US20040203595A1 - Method and apparatus for user authentication using a cellular telephone and a transient pass code - Google Patents

Method and apparatus for user authentication using a cellular telephone and a transient pass code Download PDF

Info

Publication number
US20040203595A1
US20040203595A1 US10/217,287 US21728702A US2004203595A1 US 20040203595 A1 US20040203595 A1 US 20040203595A1 US 21728702 A US21728702 A US 21728702A US 2004203595 A1 US2004203595 A1 US 2004203595A1
Authority
US
United States
Prior art keywords
user
password
pass code
authentication system
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US10/217,287
Inventor
Tara Singhal
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to US10/217,287 priority Critical patent/US20040203595A1/en
Publication of US20040203595A1 publication Critical patent/US20040203595A1/en
Priority to US11/455,137 priority patent/US8103246B2/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1083Counting of PIN attempts

Definitions

  • the present invention is directed to a method and apparatus for user authentication to a computer system using a cellular telephone and transient pass codes.
  • Access to a computer system is controlled by a combination of a user ID to identify a user and a password to verify the user.
  • the password is initially created by the system and then can be changed by the user. It is only known to the user and is kept secure by an access control function within the computer system.
  • the combination of a user ID and password are the prevalent technology for access control to computer systems and are used in: (i) government agencies such as defense systems by defense employees to control access to classified data, (ii) business systems by employees of the business to control access to sensitive data, (iii) consumer systems by consumers to control access to consumer services and resources provided by a business, and (iv) banking systems to control access to online account data and so on.
  • biometrics such as the use of one's fingerprint, handprint, or retina-scan, to control access to a facility controlled by a computer system.
  • biometrics have problems such as, having finger print can be easily fooled by an imposter gluing on some-one else's finger print on his fingers, and that people are hesitant to make biometric data available to computer systems for privacy reasons.
  • Smart cards are also being used in some cases to control access to a computer system.
  • Use of smart cards or tokens require a smart card reader and a smart card being given to a person in advance. For these and other reasons they have not gained wide spread popularity.
  • the present invention is directed to a method and apparatus for a user authentication system that uses a cellular telephone.
  • an authentication system is used to store a user's existing passwords. When the user has forgotten the password, the user can retrieve it via an 800 number call to the authentication system using his/her cell telephone, before logging on to the system.
  • the current caller ID technology provided by the telephone companies uniquely identifies a cell phone owner and is used to verify the caller to the authentication system.
  • the authentication system does not store existing passwords, but creates, on demand, a temporary or transient random pass code that is good for a limited time.
  • transient pass codes are randomly created only at the instance of use. They do not exist earlier anywhere. They can be very simple, for example a 3-digit numeral, and are believed to be far more secure in their operation and use than the current use of passwords.
  • the user has only a set time to gain access to the computer system using the user ID and the transient pass code.
  • the set time may be selected based on user's preference and the security needs of the system.
  • This invention may be practiced in different versions, as the systems have different security needs and the users have different habits. These are described in the description section.
  • the authentication system of this invention serves (i) the users, by the users not having to create and or remember passwords, and (ii) the businesses by eliminating the risk of having passwords compromised by carelessness or negligence of users or employees and of being a target for hackers.
  • FIG. 1A is a block diagram that illustrates a version of the current invention
  • FIG. 1B is a block diagram that illustrates another version of the current invention
  • FIG. 1C is a block diagram that illustrates yet another version of the current invention.
  • FIG. 2 illustrates system interfaces
  • FIG. 3 is a block diagram that illustrates a version of the authentication system
  • FIG. 4 is a version of web pages that illustrates user access to the authentication system.
  • pass code and password are used interchangeably.
  • password is used for an existing password and pass code is used for those passwords that are created on demand for an instance of use according to this invention.
  • authentication system 10 interfaces with a user 06 via a cellular telephone 04 and telephone network 16 .
  • the user has access to the system 20 A-D via a system interface 02 .
  • the system 20 A-D may be a bank system 20 A, a business system 20 B, a consumer system 20 C or a facility access system 20 D.
  • the system interface 02 may be a log in web page 210 , 220 , 230 or it may be an ATM/POS/Facility Access terminal 250 .
  • the authentication system 10 may be deployed as a stand-alone system, where it may store and allow the user to retrieve passwords of multiple number of systems 20 A-D where user maintains accounts.
  • the authentication system 10 functions may be embedded in the system 20 A-D itself, such that the user is able to retrieve the password for that particular system.
  • authentication system 10 functions may be embedded in the system 20 itself as authentication function 10 A, as part of the system 20 A-D's existing access control function 34 , which maintains user ID 12 and password 28 .
  • the invention enables storing user's passwords of system 20 A-D in an authentication system 10 , from where they can be retrieved by the user 06 , when forgotten, through use of a cell phone 04 .
  • the authentication system 10 on request of a user 06 via a cell phone 04 , creates in real time a random transient pass code for use for a limited time.
  • the authentication system 10 communicates the transient pass code to the user 06 via voice response on the cell phone 04 .
  • the authentication system 10 also communicates the transient pass code to the specific system 20 to which the user 06 wishes to gain access.
  • a cell telephone 04 to call the authentication system 10 is used because a cell telephone: (i) is a personal item in the personal physical control of the owner, (ii) uniquely identifies the owner, an entity independent of the owner, the telephone company has verified the owner identity, (iii) provides caller ID which cannot be tampered or altered by a user as the caller ID is provided by the telephone company computer systems, further more the caller ID cannot be blocked when calling an 800 number (iv) due to it's convenience and affordable pricing are used by almost every body, and (v) have a minimal risk of theft as the location of a cell phone can be traced by the telephone company.
  • fixed telephones as in a home may also be used.
  • the user 06 makes a secure Internet connection to the authentication system 10 (not shown), which provides a web page 400 as illustrated in FIG. 4.
  • the web page 400 allows the user 06 to create or access the user's account in the authentication system 10 .
  • the data required on web page 400 is cell tel number 350 , name 352 , e-mail 354 and PIN 356 .
  • the web page 410 displayed in response to completing web page 400 data entries, allows the user 06 to enter the system 20 names 366 and corresponding passwords 364 .
  • the user can enter multiple system names and passwords.
  • the data so entered is saved in the authentication system 10 , described later with respect to FIG. 3.
  • the authentication system 10 verifies the caller ID as telephone number 350 and prompts for the PIN 356 and the name of the system 366 , asking the user to enter PIN 356 and select the system 20 , if the user has stored a password for more than one system.
  • the authentication system 10 then voice responds with the password 364 of the selected system.
  • the voice response technology such as being able to annunciate alphanumeric digits is prior art that is in common use in telephone and banking systems.
  • the user 06 makes a secure Internet connection to the authentication system 10 (not shown), which provides a web page 400 as illustrated in FIG. 4,
  • the web page 400 allows the user 06 to create or access the user account in the authentication system 10 .
  • the data required on web page 400 is cell tel number 350 , name 352 , e-mail 354 and PIN 356 .
  • the web page 420 displayed in response to completing the data in web page 400 , provides a list of systems 20 A-D with which the authentication system 10 has a prior established interface.
  • the page 420 displays a list of such systems by system ID 358 and system name 366 .
  • the web page 420 allows the user 06 to select the systems where he/she has an account 422 and for each such system to enter the corresponding user ID 360 and set time 362 for the transient pass code.
  • the user 06 has selected three systems Bank Acme 414 A, DMV 414 B and Shop NWRK 414 C. These selections are identified as 1, 2 and 3 as system ID 422 .
  • the data so entered in page 420 is saved in the authentication system 10 , described later with respect to FIG. 3.
  • User 06 opens the authentication system 10 account via a secure Internet connection.
  • the authentication system 10 verifies the user identity. This verification of user identity may include one or more steps such as, calling the user on the cell phone number to verify the user has the cell phone number and contacting the telephone company and verifying that the cell phone owner name matches that provided by the user.
  • a user 06 calls, on his/her cell phone 04 , the authentication system 10 .
  • the authentication system has pre-stored system identification and corresponding user identification.
  • the user enters a PIN and identifies the system as 1, 2 or 3.
  • the authentication system verifies the caller by caller ID and the PIN and creates a time-limited password.
  • the authentication system communicates the time-limited password to the cell phone via voice response.
  • the authentication system communicates the time-limited password to the system 20 using the system identification and the user identification.
  • the system 20 deletes the time-limited password on occurrence of first access or expiration of a time limit.
  • the authentication system 10 includes (i) a storage device 326 , (ii) an operating system 302 stored in the storage device 326 , (iii) an authentication function program 10 A stored in the storage device 326 , (iv) and a processor 330 connected to the storage device 326 .
  • the processor 330 can include one or more conventional CPU's.
  • the processor 330 can be capable of high volume processing and database searches.
  • the authentication system storage device 326 can, for example, include one or more magnetic disk drives, magnetic tape drives, optical storage units, CD-ROM drives and/or flash memory.
  • the storage device 326 also contains a plurality of databases used in the processing of transactions pursuant to the present invention.
  • the storage device 326 can include a system database 340 , a customer database 338 and a transaction database 342 .
  • the authentication system 10 includes a system network interface (not shown) that allows the authentication system 10 to communicate with the user 06 .
