US20100070757A1 - System and method to authenticate a user utilizing a time-varying auxiliary code - Google Patents
System and method to authenticate a user utilizing a time-varying auxiliary code Download PDFInfo
- Publication number
- US20100070757A1 US20100070757A1 US12/209,856 US20985608A US2010070757A1 US 20100070757 A1 US20100070757 A1 US 20100070757A1 US 20985608 A US20985608 A US 20985608A US 2010070757 A1 US2010070757 A1 US 2010070757A1
- Authority
- US
- United States
- Prior art keywords
- user
- code
- authentication system
- password
- electronic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0846—Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
Definitions
- the present invention satisfies the need of authenticating a user without the use of tokens or biometrics.
- a token such as an ATM card is used with a password or PIN.
- the present invention in its simplest form is a single-factor system and method. It uses passwords only, falling into the type “what you know.” However, it can also function with or approximate a multifactor system. It can function with ATM cards and other cards, replacing or supplementing their passwords.
- the time-varying code by its variable nature differs from fixed passwords and PINS, such that it approximates the function of a token.
- One type of password-only system uses one-time passwords.
- One-time passwords are typically produced by or stored on tokens, such as with InCard Technologies' DisplayCard.
- DisplayCard is a credit card that contains electronic circuitry and that sports a button and a display. When the card holder—or anyone else—pushes the button, the card displays a one-time password. The user submits the one-time password with his purchase approval, and the bank compares it with what they are expecting. The system does nothing to ensure that the user is the bona fide card holder. It ensures only that the card is in a user's possession.
- the present invention does not utilize one-time passwords.
- the present invention utilizes a code that is generated not on a local token but on a remote server. Tokens need to be synchronized with the authentication server. The present invention requires no such synchronization, because it requires no token. The present invention performs the same function as inventions with tokens, that is, it provides an extension to the PIN or password, but it eliminates the token and the synchronization required with such a token.
- the present invention also requires the user to manually retrieve the auxiliary code, because he enters it manually when authenticating himself.
- the user of the present invention may retrieve his auxiliary code with a fungible communications device, that is, through any telephone, or any computer connected to the Internet. In any case he retrieves the code from the central electronic authentication system, not from a local device or token in his possession. The code is generated at the central electronic authentication system, not at a local device or token in his possession.
- the present invention authenticates the user at a central electronic authentication system, not at the user interface.
- U.S. Pat. No. 6,842,105 discloses a lockbox that can be programmed to require, in addition to the standard key identifier code, a four-digit permission code.
- the four-digit permission code does not vary with time.
- the four-digit permission code is an auxiliary code.
- the user needs a proprietary electronic device programmed with his key identifier code to communicate with the lockbox.
- the key identifier code is transmitted via an infrared link to the lockbox.
- the user types the four-digit permission code into the proprietary device.
- U.S. Pat. No. 5,367,572 utilizes a device in possession of the user to generate automatically a one-time code, which is then mixed automatically with the PIN. The user does not see the one-time code. The verification computer then either strips the one-time code from the PIN, or combines them, to authenticate the user. The point of the one-time code is to mask the PIN from eavesdroppers. In analogy with the present invention, the one-time code is an auxiliary code.
- U.S. Pat. No. 6,557,104 duplicates the function of a smart card but it eliminates the smart card.
- the invention stores a cryptographic key on a removable data storage device or “token.”
- the storage device is then connected to a computer by the user.
- the key is read by the computer only when the computer is operating in a secure mode, that is, in which it cannot be interrupted by other interrupts.
- the computer then reads the key into secure memory.
- the user may then be prompted to enter a PIN to unlock the key.
- the user may now request cryptographic services as if the smart card were attached to the computer.
- the embodiment with the PIN ensures that the user is bona fide.
- the system still requires the token, that is, the removable data storage device, albeit only to load the key.
- the key is not time-varying. The user does not see the key, which is an encrypted digital key and thus is not susceptible of manual typed entry by a user.
- the key is an auxiliary code.
- U.S. Pat. No. 7,363,494 utilizes a user authentication device in possession of the user loaded with a program that computes an authentication code.
- the program takes as input a secret such as a key, a dynamic value, a PIN value, a generation value, and a verification identification value, and combines them. Except for the PIN, these values are automatically provided and are hidden from the user.
- the dynamic value is constant for a given time interval, but the generation value changes with generation attempts within the time interval.
- the time intervals discussed in the embodiments are a minute and an hour.
- the dynamic value is an auxiliary code. The point of the invention is to mask the PIN against eavesdroppers.
- U.S. Pat. No. 7,380,708 utilizes a portable secure device, that is, a token, to scan an image or video.
- the device extracts authentication information from the image or video, which the user may then key in to gain access to the website etc.
- the authentication information is an auxiliary code.
- EP1445917 the user supplies beside his regular username and password an additional, randomly generated password (one-time code), which is sent to his mobile phone number by the identification system in the form of an SMS message after the identification systems receives the regular username and password from the user.
- the code is generated and authenticated by a central electronic authentication system, it is manually communicated to the user using a fungible communications device, and it is manually input by the user. However, the code is not manually retrieved by the user, it is sent to the user. Moreover, the code is sent to the user during the transaction; the user does not possess the code prior to the transaction.
- the invention also requires two electronic transactions, the first with his regular username password and the second with the new one-time password.
- the embodiments of the present invention comprise a system and method to authenticate a user utilizing a time-varying auxiliary code.
- the code may be appended to a fixed password, but that is not required.
- the code is generated by a central electronic authentication system. The user retrieves it manually from the central authentication system using a fungible communications device such as a telephone or a computer connected to the Internet. The user must learn the code because he inputs it manually, thereby authenticating himself.
- the present invention performs the same function as inventions with tokens, that is, it provides an extension to the PIN or password, but it eliminates the token and the synchronization required with such a token.
- the invention includes a system for authenticating a user, comprising: an identification subsystem, comprising a user identifier and a time-varying auxiliary code, at least the code provided by a central electronic authentication system, both the identifier and the code stored in an electronic database in the authentication system; a communications interface through which the user manually retrieves the code from the central electronic authentication system using a fungible communications device; an electronic user interface that presents the user with a means to input manually at least his code to the central electronic authentication system; circuitry in the central electronic authentication system to i) compare the user input conveyed to the authentication system through the user interface with the stored information, and ii) to authenticate the user if the user input code matches the stored code.
- the identification subsystem further comprises a fixed password, stored in an electronic database in the central electronic authentication system; the circuitry in the authentication system further comprises circuitry to i) compare the user input conveyed to the authentication system through the user interface with the stored information where the user input includes at least his fixed password and his code, and ii) to authenticate the user if the user input password and code match the stored password and code; and an electronic user interface that presents the user with a means to input manually at least his code and his password to the central electronic authentication system.
- the user identifier includes debit card numbers and ATM card numbers.
- the invention also includes a method for authenticating a user, comprising: identifying the user by creating a user identifier and a time-varying auxiliary code, at least the code provided by a server in a central electronic authentication system; storing the user identifier with the code in an electronic database in the central electronic authentication system; providing a communications interface through which the user manually retrieves the code from the central electronic authentication system using a fungible communications device; providing an electronic user interface to present the user with a means to input manually at least his code to the central electronic authentication system; the user manually inputting at least his code to the central electronic authentication system; conveying the user-input code from the user interface to the authentication system, wherein circuitry in the central electronic authentication system authenticates the user if the user input code matches the stored code.
- the identifying the user step further comprises creating an authentication key in the form of a fixed password;
- the storing the user identifier step further comprises storing the authentication key in the form of a fixed password with the daily auxiliary code in the electronic database in the authentication system;
- the providing a user interface step further comprises presenting the user with a means to input at least his password with his code;
- the conveying the user input step further comprises conveying the user-input password with the code through the user interface to the authentication system, wherein circuitry in the authentication system authenticates the user if the user input password and code match the stored password and code.
- Some user interfaces are the keypad of a terminal, a computer connected to the Internet, and a telephone.
