct response string. The determined correct response string is then assigned as the key string for the transaction and stored in the key string table 97 of thetransaction database 59. At this time, a timestamp may also be entered into the transaction table 86 of thetransaction database 59 in order to provide a reference by which may be calculated a timeout event for the validity of the key string (response string submitted as an authentication credential). - Before turning the example to detailed discussion of the
steps 48 implicated in validating the purported access right of the user requesting access to the secured resource, however, attention is directed toFIGS. 12 and 13 , each of which depict some variation ofpossible challenge messages 94 and/or additional detail regarding the presentation to the consumer of animage 112 for use in detecting a possible spoofing type deception. InFIG. 12 , in particular, animage 112 is shown as being presented with thechallenge string 49 as part of thechallenge message 94. As indicated by the example instruction text included with or as part of thechallenge message 94, the consumer is directed to look for a corresponding image to be displayed on the website of the on-line retail store and to not enter a response string unless the correct image is observed.FIG. 13 , on the other hand, shows in particular one simple example of the many previously discussed possibilities for providingspecial instructions 93 in connection with the issuance of achallenge message 94. In the depicted case, the consumer is directed to respond to thechallenge string 49 using only numbers from his or her private string. As will be appreciated by those of ordinary skill in the art, thisinstruction 93 will be particularly beneficial when it is known that the consumer will be forced to enter the response string through a limited input modality such as, for example, thesimple keypad 95 depicted inFIG. 7 . - Turning the example now to detailed discussion of the steps implicated in validating the purported access right of the user requesting access to the secured resource, it is first noted that an
end user 34 of the present invention will necessarily formulate a response string corresponding to achallenge string 49 outside of the hardware and/or software provided as part of theauthentication system 30 of the present invention. That said, the validation steps begin with the consumer using his or herweb browser 69 to first navigate to the uniform resource locator (“URL”) of apayment confirmation webpage 75 for the on-line retailer (the service provider 36). As is otherwise conventional, the consumer'sweb browser 69 will send a page request to the on-line retailer'sweb server 66 where a hostedpage processor 64 will create and send back to the consumer'sweb browser 69 the requested “payment confirmation”webpage 75, making use of the on-line retailer'sdatabase management system 57 to retrieve stored information pertaining to the consumer, the transaction or the like. As shown inFIG. 14 , the requestedpage 75 may simply comprise a simple form through which the consumer may input his or her formulated response string and then select the depicted “confirm” button. As will be appreciated by those of ordinary skill in the art, this simple example assumes that the consumer has remained on the website of the on-line retailer such that the transaction reference remains known to thepage processor 64 and also that no test designed to detect the existence of a spoofing type deception will be presented. Similarly, the requestedpage 75 as depicted inFIG. 15 also assumes that no test designed to detect the existence of a spoofing type deception will be presented, but contemplates that the consumer may have left and returned to the website for completion of the purchase transaction. As will be appreciated by those of ordinary skill in the art in light of this exemplary description, the depictions ofFIGS. 14 and 15 may be appropriate for responding to the challenge as depicted inFIG. 11 . For purposes of this continuing example, it shall be assumed that the consumer's private string is 2F46DAH525. As a result, the correct response string for thechallenge string 49 ofFIG. 11 would be 24FA63462B, which would be entered by the consumer. With the response string entered, the consumer'sweb browser 69 submits the data to the on-line retailer'sweb server 66 where the hostedpage processor 64 may validate the form data for technical completeness and accurate formatting. Assuming that the submitted data is technically correct or is subsequently made technically correct, thepage processor 64 submits the consumer's response string to theaccess controller 51 hosted on the on-line retailer'sapplication server 50. - As shown in
FIG. 16 , however, the requestedpage 75 may comprise a slightly more complex form through which the consumer may be required to enter the transaction reference for the transaction although, as shown inFIG. 16 , the transaction reference data may be pre-populated if the consumer has not left the website. As will be appreciated by those of ordinary skill in the art, this form contemplates that the consumer may want to address a different transaction than presently being handled by thewebpage 75 or that the consumer has left and returned to the website for completion of the purchase transaction. Additionally, this exemplary form contemplates that a test designed to detect the existence of a spoofing type deception may or may not be presented. In any case, once the consumer is satisfied that the desired transaction reference is shown the consumer will then select the depicted “continue” button, whereafter the consumer'sweb browser 69 submits the data to the on-line retailer'sweb server 66 where the hostedpage processor 64 may validate the form data for technical completeness and accurate formatting. Assuming that the submitted data is technically correct or is subsequently made technically correct, thepage processor 64 submits the consumer's response string to theaccess controller 51 hosted on the on-line retailer'sapplication server 50. Once received by theaccess controller 51, the client reference will be utilized to retrieve the stored request data from thetransaction database 59 and theaccess controller 51 will determine whether a test designed to detect the existence of a spoofing type deception should be presented. If not, theaccess controller 51 will so inform thepage processor 64 which, in turn, may then update or otherwise create and send back to the consumer's web browser 69 a “payment confirmation”webpage 75 like that ofFIG. 14 , whereafter the consumer continues as previously discussed. - If, on the other hand, the
access controller 51 determines that a test designed to detect the existence of a spoofing type deception should be presented therequest handler 51 will retrieve from the image table 113 of thetransaction database 59 the previously stored image data associated by the transaction reference with the present transaction. As previously noted, thechallenge manager 53 will have previously sent to the consumer, as part of achallenge message 94, an image file. Rather than utilizing an actually image file at this stage, however, the preferred implementation of the test comprises theaccess controller 51 retrieving the file location for a copy of the image matching the image file transmitted as part of thechallenge message 94 and which file location (external web address) has preferably been made temporary on a publicly accessible fileserver associated with theservice provider 36. Thepage processor 64 will then create apage 75 such as depicted inFIG. 17 , wherein thewebpage 75 presents theimage 112 by linking to the external web address (the temporary file location) at which theimage 112 is hosted. As will be appreciated by those of ordinary skill in the art in light of this exemplary description, the depiction ofFIG. 17 may be appropriate for responding to the challenge as depicted inFIG. 12 . Assuming still that the consumer's private string is 2F46DAH525, the correct response string for thechallenge string 49 ofFIG. 12 would again be 24FA63462B, which would be entered by the consumer. - As previously discussed, the preferred implementation of the test designed to detect the existence of a spoofing type deception comprises providing a web link pointing to a copy of the image file on a fileserver associated with the