  • Conventional internal or external modems may serve as the system network interface.
  • the system network interface is connected to the user interface 02 on a global network 18 .
  • the authentication system 10 also includes a system network interface (not shown) that allows the authentication system 10 to communicate with the telephone network 16 to receive and respond to telephone calls from the user 06 .
  • the authentication system 10 also includes a system network interface (not shown) that allows the computer 10 to communicate with systems 20 A-D.
  • a system network interface (not shown) that allows the computer 10 to communicate with systems 20 A-D.
  • Conventional internal or external modems may serve as the system network interface.
  • the system network interface is connected to the system 20 A-D on a global network 18 .
  • the processor 330 is operative with the authentication function 10 A to perform a customer interface function, a password function, and a system interface function. These are described later in the specification.
  • the customer database 338 within the authentication system 10 contains data specifically related to the user 06 that is transferred to the system 10 from the user.
  • the private data related to the user 06 is caller ID 350 , name 352 , e-mail address 354 , PIN 356 , system A ID 358 and corresponding user ID 360 , and set time 362 or the password 364 .
  • the system database 340 identifies the information on the system 20 , which needs to be accessed by the authentication system 10 to send the transient passwords.
  • the Information may include system ID 358 , system name 366 , and system access path 368 .
  • This transaction database 342 logs all password request transactions by a transaction reference 370 , date/time 372 , caller ID 374 , and system ID 358 .
  • user ID 360 and set time 376 are also maintained for the embodiment that enables sending a transient pass code to system 20 .
  • the authentication function 10 A is operative with the processor 330 to provide the functions of (i) customer interface function, (ii) password function, and (iii) system interface function.
  • the customer interface function performs the tasks of (i) opening an account via web page 400 , (ii) receiving user id, system id, and set time via web page 420 or receiving system name and password via web page 410 , (iii) receiving an 800 call, verifying caller id, and (iv) delivering a voice/text response transient password or a stored password.
  • a PIN 356 may be utilized to verify the caller to the authentication system 10 .
  • Use of a PIN is the prevalent technology, for example in gaining access to banking services and voice mail messages.
  • the password function performs the tasks of (i) creating a random transient password, (ii) alerting the system interface function to send user ID and the transient password, (iii) set a timer for set time, and (iv) at the expiration of the timer alerting the system interface function to send user ID and a null password.
  • the transient passwords are randomly created by the password function using a prior art random number generator.
  • the transient passwords may be very simple. For example, they may be a two to four digit numerals, making them easy to receive and use by the user.
  • Transient passwords do not permanently reside anywhere, including the authentication system 10 or even the computer system 20 beyond their transient life.
  • the transient life may be selected by the user based on his/her personal habits in how long does it take them to log on to the system after they have requested a transient password.
  • User specifies the set time at the time of pre-storing the user ID in the authentication system 10 via web page 420 .
  • the set time may be specified from a group of 15 seconds, 30 seconds, 45 seconds, 60 seconds, one hour, one day, one month, and three month. The set time is based on user habits and the security needs of the system 20 .
  • the system interface function performs the tasks of (i) interfacing with the system 20 , and (ii) sending user ID and the transient password to the system 20 .
  • the system interface function may use a special connect path to obtain access to the access control function 34 of the system 20 .
  • the system interface function enables a privileged and secure connection to the system 20 that allows the access control function 34 in the system 20 to receive from the authentication system 10 , the user ID 12 and transient password 14 .
  • the system interface connection may be via the Internet or it may be a dedicated telephone line connection.
  • the system interface function sends to the system 20 , a user's pre-stored user ID and the random pass code created on user demand.
  • the access control function in the system 20 updates the existing password by the pass code.
  • the system interface function sends the same pre-stored user ID and a null pass code to the system 20 .
  • the system 20 updates the password by the null pass code, ending the life of the pass code.
  • This invention may be practiced in different versions, as the systems have different security needs and the users have different habits.
  • the access control function 34 of system 20 may have different versions allowing flexibility in how the passwords and pass codes are used.
  • the authentication system 10 sends the user ID, the transient pass code and the set time all at the same time, avoiding a second or subsequent data interface to system 20 .
  • the access control function 34 of the system 20 would run its own timer and after expiry of set time would disable the transient pass code.
  • the access control function 34 may disable the transient pass code either upon first access or after set time expires.
  • the access control function 34 may be able to use either an existing password or a transient pass code. Three different versions are described here.
  • a system may require only the transient pass code for gaining access to system 20 .
  • either the traditional password OR the transient pass code may be used by the user to gain access to the system 20 .
  • the access control function 34 is adapted to recognize, either the traditional password or the transient pass code as valid user verification, enabling those users who do not see a need to adopt the transient pass code, to continue to use the traditional password and those users who want to use the transient pass code, to also do so.
  • both the traditional password AND the transient pass code may be required to gain access, as may be used in very high security systems.
  • Log in page 210 requires the use of an existing password 14 .
  • User instructions 216 describe how the password is obtained by calling an 800 number using the user's cell phone.
  • Log in page 220 requires the use of a transient pass code, as instructions 226 describes this feature of the log on procedure.
  • the password is in the form of a passkey.
  • the passkey has embedded user identification and a random pass code. The passkey is sufficient both to identify the user and to verify the user to the system.
  • a user before logging on to the online bank system would call an 800 number of the bank.
  • the bank would verify the caller ID with either the user home number or the cell telephone number, and request the PIN code, the same PIN code for an ATM card.
  • the authentication function 10 A in the bank computer system 20 would generate a random number and append it to the user telephone number making it a passkey, send it to the user on the telephone, and send it to the access control function 34 of the system 20 .
  • log-in-page 230 the user would log on with a passkey 29 as one string, eliminating the user ID and password data entry fields.
  • the access control function 34 would both identify the user 06 and verify the user with the passkey 29 .
  • a user has a cell telephone number of 1-707 399 4333 and calls 1-800 Bank One.
  • the bank system asks for a PIN and the user enters a PIN of 1249, the same PIN used for an ATM or the last four digits of social security number.
  • the authentication function 10 A in the bank computer system identifies and verifies the user and creates a passkey of 7073994333-4345, where the first number is the cell telephone number and the last four digits are a random number created for this user for this transaction.
  • the authentication function 10 A communicates the passkey of 7073994333-4345 to the access control function 34 .
  • the authentication function 10 A also communicates the passkey to the user 06 . Since the user already knows the telephone number, there is no need to communicate that part of the passkey. Therefore the voice response may be “plus 3445. A time limit for which this passkey is useable may also be voice annunciated such as “plus3445 three minutes”.
  • the user on login page 230 , enters passkey 29 as 7073994333-4345.
  • Legend 236 describes to the user how to obtain the passkey 29 .
  • the bank identifies the user 06 by the telephone number 707 399 4333 and verifies the user 06 by the random code of 4345, and grants access for one time or for a time limit of three minutes.
  • the bank it provides: (i) not having to implement a new system other than the authentication function software 10 A in their existing bank computer system 20 , (2) security for the bank, as a transaction log is created for each request for a passkey and a random number is embedded in each passkey, and (3) additional security as the use of a passkey may be limited for a single transaction and/or for a set time, and the user may be so advised when the passkey is voice response delivered.
  • FIG. 1C Another version of this invention is illustrated with reference to FIG. 1C.
  • the system 20 has a firewall 24 , which screens all data packets 22 of information coming in from system interface 02 over the Internet.
  • a packet 22 has a packet header 30 and packet data 32 .
  • the system interface 02 is adapted to embed the passkey 29 as part of each packet header 30 .
  • the passkey 29 may be included in the source field of the packet header 30 , without the need to create a new field for the passkey 29 .
  • the access control function 34 of the system 20 copies the passkey to the firewall 24 .
  • the firewall 24 stores this passkey and uses it to compare with the passkey of the data packets as they arrive.
  • the software/firmware in the firewall 24 is adapted to discard those packets 22 that either do not have a passkey 29 or the passkey does not match the passkey that is stored in the firewall 24 .
  • the advantage of this version is that the user access that has been not authenticated by the authentication system 10 is blocked at the firewall 24 of the system 20 .
  • the authentication system 10 allows the user to create and use transient pass codes or use his/her existing passwords when accessing the computer systems 20 A-D where he/she has accounts accessible by a user ID and a password.
  • the transient pass codes are simple, easily created immediately prior to the time of gaining access to a computer system, and have a short transient life, thus eliminating many of the problems in using passwords, as described earlier in this specification.

Abstract

Authentication system 10 is used to store a user's existing passwords; alternatively, the authentication system creates on demand a transient random pass code that is good for a limited duration. When the user has forgotten the password in a traditional system, alternatively, without the need to create or remember passwords, user can use transient pass codes. The user retrieves the password or the pass code via a cell telephone 800 call to the authentication system, before logging on to the system.