- Some fungible communications devices are computers connected to the Internet, and touch-tone telephones.
- Some user identifiers are credit card numbers, debit card numbers, ATM card numbers, cashier's check numbers, bank account numbers, and prescription numbers.
- the time-varying code changes every twenty-four hours.
- you pay for your prescription to authenticate yourself to the pharmacy you enter into a terminal keypad your “plus four” for the day, which code was issued by or through or on behalf of the pharmacy or your HMO.
- This example should not be interpreted as limiting the code to four digits or the time variation to twenty-four hours.
- FIG. 1 shows a flowchart of the method
- FIG. 2 shows a flowchart of the method using a fixed password
- FIG. 3 shows a block diagram of the system.
- Fixed password includes manually changeable passwords that are not automatically periodically time-varying. Manually retrieves the code means that the user must visually or auditorily inspect the code, in contrast to downloaded it blindly to a token. Manually inputs the code means that the user must type it in to a keyboard of some kind.
- a central electronic authentication subsystem is a server, where the various user input terminals are clients.
- a time-varying auxiliary code is an unpredictable code.
- FIG. 1 shows a flowchart of the method, comprising: identifying the user by creating a user identifier and a time-varying auxiliary code, at least the code provided by a server in a central electronic authentication system; storing the user identifier with the code in an electronic database in the central electronic authentication system; providing a communications interface through which the user manually retrieves the code from the central electronic authentication system using a fungible communications device; providing an electronic user interface to present the user with a means to input manually at least his code to the central electronic authentication system; the user manually inputting at least his code to the central electronic authentication system; conveying the user-input code from the user interface to the authentication system, wherein circuitry in the central electronic authentication system authenticates the user if the user input code matches the stored code.
- FIG. 2 shows a flowchart of the the best mode of the method, using a fixed password in combination with the time-varying code.
- the identifying the user step further comprises creating an authentication key in the form of a fixed password
- the storing the user identifier step further comprises storing the authentication key in the form of a fixed password with the code in the electronic database in the central electronic authentication system
- the providing a user interface step further comprises presenting the user with a means to input at least his password with his code
- the conveying the user input step further comprises conveying the user-input password with the code through the user interface to the authentication system, wherein circuitry in the authentication system authenticates the user if the user input password and code match the stored password and code.
- FIG. 3 shows a system for authenticating a financial transaction 10 , comprising an identification subsystem 20 , a user identifier 21 , a fixed password 22 , a daily auxiliary code 23 , an electronic database 24 , an electronic user interface 30 , an interface for a fungible communications device 35 , and circuitry 40 .
- the circuitry in the central electronic authentication system has two purposes: to i) compare the user input conveyed to the authentication system through the user interface with the stored information, and ii) to authenticate the user if the user input code matches the stored code. For example a user at a POS wants to pay with his debit card. To authorize payment he punches in his PIN followed by his “plus four” for the day.
- the fixed password 22 or PIN is not used in every embodiment.
- a user at a POS wants to pay with his credit card. These do not have PIN's unless you are taking cash from the account. They do use CCV's, which are not necessarily PIN's, and in any case they are not time-varying.
- CCV's which are not necessarily PIN's, and in any case they are not time-varying.
- a text string is sent to us matching some piece of information agreed upon by the customer, such as the account number or credit card number.
- a hashing encryption scheme in conjunction with the date is applied to that text string to produce a 4 digit number.
- the auxiliary code is constructed by sampling without replacement to minimize the chances of duplicate auxiliary codes. For example, if the code is four digits long, there are 9999 possibilities. Once a particular four-digit string has been selected, it is removed from the pool until all 9999 possibilities have been used.
Abstract
A system and method to authenticate a user utilizing a time-varying auxiliary code. The code may be appended to a fixed password, but that is not required. The code is generated by a central electronic authentication system. The user retrieves it manually using a fungible communications device such as a telephone or a computer connected to the Internet. The user must learn the code because he inputs it manually, thereby authenticating himself. The present invention performs the same function as inventions with tokens, that is, it provides an extension to the PIN or password, but it eliminates the token and the synchronization required with such a token.
Description
- None.
- Not applicable.
- The present invention satisfies the need of authenticating a user without the use of tokens or biometrics.
- Information relevant to attempts to address this problem can be found in U.S. Pat. Nos. 5,367,572; 6,557,104; 6,842,105; 7,363,494; and 7,380,708; and EP1445917; which are not admitted to be prior art with respect to the present invention by its mention in this Background Section. However, it is desirable to have better apparatuses and/or methods than what is disclosed in the identified references. Relevant fields of art include 235/382, 705/72, 713/183 and 726/17, 21 and 28.
- There are three types or “factors” of information used to authenticate a user: what you know, what you have, and who you are. What you know includes passwords. What you have includes tokens, which may produce passwords. Who you are includes biometrics. Authorities are now recommending the use of “multifactor authentication.” In this type of process, measures from more than one type of authentication are combined. For example, a token such as an ATM card is used with a password or PIN. The present invention in its simplest form is a single-factor system and method. It uses passwords only, falling into the type “what you know.” However, it can also function with or approximate a multifactor system. It can function with ATM cards and other cards, replacing or supplementing their passwords. In addition, the time-varying code, by its variable nature differs from fixed passwords and PINS, such that it approximates the function of a token.
- One type of password-only system uses one-time passwords. One-time passwords are typically produced by or stored on tokens, such as with InCard Technologies' DisplayCard. DisplayCard is a credit card that contains electronic circuitry and that sports a button and a display. When the card holder—or anyone else—pushes the button, the card displays a one-time password. The user submits the one-time password with his purchase approval, and the bank compares it with what they are expecting. The system does nothing to ensure that the user is the bona fide card holder. It ensures only that the card is in a user's possession. The present invention does not utilize one-time passwords.
- Other types of password-only systems utilize tokens that provide what are effectively one-time passwords, often to be used in conjunction with a PIN. As discussed in U.S. Pat. No. 7,380,708, there exists a “prior art system” that uses a token synchronized with a supplier's hardware and software. The token produces a new password every sixty seconds, to which the user appends his Personal Identification Number (PIN). The token's password is hidden and the appending is automatic. The PIN is not an auxiliary code, and it is not time varying. It is simply a PIN. This system also does nothing to ensure that the user is the bona fide card holder. The present invention does not utilize tokens. The present invention utilizes a code that is generated not on a local token but on a remote server. Tokens need to be synchronized with the authentication server. The present invention requires no such synchronization, because it requires no token. The present invention performs the same function as inventions with tokens, that is, it provides an extension to the PIN or password, but it eliminates the token and the synchronization required with such a token.
- The present invention also requires the user to manually retrieve the auxiliary code, because he enters it manually when authenticating himself.
- The user of the present invention may retrieve his auxiliary code with a fungible communications device, that is, through any telephone, or any computer connected to the Internet. In any case he retrieves the code from the central electronic authentication system, not from a local device or token in his possession. The code is generated at the central electronic authentication system, not at a local device or token in his possession.
- The present invention authenticates the user at a central electronic authentication system, not at the user interface.
- U.S. Pat. No. 6,842,105 discloses a lockbox that can be programmed to require, in addition to the standard key identifier code, a four-digit permission code. The four-digit permission code does not vary with time. In analogy with the present invention, the four-digit permission code is an auxiliary code. Rather than a fungible communications device, the user needs a proprietary electronic device programmed with his key identifier code to communicate with the lockbox. The key identifier code is transmitted via an infrared link to the lockbox. The user types the four-digit permission code into the proprietary device.
- U.S. Pat. No. 5,367,572 utilizes a device in possession of the user to generate automatically a one-time code, which is then mixed automatically with the PIN. The user does not see the one-time code. The verification computer then either strips the one-time code from the PIN, or combines them, to authenticate the user. The point of the one-time code is to mask the PIN from eavesdroppers. In analogy with the present invention, the one-time code is an auxiliary code.