service provider 36, which file location may then be made temporary. By making the file location temporary, the file can be removed or restricted and/or replaced with a warning image once accessed through the web link. In this manner, if the consumer has accidently navigated to a spoofed website conducting a man-in-the-middle type deception in particular, the bad actor will in the course of accessing the true on-line retailer's website access the image link. In the unlikely case that the bad actor is able to retrieve and replicate the link for presentation to the consumer, however, theimage 112 will have been removed or replaced by the time that the consumer links to the web address for the image. In this case, as shown inFIG. 18 , the consumer will see the bad actor generated webpage with the prominently displayedwarning image 114. - Finally, as shown in
FIG. 19 , the consumer may be required to actually select oneimage 112 from a plurality ofimages 115 at the same time as he or she is required to enter his or her response string. In such a case, the image selection will be transmitted with the response string and will form a part of the overall response to be evaluated by theauthenticator 52. As will be appreciated by those of ordinary skill in the art, this embodiment serves to ensure that a careless consumer does not fail to carefully check for the requiredimage 112. - In any case, with the response string entered, the consumer's
web browser 69 submits the data to the on-line retailer'sweb server 66 where the hostedpage processor 64 may validate the form data for technical completeness and accurate formatting. Assuming that the submitted data is technically correct or is subsequently made technically correct, thepage processor 64 submits the consumer's response string to theaccess controller 51 hosted on the on-line retailer'sapplication server 50 whereafter the response message is submitted to theauthenticator 52 hosted on the service provider'sapplication server 50. - The
authenticator 52 will then direct thevalidation tool 55 to evaluate the response string based upon the transaction reference for the response message. Thevalidation tool 55 will access the key string table 97 of thetransaction database 59 to retrieve the key string associated with the particular transaction reference and will evaluate the submitted response string against the retrieved key string taking into account, if appropriate for the particular implementation, the passage of time. Additionally, in a case where the selection of a particular image also forms part of the required response in addition to the response string, thevalidation tool 55 will also determine whether the correct image was selected by theend user 34. In any case, thevalidation tool 55 will then report the result of the evaluation to theauthenticator 52. If the evaluation fails, theprocess 48 will terminate and the failure will be reported to theaccess controller 51, which in turn will block theend user 34 from access to the requested secured resource. If, on the other hand, the evaluation passes theauthenticator 52 will report the authenticated status to theaccess controller 51, which in turn will allow the access as requested by theend user 34. - Finally, it is noted that in previously describing the manner in which the
authentication system 30, implemented according to the exemplary example presented, may determine an otherwise unknown unique USER_ID for the consumer from knowledge of the unique RESOURCE_ID for an identified secured resource (the credit card number in the presented example) it was stated that from the resource table 88 (holding the unique RESOURCE_ID for the credit card) the user table 85 (holding the unique USER_ID for the consumer) could be accessed through the resource user table 99. While those of ordinary skill in the art will recognize that the foregoing example use could have been carried out with an implementation omitting the intermediary resource user table 99, provision of the resource user table 99 as join table for the resource table 88 and the user table 85 establishes a many-to-many relationship between the records of the resource table 88 and the user table 85, whereby additional functionality is imparted to theauthentication system 30 andmethod 46 of the present invention. In particular, by allowing a single secured resource to be associated with a plurality ofend users 34, joint or other plural access control may be established for the secured resource. - For example, a parent of child patient presenting for treatment at a medical clinic may provide the child's Social Security Number to the clinic for use by the clinic in requesting access to the child's electronic medical records accessible by either one of two passwords held one each by two parents. In this case, the
authentication system 30 implemented to provide for multiple user association with a single secured resource may simply look up eachparent end user 34 associated with the child's identified medical record (secured resource) and send aseparate challenge message 94 to each, storing the appropriate key strings in separate records of the key string table 97 of thetransaction database 59, each record being connected by TRANSACTION_ID to the single transaction record established in the transaction table 86 of thetransaction database 59 for the request for access to the child's medical record. As will be appreciated by those of ordinary skill in the art, thevalidation tool 55 of theauthentication system 30 will evaluate a received response string against each key string associated with the transaction and will find valid a response string matching either. By way of further example, and without limitation, it should be appreciated, especially in light of this exemplary description, that this aspect of the present invention will have broad application, including for use in authorizing transactions against shared credit card or banking accounts, accessing shared on-line service accounts, deactivating an alarm system or accessing a computer controlled door for a home, business or other facility shared by many occupants or similar applications. Likewise, this aspect of the present invention may also be implemented such that a correct response string must be received from a plurality ofend users 34 in order for theauthentication system 30 andprocess 46 to authenticate a particular request for access to a secured resource. In this manner, “two-person control” and like security protocols may be readily handled within the scope of the present invention. - While the foregoing description is exemplary of the preferred embodiment of the present invention, those of ordinary skill in the relevant arts will recognize the many variations, alterations, modifications, substitutions and the like as are readily possible, especially in light of this description, the accompanying drawings and claims drawn thereto. For example, those of ordinary skill in the art will recognize that a special program logo, such as the exemplary “Secure Payment System Enabled!” logo depicted in various of the figures may be utilized to signal to a
potential end user 34 that system, facility or the like for which theend user 34 desires access has implemented the teachings of the present invention. Likewise, those of ordinary skill in the art will recognize that a special program magnetic card or the like may be implemented in order to enable card swipe type initiation of a request for access. In this case, of course, the magnetic card may be encoded with an identification code for the user including no confidential or sensitive information, but preferably useful only in connection with identifying theend user 34 to anauthentication system 30 implemented in accordance with the teachings of the present invention. In any case, because the scope of the present invention is much broader than any particular embodiment, the foregoing detailed description should not be construed as a limitation of the scope of the present invention, which is limited only by the claims appended hereto.