Description

    FIELD OF THE INVENTION
  • The present invention is directed to a method and apparatus for user authentication to a computer system using a cellular telephone and transient pass codes. [0001]
    • BACKGROUND
  • Access to a computer system is controlled by a combination of a user ID to identify a user and a password to verify the user. The password is initially created by the system and then can be changed by the user. It is only known to the user and is kept secure by an access control function within the computer system. [0002]
  • The combination of a user ID and password are the prevalent technology for access control to computer systems and are used in: (i) government agencies such as defense systems by defense employees to control access to classified data, (ii) business systems by employees of the business to control access to sensitive data, (iii) consumer systems by consumers to control access to consumer services and resources provided by a business, and (iv) banking systems to control access to online account data and so on. [0003]
  • The use of a password to control access suffers from some deficiencies, such as, too many passwords, easy to forget and unfamiliar difficult to remember long string passwords, and risk of compromise. [0004]
  • There have been many solutions to address one or more of these deficiencies. Some of them have been: 1) having longer passwords of at least 6 to 8 characters, where the password must have a combination of numerals and alphabets, 2) having password that have a combination of lower and upper case letters as well as a punctuation character, also referred to a pass phrase 3) having two layers of passwords common in defense systems 4) having the password changed periodically such as once a month or every three months, which is common in defense and sensitive business systems, 5) supplying additional personal data such as mother's name, place of birth or other data to the computer system when a password is forgotten, so that such data may be used to verify the user in lieu of a forgotten password. [0005]
  • New innovative solutions to address these deficiencies in password technology are also being researched. One example is a recent news report on Microsoft, which describes a research effort on creating and using a password that depends upon a user selecting points on a picture. The pixel location sequence is to be used as a password, as it is believed that points on a picture are easy to remember and also create a complex password. [0006]
  • Other solutions have been biometrics, such as the use of one's fingerprint, handprint, or retina-scan, to control access to a facility controlled by a computer system. Based on published stories, use of biometrics, have problems such as, having finger print can be easily fooled by an imposter gluing on some-one else's finger print on his fingers, and that people are hesitant to make biometric data available to computer systems for privacy reasons. [0007]
  • Smart cards are also being used in some cases to control access to a computer system. Use of smart cards or tokens require a smart card reader and a smart card being given to a person in advance. For these and other reasons they have not gained wide spread popularity. [0008]
  • In light of the above, it is an objective of the present invention to have a user authentication system that eliminates the problems of: (i) the users in having to create and remember passwords, in having to create different passwords for access to different systems, and passwords being stolen from the users by their carelessness or negligence; and (ii) the businesses in having to maintain computer systems that have a risk of compromise of password by carelessness of their employees or external hacker attacks. [0009]
    • SUMMARY
  • The present invention is directed to a method and apparatus for a user authentication system that uses a cellular telephone. In one embodiment, an authentication system is used to store a user's existing passwords. When the user has forgotten the password, the user can retrieve it via an 800 number call to the authentication system using his/her cell telephone, before logging on to the system. The current caller ID technology provided by the telephone companies uniquely identifies a cell phone owner and is used to verify the caller to the authentication system. [0010]
  • In another embodiment, the authentication system does not store existing passwords, but creates, on demand, a temporary or transient random pass code that is good for a limited time. Such transient pass codes are randomly created only at the instance of use. They do not exist earlier anywhere. They can be very simple, for example a 3-digit numeral, and are believed to be far more secure in their operation and use than the current use of passwords. [0011]
  • The user has only a set time to gain access to the computer system using the user ID and the transient pass code. The set time may be selected based on user's preference and the security needs of the system. [0012]
  • This invention may be practiced in different versions, as the systems have different security needs and the users have different habits. These are described in the description section. [0013]
  • The authentication system of this invention serves (i) the users, by the users not having to create and or remember passwords, and (ii) the businesses by eliminating the risk of having passwords compromised by carelessness or negligence of users or employees and of being a target for hackers. [0014]
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • The novel features of this invention, as well as the invention itself, both as to its structure and its operation, will be best understood from the accompanying drawings, taken in conjunction with the accompanying description, in which similar reference characters refer to similar parts, and in which: [0015]
  • FIG. 1A is a block diagram that illustrates a version of the current invention; [0016]
  • FIG. 1B is a block diagram that illustrates another version of the current invention; [0017]
  • FIG. 1C is a block diagram that illustrates yet another version of the current invention; [0018]
  • FIG. 2 illustrates system interfaces; [0019]
  • FIG. 3 is a block diagram that illustrates a version of the authentication system; and [0020]
  • FIG. 4 is a version of web pages that illustrates user access to the authentication system. [0021]
    • DESCRIPTION
  • Introduction [0022]
  • In this specification, the terminology pass code and password is used interchangeably. However, where it is necessary to distinguish, the term password is used for an existing password and pass code is used for those passwords that are created on demand for an instance of use according to this invention. [0023]
  • With initial reference to FIG. 1A, [0024] authentication system 10, interfaces with a user 06 via a cellular telephone 04 and telephone network 16. The user has access to the system 20A-D via a system interface 02. The system 20A-D may be a bank system 20A, a business system 20B, a consumer system 20C or a facility access system 20D.
  • As illustrated in FIG. 2, the [0025] system interface 02 may be a log in web page 210, 220, 230 or it may be an ATM/POS/Facility Access terminal 250.
  • As illustrated in FIG. 1A, the [0026] authentication system 10 may be deployed as a stand-alone system, where it may store and allow the user to retrieve passwords of multiple number of systems 20A-D where user maintains accounts.
  • Alternatively, the [0027] authentication system 10 functions may be embedded in the system 20A-D itself, such that the user is able to retrieve the password for that particular system. With reference to FIG. 1B, authentication system 10 functions may be embedded in the system 20 itself as authentication function 10A, as part of the system 20A-D's existing access control function 34, which maintains user ID 12 and password 28.
  • In a first embodiment with stored passwords, the invention enables storing user's passwords of [0028] system 20A-D in an authentication system 10, from where they can be retrieved by the user 06, when forgotten, through use of a cell phone 04.
  • In a second embodiment with transient pass codes, the [0029] authentication system 10, on request of a user 06 via a cell phone 04, creates in real time a random transient pass code for use for a limited time. The authentication system 10 communicates the transient pass code to the user 06 via voice response on the cell phone 04. The authentication system 10 also communicates the transient pass code to the specific system 20 to which the user 06 wishes to gain access.
  • A [0030] cell telephone 04 to call the authentication system 10 is used because a cell telephone: (i) is a personal item in the personal physical control of the owner, (ii) uniquely identifies the owner, an entity independent of the owner, the telephone company has verified the owner identity, (iii) provides caller ID which cannot be tampered or altered by a user as the caller ID is provided by the telephone company computer systems, further more the caller ID cannot be blocked when calling an 800 number (iv) due to it's convenience and affordable pricing are used by almost every body, and (v) have a minimal risk of theft as the location of a cell phone can be traced by the telephone company. However, fixed telephones as in a home may also be used.
  • These embodiments are described herein. The headings are provided for the convenience of the reader. [0031]
  • Embodiment with Stored Passwords [0032]
  • The [0033] user 06 makes a secure Internet connection to the authentication system 10 (not shown), which provides a web page 400 as illustrated in FIG. 4. The web page 400 allows the user 06 to create or access the user's account in the authentication system 10. The data required on web page 400 is cell tel number 350, name 352, e-mail 354 and PIN 356.
  • The [0034] web page 410, displayed in response to completing web page 400 data entries, allows the user 06 to enter the system 20 names 366 and corresponding passwords 364. The user can enter multiple system names and passwords. The data so entered is saved in the authentication system 10, described later with respect to FIG. 3.
  • Subsequently, with reference to FIG. 2, if the [0035] user 06 when logging on a system 20A-D with a login web page 210, which requires a user ID 12 and a password 28, has forgotten the password, the legend 216 advises the user to call an 800 number to retrieve the password.
  • When the [0036] user 06 calls the authentication system 10 using his/her cell phone 04, the authentication system 10 verifies the caller ID as telephone number 350 and prompts for the PIN 356 and the name of the system 366, asking the user to enter PIN 356 and select the system 20, if the user has stored a password for more than one system. The authentication system 10 then voice responds with the password 364 of the selected system. The voice response technology such as being able to annunciate alphanumeric digits is prior art that is in common use in telephone and banking systems.
  • Embodiment with Transient Pass Code [0037]
  • The [0038] user 06 makes a secure Internet connection to the authentication system 10 (not shown), which provides a web page 400 as illustrated in FIG. 4, The web page 400 allows the user 06 to create or access the user account in the authentication system 10. The data required on web page 400 is cell tel number 350, name 352, e-mail 354 and PIN 356.
  • The [0039] web page 420, displayed in response to completing the data in web page 400, provides a list of systems 20A-D with which the authentication system 10 has a prior established interface. The page 420 displays a list of such systems by system ID 358 and system name 366.
  • The [0040] web page 420, allows the user 06 to select the systems where he/she has an account 422 and for each such system to enter the corresponding user ID 360 and set time 362 for the transient pass code. As an illustration, the user 06 has selected three systems Bank Acme 414A, DMV 414B and Shop NWRK 414C. These selections are identified as 1, 2 and 3 as system ID 422. The data so entered in page 420 is saved in the authentication system 10, described later with respect to FIG. 3.
  • [0041] User 06 opens the authentication system 10 account via a secure Internet connection. To eliminate the possibility of fraud where some one else may open the user account with access to user data, the authentication system 10 verifies the user identity. This verification of user identity may include one or more steps such as, calling the user on the cell phone number to verify the user has the cell phone number and contacting the telephone company and verifying that the cell phone owner name matches that provided by the user.
  • The steps required to use the [0042] authentication system 10, as highlighted in FIG. 1A by encircled numerals are:
  • (1) A [0043] user 06 calls, on his/her cell phone 04, the authentication system 10. The authentication system has pre-stored system identification and corresponding user identification. The user enters a PIN and identifies the system as 1, 2 or 3.
  • (2) The authentication system verifies the caller by caller ID and the PIN and creates a time-limited password. [0044]
  • (3) The authentication system communicates the time-limited password to the cell phone via voice response. [0045]
  • (4) The authentication system communicates the time-limited password to the [0046] system 20 using the system identification and the user identification.
  • (5) User accesses the [0047] system 20, via a system interface 02, by providing the user identification and the time-limited password. The system then grants access after verifying the user identification and the time-limited password.
  • (6) The [0048] system 20 deletes the time-limited password on occurrence of first access or expiration of a time limit.
  • [0049] Authentication System 10
  • Referring to FIG. 3, the [0050] authentication system 10 includes (i) a storage device 326, (ii) an operating system 302 stored in the storage device 326, (iii) an authentication function program 10A stored in the storage device 326, (iv) and a processor 330 connected to the storage device 326.