- U.S. Pat. No. 6,557,104 duplicates the function of a smart card but it eliminates the smart card. The invention stores a cryptographic key on a removable data storage device or “token.” The storage device is then connected to a computer by the user. The key is read by the computer only when the computer is operating in a secure mode, that is, in which it cannot be interrupted by other interrupts.
- The computer then reads the key into secure memory. The user may then be prompted to enter a PIN to unlock the key. The user may now request cryptographic services as if the smart card were attached to the computer. The embodiment with the PIN ensures that the user is bona fide. The system still requires the token, that is, the removable data storage device, albeit only to load the key. The key is not time-varying. The user does not see the key, which is an encrypted digital key and thus is not susceptible of manual typed entry by a user. In analogy with the present invention, the key is an auxiliary code.
- U.S. Pat. No. 7,363,494 utilizes a user authentication device in possession of the user loaded with a program that computes an authentication code. The program takes as input a secret such as a key, a dynamic value, a PIN value, a generation value, and a verification identification value, and combines them. Except for the PIN, these values are automatically provided and are hidden from the user. The dynamic value is constant for a given time interval, but the generation value changes with generation attempts within the time interval. The time intervals discussed in the embodiments are a minute and an hour. In analogy with the present invention, the dynamic value is an auxiliary code. The point of the invention is to mask the PIN against eavesdroppers.
- U.S. Pat. No. 7,380,708 utilizes a portable secure device, that is, a token, to scan an image or video. The device extracts authentication information from the image or video, which the user may then key in to gain access to the website etc. In analogy with the present invention, the authentication information is an auxiliary code.
- In EP1445917 the user supplies beside his regular username and password an additional, randomly generated password (one-time code), which is sent to his mobile phone number by the identification system in the form of an SMS message after the identification systems receives the regular username and password from the user. The code is generated and authenticated by a central electronic authentication system, it is manually communicated to the user using a fungible communications device, and it is manually input by the user. However, the code is not manually retrieved by the user, it is sent to the user. Moreover, the code is sent to the user during the transaction; the user does not possess the code prior to the transaction. That means that the user has to wait, possibly with a line of people behind him, for a telephone call before he can finish the transaction; he has to have a cell phone; and he has to have cell phone service, which he might not have for example if he is far from home or in a foreign country. The invention also requires two electronic transactions, the first with his regular username password and the second with the new one-time password.
- The embodiments of the present invention comprise a system and method to authenticate a user utilizing a time-varying auxiliary code. The code may be appended to a fixed password, but that is not required. The code is generated by a central electronic authentication system. The user retrieves it manually from the central authentication system using a fungible communications device such as a telephone or a computer connected to the Internet. The user must learn the code because he inputs it manually, thereby authenticating himself. The present invention performs the same function as inventions with tokens, that is, it provides an extension to the PIN or password, but it eliminates the token and the synchronization required with such a token.
- The invention includes a system for authenticating a user, comprising: an identification subsystem, comprising a user identifier and a time-varying auxiliary code, at least the code provided by a central electronic authentication system, both the identifier and the code stored in an electronic database in the authentication system; a communications interface through which the user manually retrieves the code from the central electronic authentication system using a fungible communications device; an electronic user interface that presents the user with a means to input manually at least his code to the central electronic authentication system; circuitry in the central electronic authentication system to i) compare the user input conveyed to the authentication system through the user interface with the stored information, and ii) to authenticate the user if the user input code matches the stored code.
- In an alternative embodiment, in the system the identification subsystem further comprises a fixed password, stored in an electronic database in the central electronic authentication system; the circuitry in the authentication system further comprises circuitry to i) compare the user input conveyed to the authentication system through the user interface with the stored information where the user input includes at least his fixed password and his code, and ii) to authenticate the user if the user input password and code match the stored password and code; and an electronic user interface that presents the user with a means to input manually at least his code and his password to the central electronic authentication system. In this embodiment, the user identifier includes debit card numbers and ATM card numbers.
- The invention also includes a method for authenticating a user, comprising: identifying the user by creating a user identifier and a time-varying auxiliary code, at least the code provided by a server in a central electronic authentication system; storing the user identifier with the code in an electronic database in the central electronic authentication system; providing a communications interface through which the user manually retrieves the code from the central electronic authentication system using a fungible communications device; providing an electronic user interface to present the user with a means to input manually at least his code to the central electronic authentication system; the user manually inputting at least his code to the central electronic authentication system; conveying the user-input code from the user interface to the authentication system, wherein circuitry in the central electronic authentication system authenticates the user if the user input code matches the stored code.
- In an alternative embodiment of the method, the identifying the user step further comprises creating an authentication key in the form of a fixed password; the storing the user identifier step further comprises storing the authentication key in the form of a fixed password with the daily auxiliary code in the electronic database in the authentication system; the providing a user interface step further comprises presenting the user with a means to input at least his password with his code; and the conveying the user input step further comprises conveying the user-input password with the code through the user interface to the authentication system, wherein circuitry in the authentication system authenticates the user if the user input password and code match the stored password and code.
- Some user interfaces are the keypad of a terminal, a computer connected to the Internet, and a telephone.
- Some fungible communications devices are computers connected to the Internet, and touch-tone telephones.
- Some user identifiers are credit card numbers, debit card numbers, ATM card numbers, cashier's check numbers, bank account numbers, and prescription numbers.
- In the preferred embodiment, the time-varying code changes every twenty-four hours.
- The user learns his code in any of several ways. He logs into a computer account. He telephones a service that either requires a PIN or remembers his telephone number. He receives an automated telephone call. He requests it in person. In any case he must learn it, because he inputs it manually into the authentication system. After learning his code, he can use it in several ways, as exemplified in the following examples.
- Example: a daily “PIN plus four” for an ATM card. You go to an ATM to withdraw cash. Into the keypad you enter your PIN followed by your “plus four” for the day, which code was issued by or through or on behalf of your bank. This example should not be interpreted as limiting the code to four digits or the time variation to twenty-four hours.
- Example: a daily CCV code for a credit card. You make a credit card purchase. When you sign the slip or the machine, you also enter into a keypad your “plus four” for the day, which code was issued by or through or on behalf of your credit card provider. This example should not be interpreted as limiting the code to four digits or the time variation to twenty-four hours.
- Example: a daily PIN for a check. You write a check at a retailer. The retailer provides you with a terminal with a keypad, into which you enter your “plus four” for the day, which code was issued by or through or on behalf of your bank. This example should not be interpreted as limiting the code to four digits or the time variation to twenty-four hours.
- Example: a daily PIN for a debit card. You make a debit card purchase at a retailer. After you enter your PIN into the terminal keypad, you enter your “plus four” for the day, which code was issued by or through or on behalf of your bank. This example should not be interpreted as limiting the code to four digits or the time variation to twenty-four hours.
- Example: a daily PIN for a prescription. When you pay for your prescription, to authenticate yourself to the pharmacy you enter into a terminal keypad your “plus four” for the day, which code was issued by or through or on behalf of the pharmacy or your HMO. This example should not be interpreted as limiting the code to four digits or the time variation to twenty-four hours.
- These and other features, aspects and advantages of the embodiments of the apparatus and/or methods will become better understood with reference to the following description, appended claims and accompanying drawings where:
-
FIG. 1 shows a flowchart of the method; -
FIG. 2 shows a flowchart of the method using a fixed password; and -
FIG. 3 shows a block diagram of the system. - 10 a system for authenticating a user;
- 20 an identification subsystem;
- 21 a user identifier;
- 22 a fixed password;
- 23 a time-varying auxiliary code;
- 24 electronic database;
- 30 an electronic user interface;
- 35 an interface for a fungible communications device; and
- 40 circuitry.
- Fixed password includes manually changeable passwords that are not automatically periodically time-varying. Manually retrieves the code means that the user must visually or auditorily inspect the code, in contrast to downloaded it blindly to a token. Manually inputs the code means that the user must type it in to a keyboard of some kind. A central electronic authentication subsystem is a server, where the various user input terminals are clients. A time-varying auxiliary code is an unpredictable code.
