US20100029249A1 - Efficient authentication of a user for conduct of a transaction initiated via mobile telephone - Google Patents
Efficient authentication of a user for conduct of a transaction initiated via mobile telephone Download PDFInfo
- Publication number
- US20100029249A1 US20100029249A1 US12/520,270 US52027007A US2010029249A1 US 20100029249 A1 US20100029249 A1 US 20100029249A1 US 52027007 A US52027007 A US 52027007A US 2010029249 A1 US2010029249 A1 US 2010029249A1
- Authority
- US
- United States
- Prior art keywords
- user
- telephone
- data
- server
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
- G06F21/35—User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/42—User authentication using separate channels for security data
- G06F21/43—User authentication using separate channels for security data wireless channels
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/325—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices using wireless networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/04—Protocols specially adapted for terminals or networks with limited capabilities; specially adapted for terminal portability
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0846—Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/72—Subscriber identity
Definitions
- This invention relates to authentication of transactions, and more particularly to authentication of transactions initiated via mobile telephone or other data-enabled telephone.
- a WAP or web server typically lacks data identifying specifically the mobile telephone or other device accessing its services.
- existing methods to offer secure web sites normally includes more or less complex processes for the user to identify him or herself, for example by requiring an ID card of the user at a bank, or having the user send a signature as a response to a certified or registered mail letter before a first use, and then requiring use of a combination of a logon name or account number for identification and a password or PIN code for verification.
- account numbers or user names and PIN codes have become so frequent that users no longer are able to remember all their different identities and passwords.
- users often have to write down their different user names and password in a “secure” location, thus compromising security, or simply do not use the service.
- Other methods include voice identification for identification and/or verification, or other types of biometric data readers, such as fingerprint.
- Other methods include attaching special devices to the terminals to read credit cards or other user cards, maybe combined with a PIN code.
- Embodiments of the present invention provide ways of a authenticating a user for conduct of a transaction initiated by the user via a mobile telephone (or other data-enabled telephone) of the user in such a manner as to make efficient use of keystrokes on the telephone. Such embodiments may be implemented so as to reduce or eliminate the need for entering a user name or password. Furthermore, various embodiments facilitate activity by a user of a mobile telephone or other data-enabled telephone to easily and securely log on to a secure web or WAP site a minimum of codes and passwords to remember. Various embodiments take advantage of Caller ID data that are generated at a time a telephone user, including a mobile telephone user makes a telephone call.
- the mobile telephone is capable of initiating telephone calls over a wireless telephone network and of engaging in two-way data communication with a data server in network.
- the data server which may be implemented, for example, as a WAP server or a web server, enables conduct of the transaction.
- the method includes receiving caller identification information associated with a telephone call request initiated by the user via the mobile telephone to a service number. This caller identification information provides a basis for authentication of the user.
- the method further includes using the caller identification information received at the service number to address a message to the user, as well as including, in the message, a logon key for use by the user in accomplishing the transaction.
- the method includes sending the message; so that on receipt of the message, the user may use the logon key to enter into data communication with the server for conduct of the transaction.
- the logon key in a further embodiment identifies the user.
- the logon key has a lifetime, for purposes of accomplishing the transaction, of less than a specified amount of time. The lifetime may, for example, be limited to less than 6 hours, or less then 1 hour. In further embodiments, the lifetime may be limited to a specific number of log-ons, e.g. one logon, or one log-on within a certain time frame, e.g. one logon and the logon must occur within one hour.
- the message is a WAP push message.
- the caller identifying information includes a telephone number of the mobile telephone.
- receiving and using the caller identification information is accomplished without answering the call request, so that a connection does not result from the call request.
- receiving and using the caller identification information includes answering the call request, so that a connection is established.
- sending the message includes sending the message to the user's mobile telephone and, on receipt of the message, the user may use the logon key to cause the key to cause the mobile telephone to enter into data communication with the server.
- the invention provides a system for authenticating a user for conduct of a transaction initiated by the user via a data-enabled telephone of the user in such a manner as to make efficient use of keystrokes on the data-enabled telephone.
- the data-enabled telephone is capable of initiating telephone calls over a telephone network and of engaging in two-way data communication with a data server in a network.