  • The [0051] processor 330 can include one or more conventional CPU's. The processor 330 can be capable of high volume processing and database searches.
  • The authentication [0052] system storage device 326 can, for example, include one or more magnetic disk drives, magnetic tape drives, optical storage units, CD-ROM drives and/or flash memory. The storage device 326 also contains a plurality of databases used in the processing of transactions pursuant to the present invention. For example, as illustrated in FIG. 3, the storage device 326 can include a system database 340, a customer database 338 and a transaction database 342.
  • The [0053] authentication system 10 includes a system network interface (not shown) that allows the authentication system 10 to communicate with the user 06. Conventional internal or external modems may serve as the system network interface. In one embodiment, the system network interface is connected to the user interface 02 on a global network 18.
  • The [0054] authentication system 10 also includes a system network interface (not shown) that allows the authentication system 10 to communicate with the telephone network 16 to receive and respond to telephone calls from the user 06.
  • The [0055] authentication system 10 also includes a system network interface (not shown) that allows the computer 10 to communicate with systems 20A-D. Conventional internal or external modems may serve as the system network interface. In one embodiment, the system network interface is connected to the system 20A-D on a global network 18.
  • The [0056] processor 330 is operative with the authentication function 10A to perform a customer interface function, a password function, and a system interface function. These are described later in the specification.
  • Databases [0057] 338-342
  • With reference to FIG. 3, the databases in the [0058] authentication system 10 are described.
  • The customer database [0059] 338 within the authentication system 10 contains data specifically related to the user 06 that is transferred to the system 10 from the user. The private data related to the user 06 is caller ID 350, name 352, e-mail address 354, PIN 356, system A ID 358 and corresponding user ID 360, and set time 362 or the password 364.
  • The [0060] system database 340 identifies the information on the system 20, which needs to be accessed by the authentication system 10 to send the transient passwords. The Information may include system ID 358, system name 366, and system access path 368.
  • This [0061] transaction database 342 logs all password request transactions by a transaction reference 370, date/time 372, caller ID 374, and system ID 358. In addition user ID 360 and set time 376 are also maintained for the embodiment that enables sending a transient pass code to system 20.
  • [0062] Authentication System Function 10A
  • As described earlier, the [0063] authentication function 10A is operative with the processor 330 to provide the functions of (i) customer interface function, (ii) password function, and (iii) system interface function.
  • The customer interface function performs the tasks of (i) opening an account via [0064] web page 400, (ii) receiving user id, system id, and set time via web page 420 or receiving system name and password via web page 410, (iii) receiving an 800 call, verifying caller id, and (iv) delivering a voice/text response transient password or a stored password.
  • In addition to caller id, a [0065] PIN 356 may be utilized to verify the caller to the authentication system 10. Use of a PIN is the prevalent technology, for example in gaining access to banking services and voice mail messages.
  • The password function performs the tasks of (i) creating a random transient password, (ii) alerting the system interface function to send user ID and the transient password, (iii) set a timer for set time, and (iv) at the expiration of the timer alerting the system interface function to send user ID and a null password. [0066]
  • The transient passwords are randomly created by the password function using a prior art random number generator. The transient passwords may be very simple. For example, they may be a two to four digit numerals, making them easy to receive and use by the user. [0067]
  • Transient passwords do not permanently reside anywhere, including the [0068] authentication system 10 or even the computer system 20 beyond their transient life. The transient life may be selected by the user based on his/her personal habits in how long does it take them to log on to the system after they have requested a transient password. User specifies the set time at the time of pre-storing the user ID in the authentication system 10 via web page 420. The set time may be specified from a group of 15 seconds, 30 seconds, 45 seconds, 60 seconds, one hour, one day, one month, and three month. The set time is based on user habits and the security needs of the system 20.
  • The system interface function performs the tasks of (i) interfacing with the [0069] system 20, and (ii) sending user ID and the transient password to the system 20. The system interface function may use a special connect path to obtain access to the access control function 34 of the system 20.
  • The system interface function enables a privileged and secure connection to the [0070] system 20 that allows the access control function 34 in the system 20 to receive from the authentication system 10, the user ID 12 and transient password 14. The system interface connection may be via the Internet or it may be a dedicated telephone line connection.
  • The system interface function sends to the [0071] system 20, a user's pre-stored user ID and the random pass code created on user demand. The access control function in the system 20 updates the existing password by the pass code. Subsequently, after waiting a set time, the system interface function sends the same pre-stored user ID and a null pass code to the system 20. The system 20 updates the password by the null pass code, ending the life of the pass code.
  • Alternate Versions [0072]
  • This invention may be practiced in different versions, as the systems have different security needs and the users have different habits. The [0073] access control function 34 of system 20 may have different versions allowing flexibility in how the passwords and pass codes are used.
  • In one version, the [0074] authentication system 10 sends the user ID, the transient pass code and the set time all at the same time, avoiding a second or subsequent data interface to system 20. In this version the access control function 34 of the system 20, would run its own timer and after expiry of set time would disable the transient pass code. The access control function 34 may disable the transient pass code either upon first access or after set time expires.
  • In other versions the [0075] access control function 34 may be able to use either an existing password or a transient pass code. Three different versions are described here.
  • In the first version a system may require only the transient pass code for gaining access to [0076] system 20. In the second version either the traditional password OR the transient pass code may be used by the user to gain access to the system 20. The access control function 34 is adapted to recognize, either the traditional password or the transient pass code as valid user verification, enabling those users who do not see a need to adopt the transient pass code, to continue to use the traditional password and those users who want to use the transient pass code, to also do so. In the third version both the traditional password AND the transient pass code may be required to gain access, as may be used in very high security systems.
  • With reference to FIG. 2, log on web pages for some of the different versions are illustrated. Log in [0077] page 210 requires the use of an existing password 14. User instructions 216 describe how the password is obtained by calling an 800 number using the user's cell phone. Log in page 220 requires the use of a transient pass code, as instructions 226 describes this feature of the log on procedure.
  • In yet another version, the password is in the form of a passkey. The passkey has embedded user identification and a random pass code. The passkey is sufficient both to identify the user and to verify the user to the system. [0078]
  • As an illustration, take a banking application, where the bank computer system already has ability to respond to telephone calls by their customers, as well as to provide web-based online banking services, where a user ID and password is required, the user ID being in many cases a social security number. [0079]
  • According to this invention, a user before logging on to the online bank system would call an 800 number of the bank. The bank would verify the caller ID with either the user home number or the cell telephone number, and request the PIN code, the same PIN code for an ATM card. On customer identification and verification, the [0080] authentication function 10A in the bank computer system 20 would generate a random number and append it to the user telephone number making it a passkey, send it to the user on the telephone, and send it to the access control function 34 of the system 20.
  • In this version, there is no need for the user to open an account as with other versions described earlier because the banking system already has the data on the user of telephone number, name, e-mail address and the PIN. [0081]
  • As illustrated in FIG. 2, log-in-[0082] page 230, the user would log on with a passkey 29 as one string, eliminating the user ID and password data entry fields. The access control function 34 would both identify the user 06 and verify the user with the passkey 29.
  • As further illustration of this version, a user has a cell telephone number of 1-707 399 4333 and calls 1-800 Bank One. The bank system asks for a PIN and the user enters a PIN of 1249, the same PIN used for an ATM or the last four digits of social security number. The [0083] authentication function 10A in the bank computer system identifies and verifies the user and creates a passkey of 7073994333-4345, where the first number is the cell telephone number and the last four digits are a random number created for this user for this transaction. The authentication function 10A communicates the passkey of 7073994333-4345 to the access control function 34. The authentication function 10A also communicates the passkey to the user 06. Since the user already knows the telephone number, there is no need to communicate that part of the passkey. Therefore the voice response may be “plus 3445. A time limit for which this passkey is useable may also be voice annunciated such as “plus3445 three minutes”.
  • The user, on [0084] login page 230, enters passkey 29 as 7073994333-4345. Legend 236 describes to the user how to obtain the passkey 29. The bank identifies the user 06 by the telephone number 707 399 4333 and verifies the user 06 by the random code of 4345, and grants access for one time or for a time limit of three minutes.
  • This, it is believed, is far more secure and convenient for the bank customer and the bank. It enables the bank customer: (i) to not have to have a password to remember and safeguard, (ii) to not have to use a social security number as user ID to access the account, (iii) to not need additional resources as the user already has a cell phone or home phone with unique phone numbers and (iv) to not have to learn new procedure as the user is already familiar with the procedure of using an 800 number call to bank and a voice response. [0085]
  • To the bank it provides: (i) not having to implement a new system other than the [0086] authentication function software 10A in their existing bank computer system 20, (2) security for the bank, as a transaction log is created for each request for a passkey and a random number is embedded in each passkey, and (3) additional security as the use of a passkey may be limited for a single transaction and/or for a set time, and the user may be so advised when the passkey is voice response delivered.
  • Another version of this invention is illustrated with reference to FIG. 1C. The [0087] system 20 has a firewall 24, which screens all data packets 22 of information coming in from system interface 02 over the Internet. A packet 22 has a packet header 30 and packet data 32.
  • The [0088] system interface 02 is adapted to embed the passkey 29 as part of each packet header 30. The passkey 29 may be included in the source field of the packet header 30, without the need to create a new field for the passkey 29. The access control function 34 of the system 20 copies the passkey to the firewall 24. The firewall 24 stores this passkey and uses it to compare with the passkey of the data packets as they arrive. The software/firmware in the firewall 24 is adapted to discard those packets 22 that either do not have a passkey 29 or the passkey does not match the passkey that is stored in the firewall 24.
  • The advantage of this version is that the user access that has been not authenticated by the [0089] authentication system 10 is blocked at the firewall 24 of the system 20.
  • In summary, the [0090] authentication system 10 allows the user to create and use transient pass codes or use his/her existing passwords when accessing the computer systems 20A-D where he/she has accounts accessible by a user ID and a password. The transient pass codes are simple, easily created immediately prior to the time of gaining access to a computer system, and have a short transient life, thus eliminating many of the problems in using passwords, as described earlier in this specification.
  • While the particular method and apparatus as illustrated herein and disclosed in detail is fully capable of obtaining the objective and providing the advantages herein before stated, it is to be understood that it is merely illustrative of the presently preferred embodiments of the invention and that no limitations are intended to the details of construction or design herein shown other than as described in the appended claims. [0091]