-
FIG. 1 shows a flowchart of the method, comprising: identifying the user by creating a user identifier and a time-varying auxiliary code, at least the code provided by a server in a central electronic authentication system; storing the user identifier with the code in an electronic database in the central electronic authentication system; providing a communications interface through which the user manually retrieves the code from the central electronic authentication system using a fungible communications device; providing an electronic user interface to present the user with a means to input manually at least his code to the central electronic authentication system; the user manually inputting at least his code to the central electronic authentication system; conveying the user-input code from the user interface to the authentication system, wherein circuitry in the central electronic authentication system authenticates the user if the user input code matches the stored code. -
FIG. 2 shows a flowchart of the the best mode of the method, using a fixed password in combination with the time-varying code. Here the identifying the user step further comprises creating an authentication key in the form of a fixed password; the storing the user identifier step further comprises storing the authentication key in the form of a fixed password with the code in the electronic database in the central electronic authentication system; the providing a user interface step further comprises presenting the user with a means to input at least his password with his code; and the conveying the user input step further comprises conveying the user-input password with the code through the user interface to the authentication system, wherein circuitry in the authentication system authenticates the user if the user input password and code match the stored password and code. -
FIG. 3 shows a system for authenticating afinancial transaction 10, comprising anidentification subsystem 20, auser identifier 21, a fixedpassword 22, a daily auxiliary code 23, anelectronic database 24, anelectronic user interface 30, an interface for afungible communications device 35, andcircuitry 40. The circuitry in the central electronic authentication system has two purposes: to i) compare the user input conveyed to the authentication system through the user interface with the stored information, and ii) to authenticate the user if the user input code matches the stored code. For example a user at a POS wants to pay with his debit card. To authorize payment he punches in his PIN followed by his “plus four” for the day. - The fixed
password 22 or PIN is not used in every embodiment. For example a user at a POS wants to pay with his credit card. These do not have PIN's unless you are taking cash from the account. They do use CCV's, which are not necessarily PIN's, and in any case they are not time-varying. After swiping his card and signing to authorize payment, the user inputs his “plus four” for the day. The credit card company authorizes the payment by comparing the input plus four with the expected plus four. - In an alternate embodiment, a text string is sent to us matching some piece of information agreed upon by the customer, such as the account number or credit card number. A hashing encryption scheme in conjunction with the date is applied to that text string to produce a 4 digit number.
- In an alternate embodiment, the auxiliary code is constructed by sampling without replacement to minimize the chances of duplicate auxiliary codes. For example, if the code is four digits long, there are 9999 possibilities. Once a particular four-digit string has been selected, it is removed from the pool until all 9999 possibilities have been used.
- Some advantages of the embodiments of the apparatus were previously enumerated in the Summary section. Every advantageous feature does not need to be incorporated into every embodiment of the apparatus and/or methods.
- Although these versions of the invention have been described in considerable detail, other versions are possible. Therefore, the spirit and scope of the appended claims should not be limited to the description of the versions contained therein.
Claims (20)
1. A method to authenticate a user, comprising:
A. identifying the user by creating a user identifier and a time-varying auxiliary code, at least the code provided by a server in a central electronic authentication system;
B. storing the user identifier with the code in an electronic database in the central electronic authentication system;
C. providing a communications interface through which the user manually retrieves the code from the central electronic authentication system using a fungible communications device, the user retrieving the code prior to his initiation of a transaction, the code not being a one-time password;
D. providing an electronic user interface to present the user with a means to input manually at least his code to the central electronic authentication system;
E. the user manually inputting at least his code to the central electronic authentication system;
F. conveying the user-input code from the user interface to the central electronic authentication system, wherein circuitry in the authentication server in the central electronic authentication system authenticates the user if the user input code matches the stored code.
2. The method of claim 1 , wherein said electronic user interface is an electronic input device selected from the group consisting of a keypad of a terminal, a computer, and a touch-tone telephone.
3. The method of claim 1 , wherein said fungible communications device is an electronic communications device selected from the group consisting of computers connected to the Internet, and touch-tone telephones.
4. The method of claim 1 , wherein said user identifier is selected from the group consisting of debit card numbers, ATM card numbers, and credit card numbers.
5. The method of claim 1 , wherein said user identifier is a cashier's check number.
6. The method of claim 1 , wherein said user identifier is a bank account number.
7. The method of claim 1 , wherein said user identifier is a prescription number.
8. The method of claim 1 , wherein:
A. the identifying the user step further comprises creating an authentication key in the form of a fixed password;
B. the storing the user identifier step further comprises storing the authentication key in the form of a fixed password with code in an electronic database in the authentication system;
C. the providing a user interface step further comprises presenting the user with a means to input manually at least his password with his code;
D. the manually inputting step further comprises manually inputing his password; and
E. the conveying the user input step further comprises conveying the user-input password with the code through the user interface to the authentication system, wherein circuitry in the authentication system authenticates the user if the user input password and code match the stored password and code.
9. The method of claim 8 , wherein said electronic user interface is an electronic input device selected from the group consisting of a keypad of a terminal, a computer, and a touch-tone telephone.
10. The method of claim 1 , wherein said time-varying code changes every twenty-four hours.
11. A system for authenticating a user, comprising:
A. an identification subsystem, comprising a user identifier and a time-varying auxiliary code, at least the code provided by a central electronic authentication system, both the identifier and the code stored in an electronic database in the authentication system;
B. a communications interface through which the user manually retrieves the code using a fungible communications device, the user retrieving the code prior to his initiation of transaction, the code not being a one-time password;
C. an electronic user interface that presents the user with a means to input manually at least his code to the central electronic authentication system;
D. circuitry in the central electronic authentication system to i) compare the user input conveyed to the authentication system through the user interface with the stored information, and ii) to authenticate the user if the user input code matches the stored code.
12. The system of claim 11 , wherein said user interface is an electronic input device selected from the group consisting of a keypad of a terminal, a computer, and a touch-tone telephone.
13. The system of claim 11 , wherein said fungible communications device is an electronic communications device selected from the group consisting of a computers connected to the Internet, and touch-tone telephones.
14. The system of claim 11 , wherein said user identifier is selected from the group consisting of debit card numbers, ATM card numbers, and credit card numbers.
15. The system of claim 11 , wherein said user identifier is a cashier's check number.
16. The system of claim 11 , wherein said user identifier is a bank account number.
17. The method of claim 11 , wherein said user identifier is a prescription number.
18. The system of claim 11 , wherein:
A. the identification subsystem further comprises a fixed password, stored in the authentication system;
B. the circuitry in the authentication system further comprises circuitry to i) compare the user input conveyed to the authentication system through the user interface with the stored information where the user input includes at least his fixed password and his code , and ii) to authenticate the user if the user input password and code match the stored password and code; and
C. an electronic user interface that presents the user with a means to input manually at least his code and his password to the central electronic authentication system.
19. The system of claim 18 , wherein said user interface is an electronic input device selected from the group consisting of a keypad of a terminal, a computer, and a touch-tone telephone.