- the data server enables conduct of the transaction.
- the system includes a telephone server, associated with one or more service telephone numbers, for receiving caller identification information associated with a telephone call request initiated by the user via the data-enabled telephone to the service number.
- a specific service telephone number may be linked to a specific service, such as a donation service, or a specific service provider, such as a specific bank.
- the caller identification provides a basis for authentication of the user.
- the telephone server uses the caller identification information received at the service number to address a message to the user.
- the message includes a logon key for use by the user in accomplishing the transaction.
- the telephone server also sends the message.
- the embodiment also includes a data server for data communication with the data-enabled telephone of the user, accessible to the user upon use of the logon key by the user. In this embodiment, on receipt of the message, the user may use the logon key to enter into data communication with the data server for conduct of the transaction.
- the data-enabled telephone is a mobile telephone.
- the data server is a WAP server, and also optionally, the logon key is a hyperlink to a web site.
- the logon key may identify the user.
- the logon key has a lifetime, for purposes of accomplishing the transaction, of less than a specified amount of time, which may be, for example, less than 6 hours, or less than 1 hour.
- the logon key can be used a limited number of times for purposes of accomplishing the transaction, for example, only once, or only once and the logon must occur within a certain timeframe, for example, within an hour.
- the message is a WAP push message.
- the caller identifying information includes a telephone number of the mobile telephone.
- the telephone server obtains the caller identification information without answering the call request, so that a connection does not result from the call request.
- the telephone server may obtain the caller identification information in the course of answering the call request, so that a connection is established following the call request.
- the data-enabled telephone may have preinstalled software which can automatically establish the connection for accomplishing the transaction, based on the message and the logon key.
- embodiments may be deployed without any software updates, downloads or other changes to the mobile telephone.
- embodiments may be implemented with more than one level of security, e.g. security based on Caller ID for medium sensitive data and operations, and an additional PIN code, for example, for more sensitive data and operations.
- a computer program product comprising program instructions which when executed on a computer system performs the steps according to any one of the embodiments of the method of the invention.
- a computer readable medium for storing program instructions by which the method of the invention can be performed when the stored program instructions are appropriately loaded into one or more computers, and a system for implementing the method of the invention.
- FIG. 1 is a flow chart illustrating a method and system for user identification and verification according to an exemplary embodiment of the present invention
- FIG. 2 is a flow chart illustrating another method and system for a user identification and verification, according to another exemplary embodiment of the present invention
- FIG. 3 is a flow chart illustrating another exemplary embodiment of the invention.
- FIG. 4 is a flow chart illustrating another exemplary embodiment of the present invention.
- FIG. 5 is a flow chart illustrating a further exemplary embodiment of the present invention.
- FIG. 6 is a set of exemplary screen shots according to an exemplary embodiment of the present invention.
- FIG. 7 shows a typical mobile phone ( FIG. 7 a ) with keyboard ( FIG. 7 b ) with only a numeric keyboard to which embodiments of the present invention are applicable;
- FIG. 8 is a schematic illustration of a general purpose computer for performing the processes of the present invention, according to an exemplary embodiment of the present invention.
- a “data-enabled telephone” is a communication device that is able both to initiate telephone calls over a telephone network and to engage in two-way data communication with a data server (such as a WAP server or a web server) in a data communication network;
- the data communication network may be a computer network, a communication network, or any otherwise known network capable of transmitting digital information.
- a data-enabled telephone (an example of which is the French Minitel) may operate over a wired telephone network or may be a mobile telephone (as defined herein).
- a “mobile telephone” is a personal communication device that is able both to initiate telephone calls over a wireless telephone network and to engage in two-way data communication with a data server (such as a WAP server or a web server) in a computer network; accordingly, the term “mobile telephone” includes a conventional cell phone having access to the World Wide Web directly or via the wireless application protocol (WAP) or internet access capability as well as an appropriately configured smartphone or a telephone-enabled personal digital assistant (PDA).
- WAP wireless application protocol
- PDA telephone-enabled personal digital assistant
- a “mobile telephone” is therefore a species of a data-enabled telephone.
- a service provider providing a service telephone number (access number).
- the service provider may be a church or charity donation system, or a banking application.