Claims (24)

What is claimed is:
1. A method of using a password in a password access controlled system comprising the steps of:
calling using a cell phone an authentication system;
verifying caller identification, the authentication system voice responding with a password; and
using the password to access the system.
2. The method as in claim 1, comprising the step of:
verifying caller identification by matching telephone company provided caller ID and a user selected personal identification number with pre-stored data.
3. The method as in claim 1, comprising the steps of:
calling the system itself when the authentication system is embedded in the system.
4. The method as in claim 1 comprising the step of:
limiting the time the password is good for to access the system.
5. The method as in claim 1 comprising the step of:
responding with a password, wherein the password had been pre-stored by a user.
6. The method as in claim 1 comprising the step of:
selecting the system for which password is desired and the authentication system responding with the password for the selected system.
7. The method as in claim 1 comprising the step of:
responding with a randomly generated pass code.
8. The method as in claim 7, comprising the steps of:
sending the pass code and a pre-stored user ID to the system;
updating by the system existing password by the pass code.
9. The method as in claim 8, comprising the steps of:
sending a null pass code and the pre-stored user id, after waiting a set time, to the system;
updating by the system the password by the null pass code, ending the life of the pass code.
10. The method as in claim 9, comprising the step of:
specifying the set time at the time of pre-storing the user ID in the authentication system.
11. The method as in claim 10, comprising the step of:
specifying the set time from a group of 15 seconds, 30 seconds, 45 seconds, 60 seconds, one hour, one day, one month, and three month.
12. A method of user authentication to a system comprising the steps of:
calling, using a cell phone an authentication system with pre-stored caller identification, system identification and corresponding user identification;
verifying caller identification, the authentication system creating a time-limited pass code;
communicating, the authentication system to the cell phone via voice response the time-limited pass code;
communicating, the authentication system to the system using the system identification and the user identification the time-limited pass code;
using, via a system interface, the user identification and the time-limited pass code to access the system; and
deleting, by the system, the time-limited pass code on occurrence of a first access to the system or expiry of a time limit.
13. The method as in claim 12, comprising further step of:
selecting the system from a group of: customer bank on-line computer system, employer's business system, consumer resource system, and facility access system.
14. The method as in claim 12, comprising the step of:
verifying caller identification by matching telephone company provided caller id and user selected personal identification number with pre-stored data.
15. The method as in claim 12, the step of creating a time-limited pass code comprising the step of:
creating a random number numeral.
16. The method as in claim 12, the step of communicating with the system comprising the step of:
communicating a time limit for the pass code.
17. The method as in claim 12, the step of communicating with the cell phone comprising the step of:
communicating a text message time-limit pass code.
18. The method as in claim 12, the step of using system interface comprising step of:
using from a group of a point of sale terminal at a merchant, an automated teller machine, a personal computer system, and a facility access control system.
19. An authentication system to authenticate a user to a system for user access comprising:
first means that enable the authentication system to receive communication from the user and verify the user;
second means that enable the authentication system to create a time-limited passkey;
third means that enable the authentication system to communicate in real time the passkey to the user and the system;
fourth means that enable the system to grant access to the user by comparing the passkeys and discarding the passkey on first access or on expiration of time limit.
20. The authentication system as in claim 19, wherein the first means comprising:
user calling via a cellular telephone, wherein the system verifies the user by matching caller ID with pre-stored user data.
21. The authentication system as in claim 19, wherein the second means comprising:
the passkey being sufficient to both identity and verify the user to the system.
22. The authentication system as in claim 21, wherein the passkey comprising:
embedded within the passkey a unique user identification and a random number.
23. The authentication system as in claim 22, wherein the passkey comprising:
the unique user identification is the user cell telephone number.
24. The authentication system as in claim 19, wherein the fourth means comprising:
the system having a firewall to filter incoming data, wherein the firewall rejecting data packets that do not have a matching passkey.
US10/217,287 2002-08-12 2002-08-12 Method and apparatus for user authentication using a cellular telephone and a transient pass code Abandoned US20040203595A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US10/217,287 US20040203595A1 (en) 2002-08-12 2002-08-12 Method and apparatus for user authentication using a cellular telephone and a transient pass code
US11/455,137 US8103246B2 (en) 2002-08-12 2006-08-25 Systems and methods for remote user authentication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US10/217,287 US20040203595A1 (en) 2002-08-12 2002-08-12 Method and apparatus for user authentication using a cellular telephone and a transient pass code

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US11/455,137 Division US8103246B2 (en) 2002-08-12 2006-08-25 Systems and methods for remote user authentication

Publications (1)

Publication Number Publication Date
US20040203595A1 true US20040203595A1 (en) 2004-10-14

Family

ID=33130029

Family Applications (2)

Application Number Title Priority Date Filing Date
US10/217,287 Abandoned US20040203595A1 (en) 2002-08-12 2002-08-12 Method and apparatus for user authentication using a cellular telephone and a transient pass code
US11/455,137 Active - Reinstated 2025-07-26 US8103246B2 (en) 2002-08-12 2006-08-25 Systems and methods for remote user authentication

Family Applications After (1)

Application Number Title Priority Date Filing Date
US11/455,137 Active - Reinstated 2025-07-26 US8103246B2 (en) 2002-08-12 2006-08-25 Systems and methods for remote user authentication

Country Status (1)

Country Link
US (2) US20040203595A1 (en)