20. The system of claim 11 , wherein said time-varying code changes every twenty-four hours.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/209,856 US7694130B1 (en) | 2008-09-12 | 2008-09-12 | System and method to authenticate a user utilizing a time-varying auxiliary code |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/209,856 US7694130B1 (en) | 2008-09-12 | 2008-09-12 | System and method to authenticate a user utilizing a time-varying auxiliary code |
Publications (2)
Publication Number | Publication Date |
---|---|
US20100070757A1 true US20100070757A1 (en) | 2010-03-18 |
US7694130B1 US7694130B1 (en) | 2010-04-06 |
Family
ID=42008281
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/209,856 Expired - Fee Related US7694130B1 (en) | 2008-09-12 | 2008-09-12 | System and method to authenticate a user utilizing a time-varying auxiliary code |
Country Status (1)
Country | Link |
---|---|
US (1) | US7694130B1 (en) |
Cited By (38)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090006217A1 (en) * | 2007-06-29 | 2009-01-01 | Vidicom Limited | Effecting an electronic payment |
US20100191646A1 (en) * | 2009-01-23 | 2010-07-29 | Boku, Inc. | Systems and Methods to Facilitate Electronic Payments |
US20100216425A1 (en) * | 2009-02-20 | 2010-08-26 | Boku, Inc. | Systems and Methods to Approve Electronic Payments |
US20100223183A1 (en) * | 2009-03-02 | 2010-09-02 | Boku, Inc. | Systems and Methods to Provide Information |
US20100235276A1 (en) * | 2009-03-10 | 2010-09-16 | Boku, Inc. | Systems and Methods to Process User Initiated Transactions |
US20100299220A1 (en) * | 2009-05-19 | 2010-11-25 | Boku, Inc. | Systems and Methods to Confirm Transactions via Mobile Devices |
US20100306015A1 (en) * | 2009-05-29 | 2010-12-02 | Boku, Inc. | Systems and Methods to Schedule Transactions |
US20100312645A1 (en) * | 2009-06-09 | 2010-12-09 | Boku, Inc. | Systems and Methods to Facilitate Purchases on Mobile Devices |
US20110035302A1 (en) * | 2009-08-04 | 2011-02-10 | Boku, Inc. | Systems and Methods to Accelerate Transactions |
US20110078077A1 (en) * | 2009-09-29 | 2011-03-31 | Boku, Inc. | Systems and Methods to Facilitate Online Transactions |
US20110082772A1 (en) * | 2009-10-01 | 2011-04-07 | Boku, Inc. | Systems and Methods for Purchases on a Mobile Communication Device |
US20110143710A1 (en) * | 2009-12-16 | 2011-06-16 | Boku, Inc. | Systems and methods to facilitate electronic payments |
US20110173106A1 (en) * | 2010-01-13 | 2011-07-14 | Boku, Inc. | Systems and Methods to Route Messages to Facilitate Online Transactions |
US20110213671A1 (en) * | 2010-02-26 | 2011-09-01 | Boku, Inc. | Systems and Methods to Process Payments |
US20110237232A1 (en) * | 2010-03-29 | 2011-09-29 | Boku, Inc. | Systems and Methods to Provide Offers on Mobile Devices |
US20110238483A1 (en) * | 2010-03-29 | 2011-09-29 | Boku, Inc. | Systems and Methods to Distribute and Redeem Offers |
US20130036053A1 (en) * | 2001-08-29 | 2013-02-07 | Nader Asghari-Kamrani | Centralized Identification and Authentication System and Method |
US8386353B2 (en) | 2009-05-27 | 2013-02-26 | Boku, Inc. | Systems and methods to process transactions based on social networking |
US8412155B2 (en) | 2010-12-20 | 2013-04-02 | Boku, Inc. | Systems and methods to accelerate transactions based on predictions |
US8412626B2 (en) | 2009-12-10 | 2013-04-02 | Boku, Inc. | Systems and methods to secure transactions via mobile devices |
US8478734B2 (en) | 2010-03-25 | 2013-07-02 | Boku, Inc. | Systems and methods to provide access control via mobile phones |
US8543087B2 (en) | 2011-04-26 | 2013-09-24 | Boku, Inc. | Systems and methods to facilitate repeated purchases |
US8583496B2 (en) | 2010-12-29 | 2013-11-12 | Boku, Inc. | Systems and methods to process payments via account identifiers and phone numbers |
US8589290B2 (en) | 2010-08-11 | 2013-11-19 | Boku, Inc. | Systems and methods to identify carrier information for transmission of billing messages |
US8660911B2 (en) | 2009-09-23 | 2014-02-25 | Boku, Inc. | Systems and methods to facilitate online transactions |
US8699994B2 (en) | 2010-12-16 | 2014-04-15 | Boku, Inc. | Systems and methods to selectively authenticate via mobile communications |
US8700524B2 (en) | 2011-01-04 | 2014-04-15 | Boku, Inc. | Systems and methods to restrict payment transactions |
US9191217B2 (en) | 2011-04-28 | 2015-11-17 | Boku, Inc. | Systems and methods to process donations |
US9449313B2 (en) | 2008-05-23 | 2016-09-20 | Boku, Inc. | Customer to supplier funds transfer |
US9595028B2 (en) | 2009-06-08 | 2017-03-14 | Boku, Inc. | Systems and methods to add funds to an account via a mobile communication device |
US9697510B2 (en) | 2009-07-23 | 2017-07-04 | Boku, Inc. | Systems and methods to facilitate retail transactions |
US9703938B2 (en) | 2001-08-29 | 2017-07-11 | Nader Asghari-Kamrani | Direct authentication system and method via trusted authenticators |
US9830622B1 (en) | 2011-04-28 | 2017-11-28 | Boku, Inc. | Systems and methods to process donations |
US10320564B2 (en) * | 2017-10-19 | 2019-06-11 | Autnhive Corporation | System and method for generating and depositing keys for multi-point authentication |
US10417715B1 (en) * | 2018-02-14 | 2019-09-17 | Hippo Technologies LLC | Computer architectures and associated methods for enabling real-time data determinations and distribution |
US10515356B2 (en) * | 2011-04-15 | 2019-12-24 | Shift4 Corporation | Method and system for utilizing authorization factor pools |
US10586230B2 (en) | 2011-04-15 | 2020-03-10 | Shift4 Corporation | Method and system for enabling merchants to share tokens |
US10903997B2 (en) | 2017-10-19 | 2021-01-26 | Autnhive Corporation | Generating keys using controlled corruption in computer networks |
Families Citing this family (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9246899B1 (en) | 2008-03-03 | 2016-01-26 | Jpmorgan Chase Bank, N.A. | Authentication and interaction tracking system and method |
US8255971B1 (en) | 2008-03-03 | 2012-08-28 | Jpmorgan Chase Bank, N.A. | Authentication system and method |
US9715681B2 (en) | 2009-04-28 | 2017-07-25 | Visa International Service Association | Verification of portable consumer devices |
US8602293B2 (en) | 2009-05-15 | 2013-12-10 | Visa International Service Association | Integration of verification tokens with portable computing devices |
US9105027B2 (en) | 2009-05-15 | 2015-08-11 | Visa International Service Association | Verification of portable consumer device for secure services |
US8893967B2 (en) | 2009-05-15 | 2014-11-25 | Visa International Service Association | Secure Communication of payment information to merchants using a verification token |
US10846683B2 (en) | 2009-05-15 | 2020-11-24 | Visa International Service Association | Integration of verification tokens with mobile communication devices |
US8534564B2 (en) | 2009-05-15 | 2013-09-17 | Ayman Hammad | Integration of verification tokens with mobile communication devices |
US9038886B2 (en) | 2009-05-15 | 2015-05-26 | Visa International Service Association | Verification of portable consumer devices |
US10255591B2 (en) | 2009-12-18 | 2019-04-09 | Visa International Service Association | Payment channel returning limited use proxy dynamic value |
KR101895243B1 (en) | 2011-03-04 | 2018-10-24 | 비자 인터네셔널 서비스 어소시에이션 | Integration of payment capability into secure elements of computers |
US9904777B2 (en) | 2011-09-14 | 2018-02-27 | Mobile Heartbeat, Llc | System for automated login initialization on detection of identification device |