- the charity may have its own service number, in order to allow its donors to donate money to the church.
- the charity may also provide other, specific telephone numbers for targeted gifts, e.g. for gifts to aid after a natural disaster.
- the bank may provide a specific number for online, mobile banking.
- the service provider may service several charities, banks and other organizations, each with its own service access number or numbers.
- a service provider may be called a Service Implementer.
- the Service Implementer's customers are the Service Providers.
- Service Provider and Service Implementer are used interchangeably.
- FIG. 1 A flow chart of an identification and verification system and method according to a first exemplary embodiment of the invention is depicted in FIG. 1 .
- the call is initiated by the user on a mobile telephone.
- the user it is within the scope of the present invention for the user to initiate the call on any other data-enabled telephone, such a French Minitel.
- the service provider's telephone server receives the call request 300 and reads the associated data, or at least the necessary part of the data.
- data may include Caller ID (which may include the user's telephone number).
- the telephone server may or may not answer the telephone call request, as the associated data may be available without answering the call.
- the Service provider's telephone server checks to see if the user is registered for this service 310 , for a bank application this normally includes checking that the Caller ID is associated with one or more bank account numbers. For a donation service, the Caller ID would normally be associated with a credit card number or other payment account number, possibly together with information required for charity tax deductions.
- the telephone server may send a message back to the user 320 .
- the server will then answer the call request and play a voice message back to the user informing that he or she must first register.
- the user may then be given the choice to receive an SMS WAP push message with a link to a web server in order to register, or, alternatively, to register at once through this telephone connection.
- the registration module will interact with the user with voice/DTMF (DTMF-Dual Tone Multi-Frequency signalling), in which the user can type in the required registration information using the phone keyboard.
- the user may also be connected to a staffed service at this point.
- the telephone server will create a unique message including the logon key 330 .
- this is simply a hyperlink to a web site, i.e. a web address, for the service (the same for all users) with a unique system generated string as a parameter serving as the logon key (normally different for each user and each request).
- the logon key is stored with a time stamp and the users associated data in the service providers system's memory.
- An exemplary method is to send the unique message as an SMS WAP push message to the user's cell phone.
- the telephone server may also send different messages, and utilize different message formats, dependent on the capabilities of the user's telephone.
- the capabilities of the user's telephone can be made available as information stored in the system, in order that the message format can be adapted to known capabilities of the user's phone.
- the system may for example know the size of the telephone screen, such as the number of pixels or characters which can fit on one display page, and format the message accordingly.
- the telephone server will send WAP push messages, or MMS messages to phones that can handle these types of messages, and different kinds of messages to other phones.
- the telephone server may utilize data as to the kind of phone the user has either because the user has given such data to the server, or because the telephone server may be able to determine the telephone type and model number from the information included in the user call request, and then look up the phone's capabilities.
- the user When the user receives the SMS WAP push message 120 he may select the web link 130 , and the user's phone or terminal will make a connection with the web site.
- the web link is typically implemented as a logon key and may include a time stamp or similar, possibly encoded, which will make the server accept these unique data elements for logon for a limited time, to increase security. If so, the web server system will look at the logon key in the log-on request, and, if the time stamp is expired, access will not be allowed. However, if the connection attempt is made within the limit set by the time stamp, and all other parts of the log-on parameters are ok, the server system will allow access.
- the logon key of the response message may also, or instead, include other features which limit multiple or indefinite accesses.
- the server allows only one or a limited number of logons with any given logon key.
- the logon key may be used only for identification, i.e. to let the web server know which account the user wish to access.
- the log on key for use by the user may also have a limited lifetime for limiting the time available for accomplishing a transaction.
- a lifetime can for example be less than 6 hours or even as low as 1 hour to limit the time such a transaction is accessible to the user, and for increasing security.
- the server may then ask the user to provide verification, e.g. in the form of a PIN code, fingerprint or any other form of verification that the user is who he or she claims to be.
- Some servers may also have different levels of security, e.g. simple and less sensitive tasks accept the logon key as identification and verification, while if the user wants to perform more sensitive tasks system may ask the user to provide stronger verification, such as a PIN code, biometric verification such as voice identification or fingerprint, etc.