Cited By (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040038667A1 (en) * 2002-08-22 2004-02-26 Vance Charles Terry Secure remote access in a wireless telecommunication system
US20050048951A1 (en) * 2003-08-25 2005-03-03 Saito William H. Method and system for alternative access using mobile electronic devices
US20050071673A1 (en) * 2003-08-25 2005-03-31 Saito William H. Method and system for secure authentication using mobile electronic devices
US20050186954A1 (en) * 2004-02-20 2005-08-25 Tom Kenney Systems and methods that provide user and/or network personal data disabling commands for mobile devices
US20060059362A1 (en) * 2004-09-10 2006-03-16 Sbc Knowledge Ventures, L.P. Automated password reset via an interactive voice response system
US20060264198A1 (en) * 2005-04-19 2006-11-23 Anoop Nahar Method for wide band data transfer
US20070201660A1 (en) * 2006-01-26 2007-08-30 International Business Machines Corporation Method and apparatus for blocking voice call spam
US20080118041A1 (en) * 2006-11-22 2008-05-22 Alexander Finogenov Secure access to restricted resource
US20080232563A1 (en) * 2007-03-20 2008-09-25 Chen Gigi Account administration system and method with security function
EP1979865A2 (en) * 2006-02-02 2008-10-15 Lucent Technologies Inc. Authentication and verification services for third party vendors using mobile devices
US20100153276A1 (en) * 2006-07-20 2010-06-17 Kamfu Wong Method and system for online payment and identity confirmation with self-setting authentication fomula
US20100212003A1 (en) * 2009-02-13 2010-08-19 International Business Machines Corporation Secure personal information profile
US20100325433A1 (en) * 2007-12-12 2010-12-23 Sreg International Ab Login system
GB2475292A (en) * 2009-11-13 2011-05-18 Vaughan Thomas PIN system providing supplementary codes
US20120066753A1 (en) * 2009-03-09 2012-03-15 Jian Pan Authentication method, authentication apparatus and authentication system
US20130139236A1 (en) * 2011-11-30 2013-05-30 Yigal Dan Rubinstein Imposter account report management in a social networking system
US8478266B1 (en) * 2006-03-07 2013-07-02 Sprint Spectrum L.P. Method and system for anonymous operation of a mobile node
US8789150B2 (en) 2011-09-22 2014-07-22 Kinesis Identity Security System Inc. System and method for user authentication
US8849911B2 (en) 2011-12-09 2014-09-30 Facebook, Inc. Content report management in a social networking system
US9075979B1 (en) * 2011-08-11 2015-07-07 Google Inc. Authentication based on proximity to mobile device
US9326219B2 (en) 2014-08-27 2016-04-26 Proeasy Network Solutions Co., Ltd. Web server and network connection method thereof
US9723136B2 (en) 2014-11-21 2017-08-01 International Business Machines Corporation Playing a personalized prerecorded audio of a call recipient to the call recipient to authenticate a telephone caller
US10212136B1 (en) 2014-07-07 2019-02-19 Microstrategy Incorporated Workstation log-in
US10231128B1 (en) 2016-02-08 2019-03-12 Microstrategy Incorporated Proximity-based device access
US10440627B2 (en) 2014-04-17 2019-10-08 Twilio Inc. System and method for enabling multi-modal communication
US10469670B2 (en) 2012-07-24 2019-11-05 Twilio Inc. Method and system for preventing illicit use of a telephony platform
US10560495B2 (en) 2008-04-02 2020-02-11 Twilio Inc. System and method for processing telephony sessions
US10657242B1 (en) 2017-04-17 2020-05-19 Microstrategy Incorporated Proximity-based access
US10694042B2 (en) 2008-04-02 2020-06-23 Twilio Inc. System and method for processing media requests during telephony sessions
US10701067B1 (en) 2015-04-24 2020-06-30 Microstrategy Incorporated Credential management using wearable devices
US10771458B1 (en) 2017-04-17 2020-09-08 MicoStrategy Incorporated Proximity-based user authentication
US10855664B1 (en) 2016-02-08 2020-12-01 Microstrategy Incorporated Proximity-based logical access
US11140157B1 (en) 2017-04-17 2021-10-05 Microstrategy Incorporated Proximity-based access