US10282724B2 (en) | 2012-03-06 | 2019-05-07 | Visa International Service Association | Security system incorporating mobile device |
US9264415B1 (en) | 2012-07-11 | 2016-02-16 | Microstrategy Incorporated | User credentials |
US9887992B1 (en) | 2012-07-11 | 2018-02-06 | Microstrategy Incorporated | Sight codes for website authentication |
US8775807B1 (en) | 2012-10-26 | 2014-07-08 | Microstrategy Incorporated | Credential tracking |
US9640001B1 (en) | 2012-11-30 | 2017-05-02 | Microstrategy Incorporated | Time-varying representations of user credentials |
US9154303B1 (en) | 2013-03-14 | 2015-10-06 | Microstrategy Incorporated | Third-party authorization of user credentials |
AU2014368949A1 (en) | 2013-12-19 | 2016-06-09 | Visa International Service Association | Cloud-based transactions methods and systems |
US9922322B2 (en) | 2013-12-19 | 2018-03-20 | Visa International Service Association | Cloud-based transactions with magnetic secure transmission |
AU2015264124B2 (en) | 2014-05-21 | 2019-05-09 | Visa International Service Association | Offline authentication |
US9775029B2 (en) | 2014-08-22 | 2017-09-26 | Visa International Service Association | Embedding cloud-based functionalities in a communication device |
US10187363B2 (en) | 2014-12-31 | 2019-01-22 | Visa International Service Association | Hybrid integration of software development kit with secure execution environment |
Citations (32)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4465153A (en) * | 1980-02-04 | 1984-08-14 | U.S. Philips Corporation | Method of coding and decoding messages |
US5280527A (en) * | 1992-04-14 | 1994-01-18 | Kamahira Safe Co., Inc. | Biometric token for authorizing access to a host system |
US5367572A (en) * | 1984-11-30 | 1994-11-22 | Weiss Kenneth P | Method and apparatus for personal identification |
US5490077A (en) * | 1993-01-20 | 1996-02-06 | Francotyp-Postalia Gmbh | Method for data input into a postage meter machine, arrangement for franking postal matter and for producing an advert mark respectively allocated to a cost allocation account |
US5657388A (en) * | 1993-05-25 | 1997-08-12 | Security Dynamics Technologies, Inc. | Method and apparatus for utilizing a token for resource access |
US5886331A (en) * | 1996-11-18 | 1999-03-23 | Lyons, Jr.; Michael J. | Electronic calculator for determining truck driver log book values |
US5889861A (en) * | 1995-01-12 | 1999-03-30 | Kokusai Denshin Denwa Co., Ltd | Identity confidentiality method in radio communication system |
US5966753A (en) * | 1997-12-31 | 1999-10-19 | Sloan Valve Company | Method and apparatus for properly sequenced hand washing |
US6091759A (en) * | 1998-11-24 | 2000-07-18 | Motorola, Inc. | Method and apparatus for spreading and despreading data in a spread-spectrum communication system |
US6195588B1 (en) * | 1997-12-31 | 2001-02-27 | Sloan Valve Company | Control board for controlling and monitoring usage of water |
US20020116450A1 (en) * | 2000-12-01 | 2002-08-22 | Multiscience System Pte Ltd. | Network for information transfer for mobile stations |
US20020123359A1 (en) * | 2000-12-01 | 2002-09-05 | Multiscience System Pte Limited | Network for information transfer for mobile stations |
US20020169988A1 (en) * | 2000-12-22 | 2002-11-14 | Vandergeest Ron J. | Method and apparatus for providing user authentication using a back channel |
US20020179709A1 (en) * | 2001-05-30 | 2002-12-05 | Dan Mehler | Resilient bar code and scanner |
US6557104B2 (en) * | 1997-05-02 | 2003-04-29 | Phoenix Technologies Ltd. | Method and apparatus for secure processing of cryptographic keys |
US6657535B1 (en) * | 1998-08-31 | 2003-12-02 | Hawkeye Global, Inc. | System for signaling a device at a remote location |
US20040103287A1 (en) * | 2000-09-01 | 2004-05-27 | Newby Robert Matthew | Electronic device with time dependent access codes and apparatus for generating those codes |
US6842105B1 (en) * | 1985-10-16 | 2005-01-11 | Ge Interlogix, Inc. | Dual mode data logging |
US20050066049A1 (en) * | 2003-09-19 | 2005-03-24 | Alcatel | Extendable local network associated with a building |
US20050198379A1 (en) * | 2001-06-13 | 2005-09-08 | Citrix Systems, Inc. | Automatically reconnecting a client across reliable and persistent communication sessions |
US20050213519A1 (en) * | 2004-03-24 | 2005-09-29 | Sandeep Relan | Global positioning system (GPS) based secure access |
US20060156385A1 (en) * | 2003-12-30 | 2006-07-13 | Entrust Limited | Method and apparatus for providing authentication using policy-controlled authentication articles and techniques |
US20070136800A1 (en) * | 2005-12-13 | 2007-06-14 | Microsoft Corporation | Two-way authentication using a combined code |
US20070220100A1 (en) * | 2006-02-07 | 2007-09-20 | Outland Research, Llc | Collaborative Rejection of Media for Physical Establishments |
US7308250B2 (en) * | 2004-03-16 | 2007-12-11 | Broadcom Corporation | Integration of secure identification logic into cell phone |
US7356837B2 (en) * | 2001-08-29 | 2008-04-08 | Nader Asghari-Kamrani | Centralized identification and authentication system and method |
US7363494B2 (en) * | 2001-12-04 | 2008-04-22 | Rsa Security Inc. | Method and apparatus for performing enhanced time-based authentication |
US20080099552A1 (en) * | 2006-10-26 | 2008-05-01 | Robert John Grillion | Method and apparatus for wireless authorization |
US7380708B1 (en) * | 2004-11-08 | 2008-06-03 | Pisafe, Inc. | Method and apparatus for providing secure document distribution |
US20080177668A1 (en) * | 2007-01-24 | 2008-07-24 | Bruno Delean | Computerized person-to-person payment system and method without use of currency |
US20080241002A1 (en) * | 2007-03-29 | 2008-10-02 | Custom Ultrasonics, Inc. | System and method for reprocessing a device having internal passageways |
US20080276312A1 (en) * | 2006-10-20 | 2008-11-06 | Kawai Tomohito | Computer readable storage medium storing software execution control program, software execution control method and software execution control system |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
SI21436A (en) | 2003-02-04 | 2004-08-31 | Renderspace - Pristop Interactive D.O.O. | Identification system for accessing protected areas |
-
2008
- 2008-09-12 US US12/209,856 patent/US7694130B1/en not_active Expired - Fee Related
Patent Citations (38)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4465153A (en) * | 1980-02-04 | 1984-08-14 | U.S. Philips Corporation | Method of coding and decoding messages |
US5367572A (en) * | 1984-11-30 | 1994-11-22 | Weiss Kenneth P | Method and apparatus for personal identification |
US6842105B1 (en) * | 1985-10-16 | 2005-01-11 | Ge Interlogix, Inc. | Dual mode data logging |
US5280527A (en) * | 1992-04-14 | 1994-01-18 | Kamahira Safe Co., Inc. | Biometric token for authorizing access to a host system |
US5490077A (en) * | 1993-01-20 | 1996-02-06 | Francotyp-Postalia Gmbh | Method for data input into a postage meter machine, arrangement for franking postal matter and for producing an advert mark respectively allocated to a cost allocation account |
US5602743A (en) * | 1993-01-20 | 1997-02-11 | Francotyp-Postalia Ag & Co. | Method for data input into a postage meter machine, arrangement for franking postal matter and for producing a franking design respectively allocated to a cost center |
US5657388A (en) * | 1993-05-25 | 1997-08-12 | Security Dynamics Technologies, Inc. | Method and apparatus for utilizing a token for resource access |
US5889861A (en) * | 1995-01-12 | 1999-03-30 | Kokusai Denshin Denwa Co., Ltd | Identity confidentiality method in radio communication system |