Claims (4)
1. An authentication system for authenticating the identity of a requester of access to a secured resource, said authentication system comprising:
means for receiving from a requester purporting to be an authorized user of a secured resource a request for access to said secured resource;
means for generating a challenge string, said challenge string being adapted to provide a basis for authenticating the identity of said requester;
means for communicating said challenge string to said authorized user that said requester purports to be;
means for receiving a response string corresponding to said challenge string; and
means for evaluating said response string to authenticate the identity of said requester.
2. The authentication system as recited in claim 1 , wherein said means for evaluating said response string further comprises means for invalidating said response string based upon passage of time.
3. The authentication system as recited in claim 1 , said authentication system further comprising means for establishing a test adapted to detect the existence of a spoofing type deception.
4. The authentication system as recited in claim 3 , wherein said test adapted to detect the existence of a spoofing type deception is further adapted to at least in part authenticate the identity of said requester.
Priority Applications (8)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/279,287 US20130104197A1 (en) | 2011-10-23 | 2011-10-23 | Authentication system |
CA2882887A CA2882887C (en) | 2011-10-23 | 2012-10-11 | Authentication system and method |
PCT/US2012/059724 WO2013062777A1 (en) | 2011-10-23 | 2012-10-11 | Authentication system and method |
US14/260,047 US9584499B2 (en) | 2011-10-23 | 2014-04-23 | Authentication system and method |
IN3339CHN2014 IN2014CN03339A (en) | 2011-10-23 | 2014-05-02 | |
US15/444,564 US10148659B2 (en) | 2011-10-23 | 2017-02-28 | Authentication system and method |
US16/188,632 US10560454B2 (en) | 2011-10-23 | 2018-11-13 | Authentication system and method |
US16/788,120 US20200186530A1 (en) | 2011-10-23 | 2020-02-11 | Authentication System and Method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/279,287 US20130104197A1 (en) | 2011-10-23 | 2011-10-23 | Authentication system |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/279,288 Continuation US20130103544A1 (en) | 2011-10-23 | 2011-10-23 | Authentication system |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2012/059724 Continuation WO2013062777A1 (en) | 2011-10-23 | 2012-10-11 | Authentication system and method |
Publications (1)
Publication Number | Publication Date |
---|---|
US20130104197A1 true US20130104197A1 (en) | 2013-04-25 |
Family
ID=48137074
Family Applications (5)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/279,287 Abandoned US20130104197A1 (en) | 2011-10-23 | 2011-10-23 | Authentication system |
US14/260,047 Active US9584499B2 (en) | 2011-10-23 | 2014-04-23 | Authentication system and method |
US15/444,564 Active US10148659B2 (en) | 2011-10-23 | 2017-02-28 | Authentication system and method |
US16/188,632 Active US10560454B2 (en) | 2011-10-23 | 2018-11-13 | Authentication system and method |
US16/788,120 Pending US20200186530A1 (en) | 2011-10-23 | 2020-02-11 | Authentication System and Method |
Family Applications After (4)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/260,047 Active US9584499B2 (en) | 2011-10-23 | 2014-04-23 | Authentication system and method |
US15/444,564 Active US10148659B2 (en) | 2011-10-23 | 2017-02-28 | Authentication system and method |
US16/188,632 Active US10560454B2 (en) | 2011-10-23 | 2018-11-13 | Authentication system and method |
US16/788,120 Pending US20200186530A1 (en) | 2011-10-23 | 2020-02-11 | Authentication System and Method |
Country Status (1)
Country | Link |
---|---|
US (5) | US20130104197A1 (en) |
Cited By (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140189808A1 (en) * | 2012-12-28 | 2014-07-03 | Lookout, Inc. | Multi-factor authentication and comprehensive login system for client-server networks |
US20150161366A1 (en) * | 2013-12-09 | 2015-06-11 | Mastercard International Incorporated | Methods and systems for leveraging transaction data to dynamically authenticate a user |
WO2015187713A1 (en) * | 2014-06-02 | 2015-12-10 | Antique Books, Inc. | Advanced proof of knowledge authentication |
US9300659B2 (en) | 2014-04-22 | 2016-03-29 | Antique Books, Inc. | Method and system of providing a picture password for relatively smaller displays |
US9323435B2 (en) | 2014-04-22 | 2016-04-26 | Robert H. Thibadeau, SR. | Method and system of providing a picture password for relatively smaller displays |
US9490981B2 (en) | 2014-06-02 | 2016-11-08 | Robert H. Thibadeau, SR. | Antialiasing for picture passwords and other touch displays |
US9497186B2 (en) | 2014-08-11 | 2016-11-15 | Antique Books, Inc. | Methods and systems for securing proofs of knowledge for privacy |