Families Citing this family (84)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080214163A1 (en) 2007-01-26 2008-09-04 Richard Onyon System for and method of backing up content for use on a mobile device
US7734027B2 (en) * 2003-06-04 2010-06-08 Alcatel-Lucent Usa Inc. Call control component collection of communication device identification information for internet protocol endpoint
WO2005010715A2 (en) 2003-07-21 2005-02-03 Fusionone, Inc. Device message management system
US20050097046A1 (en) 2003-10-30 2005-05-05 Singfield Joy S. Wireless electronic check deposit scanning and cashing machine with web-based online account cash management computer application system
US9542076B1 (en) 2004-05-12 2017-01-10 Synchronoss Technologies, Inc. System for and method of updating a personal profile
US8945183B2 (en) * 2004-10-20 2015-02-03 Vertiflex, Inc. Interspinous process spacer instrument system with deployment indicator
US20070174080A1 (en) * 2006-01-20 2007-07-26 Christopher Scott Outwater Method and apparatus for improved transaction security using a telephone as a security token
US8831189B2 (en) * 2006-06-12 2014-09-09 Microsoft Corporation Device authentication techniques
US7885451B1 (en) 2006-10-31 2011-02-08 United Services Automobile Association (Usaa) Systems and methods for displaying negotiable instruments derived from various sources
US8708227B1 (en) 2006-10-31 2014-04-29 United Services Automobile Association (Usaa) Systems and methods for remote deposit of checks
US7873200B1 (en) 2006-10-31 2011-01-18 United Services Automobile Association (Usaa) Systems and methods for remote deposit of checks
US7876949B1 (en) 2006-10-31 2011-01-25 United Services Automobile Association Systems and methods for remote deposit of checks
US8351677B1 (en) 2006-10-31 2013-01-08 United Services Automobile Association (Usaa) Systems and methods for remote deposit of checks
US8799147B1 (en) 2006-10-31 2014-08-05 United Services Automobile Association (Usaa) Systems and methods for remote deposit of negotiable instruments with non-payee institutions
US9762576B2 (en) * 2006-11-16 2017-09-12 Phonefactor, Inc. Enhanced multi factor authentication
US8959033B1 (en) 2007-03-15 2015-02-17 United Services Automobile Association (Usaa) Systems and methods for verification of remotely deposited checks
US10380559B1 (en) 2007-03-15 2019-08-13 United Services Automobile Association (Usaa) Systems and methods for check representment prevention
US8433127B1 (en) 2007-05-10 2013-04-30 United Services Automobile Association (Usaa) Systems and methods for real-time validation of check image quality
US8538124B1 (en) 2007-05-10 2013-09-17 United Services Auto Association (USAA) Systems and methods for real-time validation of check image quality
JP4321637B2 (en) * 2007-07-27 2009-08-26 セイコーエプソン株式会社 Method for producing dental implant
HUE044989T2 (en) * 2007-09-07 2019-12-30 Dis Ent Llc Software based multi-channel polymorphic data obfuscation
US9058512B1 (en) 2007-09-28 2015-06-16 United Services Automobile Association (Usaa) Systems and methods for digital signature detection
US9892454B1 (en) 2007-10-23 2018-02-13 United Services Automobile Association (Usaa) Systems and methods for obtaining an image of a check to be deposited
US9159101B1 (en) 2007-10-23 2015-10-13 United Services Automobile Association (Usaa) Image processing
US8358826B1 (en) 2007-10-23 2013-01-22 United Services Automobile Association (Usaa) Systems and methods for receiving and orienting an image of one or more checks
US9898778B1 (en) 2007-10-23 2018-02-20 United Services Automobile Association (Usaa) Systems and methods for obtaining an image of a check to be deposited
US8046301B1 (en) 2007-10-30 2011-10-25 United Services Automobile Association (Usaa) Systems and methods to modify a negotiable instrument
US8001051B1 (en) 2007-10-30 2011-08-16 United Services Automobile Association (Usaa) Systems and methods to modify a negotiable instrument
US7996315B1 (en) 2007-10-30 2011-08-09 United Services Automobile Association (Usaa) Systems and methods to modify a negotiable instrument
US7996316B1 (en) 2007-10-30 2011-08-09 United Services Automobile Association Systems and methods to modify a negotiable instrument
US7996314B1 (en) 2007-10-30 2011-08-09 United Services Automobile Association (Usaa) Systems and methods to modify a negotiable instrument
US8290237B1 (en) 2007-10-31 2012-10-16 United Services Automobile Association (Usaa) Systems and methods to use a digital camera to remotely deposit a negotiable instrument
US8320657B1 (en) 2007-10-31 2012-11-27 United Services Automobile Association (Usaa) Systems and methods to use a digital camera to remotely deposit a negotiable instrument
US7900822B1 (en) 2007-11-06 2011-03-08 United Services Automobile Association (Usaa) Systems, methods, and apparatus for receiving images of one or more checks
US7896232B1 (en) 2007-11-06 2011-03-01 United Services Automobile Association (Usaa) Systems, methods, and apparatus for receiving images of one or more checks
US10380562B1 (en) 2008-02-07 2019-08-13 United Services Automobile Association (Usaa) Systems and methods for mobile deposit of negotiable instruments
US7522723B1 (en) * 2008-05-29 2009-04-21 Cheman Shaik Password self encryption method and system and encryption by keys generated from personal secret information
US8351678B1 (en) 2008-06-11 2013-01-08 United Services Automobile Association (Usaa) Duplicate check detection
US8422758B1 (en) 2008-09-02 2013-04-16 United Services Automobile Association (Usaa) Systems and methods of check re-presentment deterrent
US10504185B1 (en) 2008-09-08 2019-12-10 United Services Automobile Association (Usaa) Systems and methods for live video financial deposit
US7885880B1 (en) 2008-09-30 2011-02-08 United Services Automobile Association (Usaa) Atomic deposit transaction
US8275710B1 (en) 2008-09-30 2012-09-25 United Services Automobile Association (Usaa) Systems and methods for automatic bill pay enrollment
US7962411B1 (en) 2008-09-30 2011-06-14 United Services Automobile Association (Usaa) Atomic deposit transaction
US7974899B1 (en) 2008-09-30 2011-07-05 United Services Automobile Association (Usaa) Atomic deposit transaction
US8391599B1 (en) 2008-10-17 2013-03-05 United Services Automobile Association (Usaa) Systems and methods for adaptive binarization of an image
US7970677B1 (en) * 2008-10-24 2011-06-28 United Services Automobile Association (Usaa) Systems and methods for financial deposits by electronic message
US7949587B1 (en) * 2008-10-24 2011-05-24 United States Automobile Association (USAA) Systems and methods for financial deposits by electronic message
US8452689B1 (en) 2009-02-18 2013-05-28 United Services Automobile Association (Usaa) Systems and methods of check detection
WO2010094331A1 (en) * 2009-02-19 2010-08-26 Nokia Siemens Networks Oy Authentication to an identity provider
US10956728B1 (en) 2009-03-04 2021-03-23 United Services Automobile Association (Usaa) Systems and methods of check processing with background removal
US9112702B2 (en) 2009-04-29 2015-08-18 Microsoft Technology Licensing, Llc Alternate authentication
US8542921B1 (en) 2009-07-27 2013-09-24 United Services Automobile Association (Usaa) Systems and methods for remote deposit of negotiable instrument using brightness correction
US9779392B1 (en) 2009-08-19 2017-10-03 United Services Automobile Association (Usaa) Apparatuses, methods and systems for a publishing and subscribing platform of depositing negotiable instruments
US8977571B1 (en) 2009-08-21 2015-03-10 United Services Automobile Association (Usaa) Systems and methods for image monitoring of check during mobile deposit
US8699779B1 (en) 2009-08-28 2014-04-15 United Services Automobile Association (Usaa) Systems and methods for alignment of check during mobile deposit
JP2011060649A (en) * 2009-09-11 2011-03-24 Toyota Motor Corp Electrode active material layer, all solid battery, manufacturing method for electrode active material layer, and manufacturing method for all solid battery
TWI483187B (en) * 2010-03-10 2015-05-01 Alibaba Group Holding Ltd Plug-in download method and system
US8804942B2 (en) * 2010-04-27 2014-08-12 Bank Of America Corporation Routing and queuing information for video conferencing in banking centers
US9129340B1 (en) 2010-06-08 2015-09-08 United Services Automobile Association (Usaa) Apparatuses, methods and systems for remote deposit capture with enhanced image detection
US8943428B2 (en) 2010-11-01 2015-01-27 Synchronoss Technologies, Inc. System for and method of field mapping
US8826398B2 (en) * 2011-09-29 2014-09-02 Hewlett-Packard Development Company, L.P. Password changing
US8566914B2 (en) * 2011-10-21 2013-10-22 Cellco Partnership Triple authentication: mobile hardware, mobile user, and user account
US8959604B2 (en) * 2011-11-25 2015-02-17 Synchronoss Technologies, Inc. System and method of verifying a number of a mobile terminal
CN103200205A (en) * 2012-01-05 2013-07-10 华为技术有限公司 Voice examination and approval method, equipment and system
US10380565B1 (en) 2012-01-05 2019-08-13 United Services Automobile Association (Usaa) System and method for storefront bank deposits
CA3092603C (en) 2012-06-18 2023-01-24 Ologn Technologies Ag Secure password management systems, methods and apparatuses
KR101960062B1 (en) * 2012-08-24 2019-03-19 삼성전자주식회사 Content Sharing Method and Device Thereof
US9508058B2 (en) 2012-10-15 2016-11-29 Bank Of America Corporation System providing an interactive conference
US9754320B2 (en) 2012-10-15 2017-09-05 Bank Of America Corporation Providing a record of an interactive conference
US10552810B1 (en) 2012-12-19 2020-02-04 United Services Automobile Association (Usaa) System and method for remote deposit of financial instruments
US9060057B1 (en) * 2013-03-07 2015-06-16 Serdar Artun Danis Systems and methods for caller ID authentication, spoof detection and list based call handling
US9332119B1 (en) * 2013-03-07 2016-05-03 Serdar Artun Danis Systems and methods for call destination authenticaiton and call forwarding detection
US11138578B1 (en) 2013-09-09 2021-10-05 United Services Automobile Association (Usaa) Systems and methods for remote deposit of currency
US9286514B1 (en) 2013-10-17 2016-03-15 United Services Automobile Association (Usaa) Character count determination for a digital image
US10402790B1 (en) 2015-05-28 2019-09-03 United Services Automobile Association (Usaa) Composing a focused document image from multiple image captures or portions of multiple image captures
US10182047B1 (en) 2016-06-30 2019-01-15 Snap Inc. Pictograph password security system
US10754978B2 (en) * 2016-07-29 2020-08-25 Intellisist Inc. Computer-implemented system and method for storing and retrieving sensitive information
US10922668B2 (en) * 2016-09-23 2021-02-16 Ncr Corporation Point-of-sale (POS) bot
US10574662B2 (en) 2017-06-20 2020-02-25 Bank Of America Corporation System for authentication of a user based on multi-factor passively acquired data
US10360733B2 (en) 2017-06-20 2019-07-23 Bank Of America Corporation System controlled augmented resource facility
US11030752B1 (en) 2018-04-27 2021-06-08 United Services Automobile Association (Usaa) System, computing device, and method for document detection
CN111432373B (en) * 2020-02-24 2022-08-30 吉利汽车研究院(宁波)有限公司 Security authentication method and device and electronic equipment
US20220045848A1 (en) * 2020-08-07 2022-02-10 Charter Communications Operating, Llc Password security hardware module
US11900755B1 (en) 2020-11-30 2024-02-13 United Services Automobile Association (Usaa) System, computing device, and method for document detection and deposit processing

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5983350A (en) * 1996-09-18 1999-11-09 Secure Computing Corporation Secure firewall supporting different levels of authentication based on address or encryption status
US20020002678A1 (en) * 1998-08-14 2002-01-03 Stanley T. Chow Internet authentication technology
US6731731B1 (en) * 1999-07-30 2004-05-04 Comsquare Co., Ltd. Authentication method, authentication system and recording medium
US6766161B2 (en) * 1997-09-03 2004-07-20 Interlok Technologies, Llc Method and apparatus for securing communications

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7444669B1 (en) * 2000-05-05 2008-10-28 Microsoft Corporation Methods and systems for providing variable rates of service for accessing networks, methods and systems for accessing the internet
US6993658B1 (en) * 2000-03-06 2006-01-31 April System Design Ab Use of personal communication devices for user authentication

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5983350A (en) * 1996-09-18 1999-11-09 Secure Computing Corporation Secure firewall supporting different levels of authentication based on address or encryption status
US6766161B2 (en) * 1997-09-03 2004-07-20 Interlok Technologies, Llc Method and apparatus for securing communications
US20020002678A1 (en) * 1998-08-14 2002-01-03 Stanley T. Chow Internet authentication technology
US6731731B1 (en) * 1999-07-30 2004-05-04 Comsquare Co., Ltd. Authentication method, authentication system and recording medium