US5886331A (en) * | 1996-11-18 | 1999-03-23 | Lyons, Jr.; Michael J. | Electronic calculator for determining truck driver log book values |
US6557104B2 (en) * | 1997-05-02 | 2003-04-29 | Phoenix Technologies Ltd. | Method and apparatus for secure processing of cryptographic keys |
US5966753A (en) * | 1997-12-31 | 1999-10-19 | Sloan Valve Company | Method and apparatus for properly sequenced hand washing |
US6195588B1 (en) * | 1997-12-31 | 2001-02-27 | Sloan Valve Company | Control board for controlling and monitoring usage of water |
US6701194B2 (en) * | 1997-12-31 | 2004-03-02 | Sloan Valve Company | Control board for controlling and monitoring usage of water |
US20030093161A1 (en) * | 1997-12-31 | 2003-05-15 | Gauthier Jerome M. | Control board for controlling and monitoring usage of water |
US6549816B2 (en) * | 1997-12-31 | 2003-04-15 | Sloan Valve Company | Network software for a plumbing control system |
US6657535B1 (en) * | 1998-08-31 | 2003-12-02 | Hawkeye Global, Inc. | System for signaling a device at a remote location |
US6091759A (en) * | 1998-11-24 | 2000-07-18 | Motorola, Inc. | Method and apparatus for spreading and despreading data in a spread-spectrum communication system |
US20040103287A1 (en) * | 2000-09-01 | 2004-05-27 | Newby Robert Matthew | Electronic device with time dependent access codes and apparatus for generating those codes |
US20020123359A1 (en) * | 2000-12-01 | 2002-09-05 | Multiscience System Pte Limited | Network for information transfer for mobile stations |
US20020116450A1 (en) * | 2000-12-01 | 2002-08-22 | Multiscience System Pte Ltd. | Network for information transfer for mobile stations |
US20020169988A1 (en) * | 2000-12-22 | 2002-11-14 | Vandergeest Ron J. | Method and apparatus for providing user authentication using a back channel |
US20020179709A1 (en) * | 2001-05-30 | 2002-12-05 | Dan Mehler | Resilient bar code and scanner |
US6820808B2 (en) * | 2001-05-30 | 2004-11-23 | Dan Mehler | Resilient bar code and scanner |
US20050198379A1 (en) * | 2001-06-13 | 2005-09-08 | Citrix Systems, Inc. | Automatically reconnecting a client across reliable and persistent communication sessions |
US7356837B2 (en) * | 2001-08-29 | 2008-04-08 | Nader Asghari-Kamrani | Centralized identification and authentication system and method |
US7363494B2 (en) * | 2001-12-04 | 2008-04-22 | Rsa Security Inc. | Method and apparatus for performing enhanced time-based authentication |
US20050066049A1 (en) * | 2003-09-19 | 2005-03-24 | Alcatel | Extendable local network associated with a building |
US20060156385A1 (en) * | 2003-12-30 | 2006-07-13 | Entrust Limited | Method and apparatus for providing authentication using policy-controlled authentication articles and techniques |
US7308250B2 (en) * | 2004-03-16 | 2007-12-11 | Broadcom Corporation | Integration of secure identification logic into cell phone |
US20050213519A1 (en) * | 2004-03-24 | 2005-09-29 | Sandeep Relan | Global positioning system (GPS) based secure access |
US7372839B2 (en) * | 2004-03-24 | 2008-05-13 | Broadcom Corporation | Global positioning system (GPS) based secure access |
US7380708B1 (en) * | 2004-11-08 | 2008-06-03 | Pisafe, Inc. | Method and apparatus for providing secure document distribution |
US20070136800A1 (en) * | 2005-12-13 | 2007-06-14 | Microsoft Corporation | Two-way authentication using a combined code |
US20070220100A1 (en) * | 2006-02-07 | 2007-09-20 | Outland Research, Llc | Collaborative Rejection of Media for Physical Establishments |
US20080276312A1 (en) * | 2006-10-20 | 2008-11-06 | Kawai Tomohito | Computer readable storage medium storing software execution control program, software execution control method and software execution control system |
US20080099552A1 (en) * | 2006-10-26 | 2008-05-01 | Robert John Grillion | Method and apparatus for wireless authorization |
US20080177668A1 (en) * | 2007-01-24 | 2008-07-24 | Bruno Delean | Computerized person-to-person payment system and method without use of currency |
US20080241002A1 (en) * | 2007-03-29 | 2008-10-02 | Custom Ultrasonics, Inc. | System and method for reprocessing a device having internal passageways |
Cited By (64)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9703938B2 (en) | 2001-08-29 | 2017-07-11 | Nader Asghari-Kamrani | Direct authentication system and method via trusted authenticators |
US9870453B2 (en) | 2001-08-29 | 2018-01-16 | Nader Asghari-Kamrani | Direct authentication system and method via trusted authenticators |
US9727864B2 (en) * | 2001-08-29 | 2017-08-08 | Nader Asghari-Kamrani | Centralized identification and authentication system and method |
US10083285B2 (en) | 2001-08-29 | 2018-09-25 | Nader Asghari-Kamrani | Direct authentication system and method via trusted authenticators |
US20130036053A1 (en) * | 2001-08-29 | 2013-02-07 | Nader Asghari-Kamrani | Centralized Identification and Authentication System and Method |
US10769297B2 (en) | 2001-08-29 | 2020-09-08 | Nader Asghari-Kamrani | Centralized identification and authentication system and method |
US20090006217A1 (en) * | 2007-06-29 | 2009-01-01 | Vidicom Limited | Effecting an electronic payment |
US8768778B2 (en) | 2007-06-29 | 2014-07-01 | Boku, Inc. | Effecting an electronic payment |
US9449313B2 (en) | 2008-05-23 | 2016-09-20 | Boku, Inc. | Customer to supplier funds transfer |
US9652761B2 (en) | 2009-01-23 | 2017-05-16 | Boku, Inc. | Systems and methods to facilitate electronic payments |
US20100191646A1 (en) * | 2009-01-23 | 2010-07-29 | Boku, Inc. | Systems and Methods to Facilitate Electronic Payments |
US20100216425A1 (en) * | 2009-02-20 | 2010-08-26 | Boku, Inc. | Systems and Methods to Approve Electronic Payments |
US8548426B2 (en) | 2009-02-20 | 2013-10-01 | Boku, Inc. | Systems and methods to approve electronic payments |
US20100223183A1 (en) * | 2009-03-02 | 2010-09-02 | Boku, Inc. | Systems and Methods to Provide Information |
US9990623B2 (en) | 2009-03-02 | 2018-06-05 | Boku, Inc. | Systems and methods to provide information |
US8700530B2 (en) | 2009-03-10 | 2014-04-15 | Boku, Inc. | Systems and methods to process user initiated transactions |
US20100235276A1 (en) * | 2009-03-10 | 2010-09-16 | Boku, Inc. | Systems and Methods to Process User Initiated Transactions |
US20100299220A1 (en) * | 2009-05-19 | 2010-11-25 | Boku, Inc. | Systems and Methods to Confirm Transactions via Mobile Devices |
US8386353B2 (en) | 2009-05-27 | 2013-02-26 | Boku, Inc. | Systems and methods to process transactions based on social networking |
US20100306015A1 (en) * | 2009-05-29 | 2010-12-02 | Boku, Inc. | Systems and Methods to Schedule Transactions |
US9595028B2 (en) | 2009-06-08 | 2017-03-14 | Boku, Inc. | Systems and methods to add funds to an account via a mobile communication device |
US20100312645A1 (en) * | 2009-06-09 | 2010-12-09 | Boku, Inc. | Systems and Methods to Facilitate Purchases on Mobile Devices |
US9697510B2 (en) | 2009-07-23 | 2017-07-04 | Boku, Inc. | Systems and methods to facilitate retail transactions |
US9519892B2 (en) | 2009-08-04 | 2016-12-13 | Boku, Inc. | Systems and methods to accelerate transactions |
US20110035302A1 (en) * | 2009-08-04 | 2011-02-10 | Boku, Inc. | Systems and Methods to Accelerate Transactions |
US8660911B2 (en) | 2009-09-23 | 2014-02-25 | Boku, Inc. | Systems and methods to facilitate online transactions |
US9135616B2 (en) | 2009-09-23 | 2015-09-15 | Boku, Inc. | Systems and methods to facilitate online transactions |
US20110078077A1 (en) * | 2009-09-29 | 2011-03-31 | Boku, Inc. | Systems and Methods to Facilitate Online Transactions |