US9686245B2 (en) * | 2014-09-16 | 2017-06-20 | Entersekt International Limited | System and method for secure authentication |
US20170301013A1 (en) * | 2016-04-15 | 2017-10-19 | Adp, Llc | Management of Payroll Lending Within an Enterprise System |
US9813411B2 (en) | 2013-04-05 | 2017-11-07 | Antique Books, Inc. | Method and system of providing a picture password proof of knowledge as a web service |
US20170346756A1 (en) * | 2016-05-27 | 2017-11-30 | Bank Of America Corporation | Communication system for resource usage monitoring |
US20180013747A1 (en) * | 2011-12-09 | 2018-01-11 | Airwatch Llc | Controlling Access to Resources on a Network |
US9928358B2 (en) | 2013-12-09 | 2018-03-27 | Mastercard International Incorporated | Methods and systems for using transaction data to authenticate a user of a computing device |
CN108287855A (en) * | 2017-01-10 | 2018-07-17 | 阿里巴巴集团控股有限公司 | Data identification method and device, interface alternation device based on social worker library |
US20180242379A1 (en) * | 2014-06-24 | 2018-08-23 | Google Llc | Mesh Network Commissioning |
US10097459B2 (en) * | 2016-01-04 | 2018-10-09 | Electronics And Telecommunications Research Institute | Apparatus and method for high-speed data transmission between virtual desktops |
US10104199B2 (en) | 2016-05-27 | 2018-10-16 | Bank Of America Corporation | Three-way communication link for information retrieval and notification |
US10154101B2 (en) | 2016-05-27 | 2018-12-11 | Bank Of America Corporation | System for resource usage monitoring |
US20190057199A1 (en) * | 2017-08-16 | 2019-02-21 | Gemalto Inc | Method for authenticating a user and corresponding user devices, server and system |
US10218697B2 (en) | 2017-06-09 | 2019-02-26 | Lookout, Inc. | Use of device risk evaluation to manage access to services |
US10348816B2 (en) | 2015-10-14 | 2019-07-09 | Adp, Llc | Dynamic proxy server |
WO2020160408A1 (en) * | 2019-02-01 | 2020-08-06 | Byron Burpulis | Engine, system, and method of providing automated risk mitigation |
US10812460B2 (en) | 2018-01-02 | 2020-10-20 | Bank Of America Corporation | Validation system utilizing dynamic authentication |
US11023117B2 (en) * | 2015-01-07 | 2021-06-01 | Byron Burpulis | System and method for monitoring variations in a target web page |
US11157905B2 (en) * | 2015-08-29 | 2021-10-26 | Mastercard International Incorporated | Secure on device cardholder authentication using biometric data |
US11265165B2 (en) | 2015-05-22 | 2022-03-01 | Antique Books, Inc. | Initial provisioning through shared proofs of knowledge and crowdsourced identification |
US11343222B2 (en) | 2015-04-02 | 2022-05-24 | Google Llc | Efficient network stack for wireless application protocols |
Families Citing this family (44)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140108247A1 (en) | 2012-10-17 | 2014-04-17 | Groupon, Inc. | Peer-To-Peer Payment Processing |
US10235692B2 (en) | 2012-10-17 | 2019-03-19 | Groupon, Inc. | Consumer presence based deal offers |
US20140229375A1 (en) * | 2013-02-11 | 2014-08-14 | Groupon, Inc. | Consumer device payment token management |
US9576286B1 (en) | 2013-03-11 | 2017-02-21 | Groupon, Inc. | Consumer device based point-of-sale |
US9852409B2 (en) | 2013-03-11 | 2017-12-26 | Groupon, Inc. | Consumer device based point-of-sale |
FR3023640B1 (en) * | 2014-07-10 | 2016-08-12 | Roam Data Inc | METHOD FOR MANAGING TRANSACTION, SERVER, COMPUTER PROGRAM PRODUCT AND CORRESPONDING STORAGE MEDIUM |
US11507663B2 (en) | 2014-08-11 | 2022-11-22 | Sentinel Labs Israel Ltd. | Method of remediating operations performed by a program and system thereof |
US9710648B2 (en) | 2014-08-11 | 2017-07-18 | Sentinel Labs Israel Ltd. | Method of malware detection and system thereof |
US10997654B1 (en) | 2015-01-15 | 2021-05-04 | Wells Fargo Bank, N.A. | Identity verification services through external entities via application programming interface |
US10990974B1 (en) | 2015-01-15 | 2021-04-27 | Wells Fargo Bank, N.A. | Identity verification services and user information provision via application programming interface |
US10937025B1 (en) | 2015-01-15 | 2021-03-02 | Wells Fargo Bank, N.A. | Payment services via application programming interface |
US10621658B1 (en) | 2015-01-15 | 2020-04-14 | Wells Fargo Bank, N.A. | Identity verification services with identity score through external entities via application programming interface |
US9935931B2 (en) * | 2015-09-28 | 2018-04-03 | Lenovo Enterprise Solutions (Singapore) Pte. Ltd. | Authorizing user access to resource by determining whether other, authorized users have indicated that the user should be permitted access |
US20170289161A1 (en) | 2016-04-05 | 2017-10-05 | Joinesty, Inc. | Apparatus and Method for Automated Email and Password Creation and Curation Across Multiple Websites |