Cited By (71)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040038667A1 (en) * 2002-08-22 2004-02-26 Vance Charles Terry Secure remote access in a wireless telecommunication system
US20050048951A1 (en) * 2003-08-25 2005-03-03 Saito William H. Method and system for alternative access using mobile electronic devices
US20050071673A1 (en) * 2003-08-25 2005-03-31 Saito William H. Method and system for secure authentication using mobile electronic devices
US20080233919A1 (en) * 2004-02-20 2008-09-25 Nokia Corporation System and Method for Limiting Mobile Device Functionality.
US20050186954A1 (en) * 2004-02-20 2005-08-25 Tom Kenney Systems and methods that provide user and/or network personal data disabling commands for mobile devices
US8995958B2 (en) 2004-02-20 2015-03-31 Core Wireless Licensing, S.a.r.l. System and method for limiting mobile device functionality
US20060059362A1 (en) * 2004-09-10 2006-03-16 Sbc Knowledge Ventures, L.P. Automated password reset via an interactive voice response system
US8646051B2 (en) * 2004-09-10 2014-02-04 At&T Intellectual Property I, L.P. Automated password reset via an interactive voice response system
US20060264198A1 (en) * 2005-04-19 2006-11-23 Anoop Nahar Method for wide band data transfer
US20070201660A1 (en) * 2006-01-26 2007-08-30 International Business Machines Corporation Method and apparatus for blocking voice call spam
US11087317B2 (en) 2006-02-02 2021-08-10 Alcatel Lucent Authentication and verification services for third party vendors using mobile devices
EP1979865A2 (en) * 2006-02-02 2008-10-15 Lucent Technologies Inc. Authentication and verification services for third party vendors using mobile devices
CN107093071A (en) * 2006-02-02 2017-08-25 卢森特技术有限公司 Use the authentication and verification service for third-party vendor of mobile device
US9256869B2 (en) 2006-02-02 2016-02-09 Alcatel Lucent Authentication and verification services for third party vendors using mobile devices
US8478266B1 (en) * 2006-03-07 2013-07-02 Sprint Spectrum L.P. Method and system for anonymous operation of a mobile node
US8655318B2 (en) * 2006-03-07 2014-02-18 Sprint Spectrum L.P. Method and system for anonymous operation of a mobile node
US20100153276A1 (en) * 2006-07-20 2010-06-17 Kamfu Wong Method and system for online payment and identity confirmation with self-setting authentication fomula
EP2084849A2 (en) * 2006-11-22 2009-08-05 Verizon Business Global LLC Secure access to restricted resource
US20080118041A1 (en) * 2006-11-22 2008-05-22 Alexander Finogenov Secure access to restricted resource
US8213583B2 (en) 2006-11-22 2012-07-03 Verizon Patent And Licensing Inc. Secure access to restricted resource
EP2084849A4 (en) * 2006-11-22 2014-08-06 Verizon Business Global Llc Secure access to restricted resource
US8582734B2 (en) * 2007-03-20 2013-11-12 Shooter Digital Co., Ltd. Account administration system and method with security function
US20080232563A1 (en) * 2007-03-20 2008-09-25 Chen Gigi Account administration system and method with security function
US20100325433A1 (en) * 2007-12-12 2010-12-23 Sreg International Ab Login system
US11283843B2 (en) 2008-04-02 2022-03-22 Twilio Inc. System and method for processing telephony sessions
US11444985B2 (en) 2008-04-02 2022-09-13 Twilio Inc. System and method for processing telephony sessions
US11722602B2 (en) 2008-04-02 2023-08-08 Twilio Inc. System and method for processing media requests during telephony sessions
US11856150B2 (en) 2008-04-02 2023-12-26 Twilio Inc. System and method for processing telephony sessions
US11706349B2 (en) 2008-04-02 2023-07-18 Twilio Inc. System and method for processing telephony sessions
US11843722B2 (en) 2008-04-02 2023-12-12 Twilio Inc. System and method for processing telephony sessions
US10694042B2 (en) 2008-04-02 2020-06-23 Twilio Inc. System and method for processing media requests during telephony sessions
US11611663B2 (en) 2008-04-02 2023-03-21 Twilio Inc. System and method for processing telephony sessions
US11575795B2 (en) 2008-04-02 2023-02-07 Twilio Inc. System and method for processing telephony sessions
US11765275B2 (en) 2008-04-02 2023-09-19 Twilio Inc. System and method for processing telephony sessions
US10560495B2 (en) 2008-04-02 2020-02-11 Twilio Inc. System and method for processing telephony sessions
US10893079B2 (en) 2008-04-02 2021-01-12 Twilio Inc. System and method for processing telephony sessions
US11831810B2 (en) 2008-04-02 2023-11-28 Twilio Inc. System and method for processing telephony sessions
US10986142B2 (en) 2008-04-02 2021-04-20 Twilio Inc. System and method for processing telephony sessions
US10893078B2 (en) 2008-04-02 2021-01-12 Twilio Inc. System and method for processing telephony sessions
US20100212003A1 (en) * 2009-02-13 2010-08-19 International Business Machines Corporation Secure personal information profile
US9280771B2 (en) * 2009-02-13 2016-03-08 International Business Machines Corporation Secure personal information profile
US20120066753A1 (en) * 2009-03-09 2012-03-15 Jian Pan Authentication method, authentication apparatus and authentication system
GB2475292A (en) * 2009-11-13 2011-05-18 Vaughan Thomas PIN system providing supplementary codes
US9769662B1 (en) 2011-08-11 2017-09-19 Google Inc. Authentication based on proximity to mobile device
US9075979B1 (en) * 2011-08-11 2015-07-07 Google Inc. Authentication based on proximity to mobile device
US10212591B1 (en) * 2011-08-11 2019-02-19 Google Llc Authentication based on proximity to mobile device
US8789150B2 (en) 2011-09-22 2014-07-22 Kinesis Identity Security System Inc. System and method for user authentication
US9729540B2 (en) 2011-09-22 2017-08-08 Kinesis Identity Security System Inc. System and method for user authentication
US20130139236A1 (en) * 2011-11-30 2013-05-30 Yigal Dan Rubinstein Imposter account report management in a social networking system
US8856922B2 (en) * 2011-11-30 2014-10-07 Facebook, Inc. Imposter account report management in a social networking system
US8849911B2 (en) 2011-12-09 2014-09-30 Facebook, Inc. Content report management in a social networking system
US11882139B2 (en) 2012-07-24 2024-01-23 Twilio Inc. Method and system for preventing illicit use of a telephony platform
US10469670B2 (en) 2012-07-24 2019-11-05 Twilio Inc. Method and system for preventing illicit use of a telephony platform
US11063972B2 (en) 2012-07-24 2021-07-13 Twilio Inc. Method and system for preventing illicit use of a telephony platform
US11653282B2 (en) 2014-04-17 2023-05-16 Twilio Inc. System and method for enabling multi-modal communication
US10873892B2 (en) 2014-04-17 2020-12-22 Twilio Inc. System and method for enabling multi-modal communication
US10440627B2 (en) 2014-04-17 2019-10-08 Twilio Inc. System and method for enabling multi-modal communication
US10581810B1 (en) 2014-07-07 2020-03-03 Microstrategy Incorporated Workstation log-in
US11343232B2 (en) 2014-07-07 2022-05-24 Microstrategy Incorporated Workstation log-in
US10212136B1 (en) 2014-07-07 2019-02-19 Microstrategy Incorporated Workstation log-in
US9326219B2 (en) 2014-08-27 2016-04-26 Proeasy Network Solutions Co., Ltd. Web server and network connection method thereof
US9729704B2 (en) 2014-11-21 2017-08-08 International Business Machines Corporation Playing a personalized prerecorded audio of a call recipient to the call recipient to authenticate a telephone caller
US9723136B2 (en) 2014-11-21 2017-08-01 International Business Machines Corporation Playing a personalized prerecorded audio of a call recipient to the call recipient to authenticate a telephone caller
US10701067B1 (en) 2015-04-24 2020-06-30 Microstrategy Incorporated Credential management using wearable devices
US10231128B1 (en) 2016-02-08 2019-03-12 Microstrategy Incorporated Proximity-based device access
US10855664B1 (en) 2016-02-08 2020-12-01 Microstrategy Incorporated Proximity-based logical access
US11134385B2 (en) 2016-02-08 2021-09-28 Microstrategy Incorporated Proximity-based device access
US10771458B1 (en) 2017-04-17 2020-09-08 MicoStrategy Incorporated Proximity-based user authentication
US11520870B2 (en) 2017-04-17 2022-12-06 Microstrategy Incorporated Proximity-based access
US10657242B1 (en) 2017-04-17 2020-05-19 Microstrategy Incorporated Proximity-based access
US11140157B1 (en) 2017-04-17 2021-10-05 Microstrategy Incorporated Proximity-based access

Also Published As

Publication number Publication date
US20070016796A1 (en) 2007-01-18
US8103246B2 (en) 2012-01-24

Similar Documents

Publication Publication Date Title
US8103246B2 (en) Systems and methods for remote user authentication
US10320782B2 (en) Methods and systems for authenticating users
EP2062210B1 (en) Transaction authorisation system & method
AU2016222498B2 (en) Methods and Systems for Authenticating Users
US8407112B2 (en) Transaction authorisation system and method
AU2009233608B2 (en) Methods and systems for authenticating users
US9699183B2 (en) Mutual authentication of a user and service provider
US7681228B2 (en) Method of one time authentication response to a session-specific challenge indicating a random subset of password or PIN character positions
US7865937B1 (en) Methods and systems for authenticating users
US8515847B2 (en) System and method for password-free access for validated users
US20110047605A1 (en) System And Method For Authenticating A User To A Computer System
US20060294387A1 (en) Method of controlling access
JP2003122718A (en) System and method of authentication
KR20020046552A (en) method and apparatus for registration and use of voice password using personal information provided in mobile communication service system

Legal Events

Date Code Title Description
STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION