Method of one time authentication response to a session-specific challenge indicating a random subset of password or PIN character positions
US7681228B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Feb 14, 2006 |
| Grant date | Mar 16, 2010 |
| Priority date | — |
| Expiry date | Sep 29, 2027 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06Q40/03
- WIPO fieldIT methods for management
- WIPO sectorElectrical engineering
Abstract
Financial institution back office computerized transaction-processing system with embedded privacy and security layer (EPSL) enables strong transaction authentication prior to a merchant or vendor contact, based on a user account number, transaction conditions like anticipated transaction time and money, user two-factor authentication with a static transaction PIN and a transaction session-specific random partial password or PIN recognition algorithm. User enters the user name and then, challenged by server with a random session-specific subset of a password or PIN character's consecutive position numbers, enters based on cognitive association a one time authentication response. The authentication session is interactive, transaction session-specific, and followed by either a transaction denial or an alphanumeric transaction signature generated by EPSL for this specific transaction. Then, the user submits her request to a transaction counterpart along with the transaction signature. The merchant or vendor requests an authorization session with EPSL.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.