US10284567B2 (en) * | 2016-05-03 | 2019-05-07 | Paypal, Inc. | Targeted authentication queries based on detected user actions |
US11257066B2 (en) | 2016-09-30 | 2022-02-22 | Middleware, Inc. | Automated digital method and system of providing or sharing access |
US10776772B2 (en) | 2016-09-30 | 2020-09-15 | Middleware, Inc. | Automated digital method and system of providing or sharing access |
US11695800B2 (en) | 2016-12-19 | 2023-07-04 | SentinelOne, Inc. | Deceiving attackers accessing network data |
US11616812B2 (en) | 2016-12-19 | 2023-03-28 | Attivo Networks Inc. | Deceiving attackers accessing active directory data |
US10645070B2 (en) | 2017-06-12 | 2020-05-05 | Daniel Maurice Lerner | Securitization of temporal digital communications via authentication and validation for wireless user and access devices |
US10536445B1 (en) | 2017-06-12 | 2020-01-14 | Daniel Maurice Lerner | Discrete blockchain and blockchain communications |
US10171444B1 (en) | 2017-06-12 | 2019-01-01 | Ironclad Encryption Corporation | Securitization of temporal digital communications via authentication and validation for wireless user and access devices |
JP2020530922A (en) | 2017-08-08 | 2020-10-29 | センチネル ラボ, インコーポレイテッドSentinel Labs, Inc. | How to dynamically model and group edge networking endpoints, systems, and devices |
US10509905B2 (en) * | 2017-09-05 | 2019-12-17 | Attivo Networks Inc. | Ransomware mitigation system |
JP7093171B2 (en) * | 2017-11-10 | 2022-06-29 | 株式会社野村総合研究所 | Asset information collection device |
US11106515B1 (en) | 2017-12-28 | 2021-08-31 | Wells Fargo Bank, N.A. | Systems and methods for multi-platform product integration |
US11676126B1 (en) | 2017-12-28 | 2023-06-13 | Wells Fargo Bank, N.A. | Account open interfaces |
US11470115B2 (en) | 2018-02-09 | 2022-10-11 | Attivo Networks, Inc. | Implementing decoys in a network environment |
WO2019195820A1 (en) * | 2018-04-06 | 2019-10-10 | Daniel Maurice Lerner | Securing temporal digital communications via authentication and validation |
US10826935B2 (en) * | 2018-04-24 | 2020-11-03 | International Business Machines Corporation | Phishing detection through secure testing implementation |
US10997302B2 (en) * | 2018-07-03 | 2021-05-04 | Nec Corporation Of America | Private audio-visual feedback for user authentication |
US11392946B2 (en) | 2018-09-04 | 2022-07-19 | Visa International Service Association | Identity authentication systems and methods |
US11379850B1 (en) | 2018-12-10 | 2022-07-05 | Wells Fargo Bank, N.A. | Third-party payment interfaces |
EP3973427A4 (en) | 2019-05-20 | 2023-06-21 | Sentinel Labs Israel Ltd. | Systems and methods for executable code detection, automatic feature extraction and position independent code detection |
US11044246B1 (en) | 2019-06-21 | 2021-06-22 | Wells Fargo Bank, N.A. | Secure communications via third-party systems through frames |
WO2021025989A1 (en) * | 2019-08-02 | 2021-02-11 | Mastercard International Incorporated | System and method to support payment acceptance capability for merchants |
US11277401B1 (en) | 2019-09-26 | 2022-03-15 | Joinesty, Inc. | Data integrity checker |
US11244314B2 (en) * | 2020-04-13 | 2022-02-08 | Paypal, Inc. | Dual controls for processing electronic transactions |
US11579857B2 (en) | 2020-12-16 | 2023-02-14 | Sentinel Labs Israel Ltd. | Systems, methods and devices for device fingerprinting and automatic deployment of software in a computing network using a peer-to-peer approach |
US11924169B1 (en) | 2021-01-29 | 2024-03-05 | Joinesty, Inc. | Configuring a system for selectively obfuscating data transmitted between servers and end-user devices |
US11899782B1 (en) | 2021-07-13 | 2024-02-13 | SentinelOne, Inc. | Preserving DLL hooks |
US11606283B1 (en) * | 2021-11-16 | 2023-03-14 | Micro Focus Llc | Overcoming multi-factor authentication in user interface based automation script |
US20230216680A1 (en) * | 2021-12-30 | 2023-07-06 | Mastercard International Incorporated | Systems and methods for use in implementing self-exclusion preferences |
US20230267444A1 (en) * | 2022-02-18 | 2023-08-24 | Bank Of America Corporation | Proximity-based device pairing system via acoustic communication for secure resource transfer |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8132255B2 (en) * | 2008-06-16 | 2012-03-06 | Intel Corporation | Generating a challenge response image including a recognizable image |
US20120239928A1 (en) * | 2011-03-17 | 2012-09-20 | Neil Judell | Online Security Systems and Methods |
Family Cites Families (40)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5883810A (en) | 1997-09-24 | 1999-03-16 | Microsoft Corporation | Electronic online commerce card with transactionproxy number for online transactions |
US20040260653A1 (en) * | 1999-04-19 | 2004-12-23 | First Data Corporation | Anonymous transactions |
US7908216B1 (en) | 1999-07-22 | 2011-03-15 | Visa International Service Association | Internet payment, authentication and loading system using virtual smart card |
US7953671B2 (en) | 1999-08-31 | 2011-05-31 | American Express Travel Related Services Company, Inc. | Methods and apparatus for conducting electronic transactions |
US8875990B2 (en) | 1999-11-05 | 2014-11-04 | Lead Core Fund, L.L.C. | Systems and methods for allocating a payment authorization request to a payment processor |
US7366703B2 (en) | 2000-01-05 | 2008-04-29 | American Express Travel Related Services Company, Inc. | Smartcard internet authorization system |
US7140036B2 (en) | 2000-03-06 | 2006-11-21 | Cardinalcommerce Corporation | Centralized identity authentication for electronic communication networks |
US6805288B2 (en) * | 2000-05-15 | 2004-10-19 | Larry Routhenstein | Method for generating customer secure card numbers subject to use restrictions by an electronic card |
US20020049681A1 (en) * | 2000-07-20 | 2002-04-25 | International Business Machines Corporation | Secure anonymous verification, generation and/or proof of ownership of electronic receipts |
EP1323140B1 (en) * | 2000-08-28 | 2006-09-06 | Axalto S.A. | Method for providing identification data of a banking card to a user |
US7461028B2 (en) | 2001-11-27 | 2008-12-02 | Pitney Bowes Inc. | Method and system for authorizing use of a transaction card |
US7725404B2 (en) | 2002-02-27 | 2010-05-25 | Imagineer Software, Inc. | Secure electronic commerce using mutating identifiers |
US7707120B2 (en) | 2002-04-17 | 2010-04-27 | Visa International Service Association | Mobile account authentication service |
CA2492715C (en) | 2002-06-12 | 2016-12-06 | Cardinalcommerce Corporation | Universal merchant platform for payment authentication |
US7844717B2 (en) * | 2003-07-18 | 2010-11-30 | Herz Frederick S M | Use of proxy servers and pseudonymous transactions to maintain individual's privacy in the competitive business of maintaining personal history databases |
US7280981B2 (en) | 2002-08-27 | 2007-10-09 | Visa U.S.A. Inc. | Method and system for facilitating payment transactions using access devices |
BR0314158A (en) | 2002-09-10 | 2005-07-12 | Visa Int Service Ass | Method and system for authentication and data provisioning |
US7853984B2 (en) * | 2002-12-11 | 2010-12-14 | Authorize.Net Llc | Methods and systems for authentication |
CA2487787A1 (en) * | 2004-03-16 | 2005-09-16 | Queue Global Information Systems Corp. | System and method for authenticating a user of an account |
US8762283B2 (en) | 2004-05-03 | 2014-06-24 | Visa International Service Association | Multiple party benefit from an online authentication service |
US8996423B2 (en) | 2005-04-19 | 2015-03-31 | Microsoft Corporation | Authentication for a commercial transaction using a mobile module |
US20060235795A1 (en) | 2005-04-19 | 2006-10-19 | Microsoft Corporation | Secure network commercial transactions |
WO2007005997A2 (en) * | 2005-07-06 | 2007-01-11 | Yanchou Han | Method and system for automatically issuing digital merchant based online payment card |
US8396747B2 (en) * | 2005-10-07 | 2013-03-12 | Kemesa Inc. | Identity theft and fraud protection system and method |
US20070101010A1 (en) * | 2005-11-01 | 2007-05-03 | Microsoft Corporation | Human interactive proof with authentication |
US7657489B2 (en) | 2006-01-18 | 2010-02-02 | Mocapay, Inc. | Systems and method for secure wireless payment transactions |
US20100153273A1 (en) * | 2006-02-08 | 2010-06-17 | Imagineer Software, Inc. | Systems for performing transactions at a point-of-sale terminal using mutating identifiers |
US7818264B2 (en) * | 2006-06-19 | 2010-10-19 | Visa U.S.A. Inc. | Track data encryption |
US7552467B2 (en) | 2006-04-24 | 2009-06-23 | Jeffrey Dean Lindsay | Security systems for protecting an asset |
US8302160B2 (en) * | 2006-10-17 | 2012-10-30 | Sap Ag | Propagation of authentication data in an intermediary service component |
US7849014B2 (en) | 2007-08-29 | 2010-12-07 | American Express Travel Related Services Company, Inc. | System and method for facilitating a financial transaction with a dynamically generated identifier |
US8412639B2 (en) * | 2007-11-01 | 2013-04-02 | American Expres Travel Related Services Company, Inc. | System and method for facilitating a secured financial transaction using an alternate shipping address |
US20090164373A1 (en) | 2007-12-21 | 2009-06-25 | Mastercard International, Inc. | System and Method of Preventing Password Theft |
US10008067B2 (en) | 2008-06-16 | 2018-06-26 | Visa U.S.A. Inc. | System and method for authorizing financial transactions with online merchants |
GB2466676A (en) | 2009-01-06 | 2010-07-07 | Visa Europe Ltd | A method of processing payment authorisation requests |
GB2466810A (en) | 2009-01-08 | 2010-07-14 | Visa Europe Ltd | Processing payment authorisation requests |
US20100241571A1 (en) * | 2009-03-20 | 2010-09-23 | Mcdonald Greg | System and method for cardless secure on-line credit card/debit card purchasing |
WO2010119976A1 (en) * | 2009-04-15 | 2010-10-21 | 日本電気株式会社 | Anonymous communication system, anonymous communication method, communication control device, terminal device, and communication control program |
US9105027B2 (en) | 2009-05-15 | 2015-08-11 | Visa International Service Association | Verification of portable consumer device for secure services |
US20130036058A1 (en) | 2011-08-03 | 2013-02-07 | American Express Travel Related Services Company, Inc. | Systems and methods for securely processing transactions |
-
2011
- 2011-10-23 US US13/279,287 patent/US20130104197A1/en not_active Abandoned
-
2014
- 2014-04-23 US US14/260,047 patent/US9584499B2/en active Active
-
2017
- 2017-02-28 US US15/444,564 patent/US10148659B2/en active Active
-
2018
- 2018-11-13 US US16/188,632 patent/US10560454B2/en active Active
-
2020
- 2020-02-11 US US16/788,120 patent/US20200186530A1/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8132255B2 (en) * | 2008-06-16 | 2012-03-06 | Intel Corporation | Generating a challenge response image including a recognizable image |
US20120239928A1 (en) * | 2011-03-17 | 2012-09-20 | Neil Judell | Online Security Systems and Methods |
Cited By (46)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10681028B2 (en) * | 2011-12-09 | 2020-06-09 | Vmware, Inc. | Controlling access to resources on a network |
US20180013747A1 (en) * | 2011-12-09 | 2018-01-11 | Airwatch Llc | Controlling Access to Resources on a Network |
US9374369B2 (en) * | 2012-12-28 | 2016-06-21 | Lookout, Inc. | Multi-factor authentication and comprehensive login system for client-server networks |
US20140189808A1 (en) * | 2012-12-28 | 2014-07-03 | Lookout, Inc. | Multi-factor authentication and comprehensive login system for client-server networks |
US9813411B2 (en) | 2013-04-05 | 2017-11-07 | Antique Books, Inc. | Method and system of providing a picture password proof of knowledge as a web service |
US11676148B2 (en) * | 2013-12-09 | 2023-06-13 | Mastercard International Incorporated | Methods and systems for leveraging transactions to dynamically authenticate a user |
US11068891B2 (en) * | 2013-12-09 | 2021-07-20 | Mastercard International Incorporated | Methods and systems for leveraging transactions to dynamically authenticate a user |
US10373164B2 (en) * | 2013-12-09 | 2019-08-06 | Mastercard International Incorporated | Methods and systems for leveraging transaction data to dynamically authenticate a user |
US20230298024A1 (en) * | 2013-12-09 | 2023-09-21 | Mastercard International Incorporated | Methods and systems for leveraging transactions to dynamically authenticate a user |
US9928358B2 (en) | 2013-12-09 | 2018-03-27 | Mastercard International Incorporated | Methods and systems for using transaction data to authenticate a user of a computing device |
US9424410B2 (en) * | 2013-12-09 | 2016-08-23 | Mastercard International Incorporated | Methods and systems for leveraging transaction data to dynamically authenticate a user |
US9734500B2 (en) * | 2013-12-09 | 2017-08-15 | Mastercard International Incorporated | Methods and systems for leveraging transaction data to dynamically authenticate a user |
US20210319447A1 (en) * | 2013-12-09 | 2021-10-14 | Mastercard International Incorporated | Methods and systems for leveraging transactions to dynamically authenticate a user |
US20150161366A1 (en) * | 2013-12-09 | 2015-06-11 | Mastercard International Incorporated | Methods and systems for leveraging transaction data to dynamically authenticate a user |
US9323435B2 (en) | 2014-04-22 | 2016-04-26 | Robert H. Thibadeau, SR. | Method and system of providing a picture password for relatively smaller displays |
US9300659B2 (en) | 2014-04-22 | 2016-03-29 | Antique Books, Inc. | Method and system of providing a picture password for relatively smaller displays |
US9922188B2 (en) | 2014-04-22 | 2018-03-20 | Antique Books, Inc. | Method and system of providing a picture password for relatively smaller displays |
US9582106B2 (en) | 2014-04-22 | 2017-02-28 | Antique Books, Inc. | Method and system of providing a picture password for relatively smaller displays |
US9866549B2 (en) | 2014-06-02 | 2018-01-09 | Antique Books, Inc. | Antialiasing for picture passwords and other touch displays |
WO2015187713A1 (en) * | 2014-06-02 | 2015-12-10 | Antique Books, Inc. | Advanced proof of knowledge authentication |
US10659465B2 (en) | 2014-06-02 | 2020-05-19 | Antique Books, Inc. | Advanced proofs of knowledge for the web |
US9490981B2 (en) | 2014-06-02 | 2016-11-08 | Robert H. Thibadeau, SR. | Antialiasing for picture passwords and other touch displays |
US20180242379A1 (en) * | 2014-06-24 | 2018-08-23 | Google Llc | Mesh Network Commissioning |
US9497186B2 (en) | 2014-08-11 | 2016-11-15 | Antique Books, Inc. | Methods and systems for securing proofs of knowledge for privacy |
US9887993B2 (en) | 2014-08-11 | 2018-02-06 | Antique Books, Inc. | Methods and systems for securing proofs of knowledge for privacy |
US9686245B2 (en) * | 2014-09-16 | 2017-06-20 | Entersekt International Limited | System and method for secure authentication |
US11023117B2 (en) * | 2015-01-07 | 2021-06-01 | Byron Burpulis | System and method for monitoring variations in a target web page |
US20210286935A1 (en) * | 2015-01-07 | 2021-09-16 | Byron Burpulis | Engine, System, and Method of Providing Automated Risk Mitigation |
US11343222B2 (en) | 2015-04-02 | 2022-05-24 | Google Llc | Efficient network stack for wireless application protocols |
US11265165B2 (en) | 2015-05-22 | 2022-03-01 | Antique Books, Inc. | Initial provisioning through shared proofs of knowledge and crowdsourced identification |
US11157905B2 (en) * | 2015-08-29 | 2021-10-26 | Mastercard International Incorporated | Secure on device cardholder authentication using biometric data |
US10348816B2 (en) | 2015-10-14 | 2019-07-09 | Adp, Llc | Dynamic proxy server |
US10097459B2 (en) * | 2016-01-04 | 2018-10-09 | Electronics And Telecommunications Research Institute | Apparatus and method for high-speed data transmission between virtual desktops |
US20170301013A1 (en) * | 2016-04-15 | 2017-10-19 | Adp, Llc | Management of Payroll Lending Within an Enterprise System |
US10762559B2 (en) * | 2016-04-15 | 2020-09-01 | Adp, Llc | Management of payroll lending within an enterprise system |
US20170346756A1 (en) * | 2016-05-27 | 2017-11-30 | Bank Of America Corporation | Communication system for resource usage monitoring |
US10038644B2 (en) * | 2016-05-27 | 2018-07-31 | Bank Of America Corporation | Communication system for resource usage monitoring |
US10154101B2 (en) | 2016-05-27 | 2018-12-11 | Bank Of America Corporation | System for resource usage monitoring |
US10104199B2 (en) | 2016-05-27 | 2018-10-16 | Bank Of America Corporation | Three-way communication link for information retrieval and notification |
CN108287855A (en) * | 2017-01-10 | 2018-07-17 | 阿里巴巴集团控股有限公司 | Data identification method and device, interface alternation device based on social worker library |
US11038876B2 (en) | 2017-06-09 | 2021-06-15 | Lookout, Inc. | Managing access to services based on fingerprint matching |
US10218697B2 (en) | 2017-06-09 | 2019-02-26 | Lookout, Inc. | Use of device risk evaluation to manage access to services |
US10509893B2 (en) * | 2017-08-16 | 2019-12-17 | Thales Dis France Sa | Method for authenticating a user and corresponding user devices, server and system |
US20190057199A1 (en) * | 2017-08-16 | 2019-02-21 | Gemalto Inc | Method for authenticating a user and corresponding user devices, server and system |
US10812460B2 (en) | 2018-01-02 | 2020-10-20 | Bank Of America Corporation | Validation system utilizing dynamic authentication |
WO2020160408A1 (en) * | 2019-02-01 | 2020-08-06 | Byron Burpulis | Engine, system, and method of providing automated risk mitigation |
Also Published As
Publication number | Publication date |
---|---|
US20190104126A1 (en) | 2019-04-04 |
US20170237739A1 (en) | 2017-08-17 |
US10148659B2 (en) | 2018-12-04 |
US20200186530A1 (en) | 2020-06-11 |
US9584499B2 (en) | 2017-02-28 |
US10560454B2 (en) | 2020-02-11 |
US20140237562A1 (en) | 2014-08-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10560454B2 (en) | Authentication system and method | |
US8695071B2 (en) | Authentication method | |
US20130099891A1 (en) | Authentication method | |
KR101851686B1 (en) | Abstracted and randomized one-time passwords for transactional authentication | |
US9112847B2 (en) | Authentication method | |
KR101148627B1 (en) | Method and apparatus for preventing phishing attacks | |
US8566957B2 (en) | Authentication system | |
US7730321B2 (en) | System and method for authentication of users and communications received from computer systems | |
US20100175136A1 (en) | System and method for security of sensitive information through a network connection | |
US8800014B2 (en) | Authentication method | |
US20110295740A1 (en) | System And Method For Secure Transactions | |
CA2555465A1 (en) | Method and apparatus for authentication of users and communications received from computer systems | |
US11762942B1 (en) | Systems and methods for online identity management | |
US20130103544A1 (en) | Authentication system | |
US8533802B2 (en) | Authentication system and related method | |
US8505079B2 (en) | Authentication system and related method | |
US20130104209A1 (en) | Authentication system | |
WO2008024362A2 (en) | Advanced multi-factor authentication methods | |
JP5818635B2 (en) | Login authentication system and method | |
JP2007065789A (en) | Authentication system and method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |
|
AS | Assignment |
Owner name: TEXTILE COMPUTER SYSTEMS, INC., TEXAS Free format text: CHANGE OF ADDRESS OF ASSIGNEE;ASSIGNOR:TEXTILE COMPUTER SYSTEMS, INC.;REEL/FRAME:039775/0874 Effective date: 20160819 |