US8224709B2 (en) | 2009-10-01 | 2012-07-17 | Boku, Inc. | Systems and methods for pre-defined purchases on a mobile communication device |
US20110082772A1 (en) * | 2009-10-01 | 2011-04-07 | Boku, Inc. | Systems and Methods for Purchases on a Mobile Communication Device |
US8392274B2 (en) | 2009-10-01 | 2013-03-05 | Boku, Inc. | Systems and methods for purchases on a mobile communication device |
US8412626B2 (en) | 2009-12-10 | 2013-04-02 | Boku, Inc. | Systems and methods to secure transactions via mobile devices |
US20110143710A1 (en) * | 2009-12-16 | 2011-06-16 | Boku, Inc. | Systems and methods to facilitate electronic payments |
US8566188B2 (en) | 2010-01-13 | 2013-10-22 | Boku, Inc. | Systems and methods to route messages to facilitate online transactions |
US20110173106A1 (en) * | 2010-01-13 | 2011-07-14 | Boku, Inc. | Systems and Methods to Route Messages to Facilitate Online Transactions |
US20110213671A1 (en) * | 2010-02-26 | 2011-09-01 | Boku, Inc. | Systems and Methods to Process Payments |
US8478734B2 (en) | 2010-03-25 | 2013-07-02 | Boku, Inc. | Systems and methods to provide access control via mobile phones |
US20110238483A1 (en) * | 2010-03-29 | 2011-09-29 | Boku, Inc. | Systems and Methods to Distribute and Redeem Offers |
US20110237232A1 (en) * | 2010-03-29 | 2011-09-29 | Boku, Inc. | Systems and Methods to Provide Offers on Mobile Devices |
US8583504B2 (en) | 2010-03-29 | 2013-11-12 | Boku, Inc. | Systems and methods to provide offers on mobile devices |
US8589290B2 (en) | 2010-08-11 | 2013-11-19 | Boku, Inc. | Systems and methods to identify carrier information for transmission of billing messages |
US8958772B2 (en) | 2010-12-16 | 2015-02-17 | Boku, Inc. | Systems and methods to selectively authenticate via mobile communications |
US8699994B2 (en) | 2010-12-16 | 2014-04-15 | Boku, Inc. | Systems and methods to selectively authenticate via mobile communications |
US8412155B2 (en) | 2010-12-20 | 2013-04-02 | Boku, Inc. | Systems and methods to accelerate transactions based on predictions |
US8583496B2 (en) | 2010-12-29 | 2013-11-12 | Boku, Inc. | Systems and methods to process payments via account identifiers and phone numbers |
US8700524B2 (en) | 2011-01-04 | 2014-04-15 | Boku, Inc. | Systems and methods to restrict payment transactions |
US11538026B2 (en) | 2011-04-15 | 2022-12-27 | Shift4 Corporation | Method and system for enabling merchants to share tokens |
US10586230B2 (en) | 2011-04-15 | 2020-03-10 | Shift4 Corporation | Method and system for enabling merchants to share tokens |
US10515356B2 (en) * | 2011-04-15 | 2019-12-24 | Shift4 Corporation | Method and system for utilizing authorization factor pools |
US8774758B2 (en) | 2011-04-26 | 2014-07-08 | Boku, Inc. | Systems and methods to facilitate repeated purchases |
US8543087B2 (en) | 2011-04-26 | 2013-09-24 | Boku, Inc. | Systems and methods to facilitate repeated purchases |
US9202211B2 (en) | 2011-04-26 | 2015-12-01 | Boku, Inc. | Systems and methods to facilitate repeated purchases |
US8774757B2 (en) | 2011-04-26 | 2014-07-08 | Boku, Inc. | Systems and methods to facilitate repeated purchases |
US9830622B1 (en) | 2011-04-28 | 2017-11-28 | Boku, Inc. | Systems and methods to process donations |
US9191217B2 (en) | 2011-04-28 | 2015-11-17 | Boku, Inc. | Systems and methods to process donations |
US10819516B2 (en) * | 2017-10-19 | 2020-10-27 | Autnhive Corporation | System and method for generating and depositing keys for multi-point authentication |
US10903997B2 (en) | 2017-10-19 | 2021-01-26 | Autnhive Corporation | Generating keys using controlled corruption in computer networks |
US11336446B2 (en) | 2017-10-19 | 2022-05-17 | Autnhive Corporation | System and method for generating and depositing keys for multi-point authentication |
US11368301B2 (en) | 2017-10-19 | 2022-06-21 | Autnhive Corporation | Generating keys using controlled corruption in computer networks |
US10320564B2 (en) * | 2017-10-19 | 2019-06-11 | Autnhive Corporation | System and method for generating and depositing keys for multi-point authentication |
US11652629B2 (en) | 2017-10-19 | 2023-05-16 | Autnhive Corporation | Generating keys using controlled corruption in computer networks |
US11930111B2 (en) | 2017-10-19 | 2024-03-12 | Autnhive Corporation | System and method for generating and depositing keys for multi-point authentication |
US10417715B1 (en) * | 2018-02-14 | 2019-09-17 | Hippo Technologies LLC | Computer architectures and associated methods for enabling real-time data determinations and distribution |
US11810203B1 (en) | 2018-02-14 | 2023-11-07 | Hippo Technologies LLC | Computer architectures and associated methods for enabling real-time data determinations and distribution |
Also Published As
Publication number | Publication date |
---|---|
US7694130B1 (en) | 2010-04-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7694130B1 (en) | System and method to authenticate a user utilizing a time-varying auxiliary code | |
US10616198B2 (en) | Apparatus, system and method employing a wireless user-device | |
US5475756A (en) | Method of authenticating a terminal in a transaction execution system | |
US10037516B2 (en) | Secure transactions using a point of sale device | |
US8850218B2 (en) | OTP generation using a camouflaged key | |
US10528940B2 (en) | PIN servicing | |
US8365988B1 (en) | Dynamic credit card security code via mobile device | |
JP4388039B2 (en) | Internet payment system | |
US20090172402A1 (en) | Multi-factor authentication and certification system for electronic transactions | |
US20120191615A1 (en) | Secure Credit Transactions | |
US20120246075A1 (en) | Secure electronic payment methods | |
US20080216172A1 (en) | Systems, methods, and apparatus for secure transactions in trusted systems | |
US20090144162A1 (en) | Transaction Security Method and Apparatus | |
US9600808B1 (en) | Secure payment card, method and system | |
US20050018883A1 (en) | Systems and methods for facilitating transactions | |
CA2783841C (en) | Electronic transaction security system and method | |
US20030038707A1 (en) | Method for secured identification of user's id | |
CA3154449C (en) | A digital, personal and secure electronic access permission | |
EP3276878A1 (en) | Method for the safe authentication of a request made to a remote provider and generated in a personal device with bifurcation of the transmission of an authentication means | |
EP3379856A1 (en) | Method of user authentication into third-party applications, using a mobile device | |
WO2006036363A2 (en) | Highly secure and low-cost dialogic enciphered dynamic pin system for credit card and login | |
JPH10294727A (en) | Data collation method | |
JP2009259297A (en) | Network settlement auxiliary equipment | |
TWI679603B (en) | System for assisting a financial card holder in setting password for the first time and method thereof | |
EP3276877A1 (en) | Method for the safe authentication of a request made to a remote provider and generated in a personal device by using a one-time password depending also on the request |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
REMI | Maintenance fee reminder mailed | ||
FPAY | Fee payment |
Year of fee payment: 4 |
|
SULP | Surcharge for late payment | ||
FEPP | Fee payment procedure |
Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.) |
|
LAPS | Lapse for failure to pay maintenance fees |
Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.) |
|
STCH | Information on status: patent discontinuation |
Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362 |
|
FP | Expired due to failure to pay maintenance fee |
Effective date: 20180406 |