- One such application may be in banking where the bank server may accept the logon key as identification of the user and verification for simple tasks, such as seeing the bank balance or transferring funds between the user's own accounts, and require stronger verification, e.g. in the form of a PIN code, to transfer funds to 3rd parties.
- the web server receives the browse request with the logon key 400 , e.g. in the parameter, and looks it up to compare with previously stored logon keys 410 . If found, the web server checks that the time stamp is OK, i.e. that the user logon attempt is within the set time limit 410 . If so, it allows access to the web site, and presents the first web page with the user already logged in 430 . If the logon key is not found, or the logon attempt is after the time limit, another web page is presented to the user, informing him or her of the failure 420 .
- the time stamp is OK, i.e. that the user logon attempt is within the set time limit 410 . If so, it allows access to the web site, and presents the first web page with the user already logged in 430 . If the logon key is not found, or the logon attempt is after the time limit, another web page is presented to the user, informing him or her of the failure 420 .
- FIG. 2 A flow chart of an identification and verification system and method according to another exemplary embodiment of the invention is depicted in FIG. 2 .
- the telephony server receives the user ID 300 , it checks to see if this user is registered by checking against a database 500 of registered users for this service 310 . If the user is not registered for the service, the system performs the appropriate handling of this situation 320 , for example, including telling the user that s/he needs to register for the service first.
- the telephone server will create a unique message including the logon key 330 .
- this is simply a web address for the service (the same for all users) with a unique system generated string as a parameter serving as the logon key for this particular user and log-on attempt.
- An exemplary method is to send the unique message as an SMS WAP push message to the user's cell phone.
- the system also informs the WAP or web server for the service that it can expect a logon with these parameters 335 , and this is logged in a database 510 .
- the log 510 may or may not be in the same database as the registration information 500 the system also sends the unique to the user.
- the WAP server receives the message and the log-on string parameters from the telephone server 390 , and stores these parameters, associated with the user in a database 520 .
- the database may simply be a list stored in the computer's memory, a file, or a relational or any other database.
- the WAP server checks 410 with the database 520 to see if this is a correct log-on string.
- the system does not allow the log-on and presents a message to the user 420 . If, on the other hand, the log-on parameters are correct, the system proceeds to step 430 and allows the log-on, presenting to the user the appropriate web/WAP page.
- the user may now interact with the web/WAP site normally 450 .
- Step 330 the unique logon message is created using information previously stored in a database 500 , for example, during registration.
- Steps 335 , 390 and 395 are optional, as for some embodiments these steps may not be needed, if the unique log-on string can be interpreted correctly by the WAP server without the WAP server's getting the specific log-on string, or part of it, from the telephone server.
- An example of a situation when these steps are needed is in the case that the unique log-on string is generated randomly, or if it for some other reason it is not possible to identify the user from the log-on string. If, however, it is possible to find the WAP server user ID associated with the user from the log-on string, these steps are not needed.
- FIG. 4 A flow chart of another exemplary embodiment of the invention is depicted in FIG. 4 .
- the registration process may be handled entirely by the telephone server.
- the registration server which may or may not be the same as the telephone server, receives the registration request from the user.
- the user will call up the standard service number, and, if he is not registered, he will be transferred to this registration process.
- the registration process may also be achieved over the Internet, using DTMF over a phone line, WAP, or even with an operator-assisted service, or through any other suitable method.
- the system will check if the user is already in the database of registered users for this service 510 . If the user is already registered 210 , the user is given a message to this effect 220 . If not, the system proceeds to step 230 . Here, the system will prompt the user for the necessary information, such as the user ID for the service (e.g. account number), possibly a social security number or similar, if needed, etc.
- the user ID for the service e.g. account number
- possibly a social security number or similar if needed, etc.
- the user must also specify his telephone caller ID (telephone number), and there may be a need to verify that the user has given the correct telephone number. This may be achieved by sending a message to the telephone number given by the user, and have the user respond to this message, or supply a code including a log-on key transferred as part of a message in the registration process, thus proving that the user is in possession of the phone with this ID.
- his telephone caller ID telephone number
- the system may need to check that the information is correct, or has the correct format, e.g., the correct number of digits, etc. in step 240 . If one piece of information was incorrect, the user is given a message about the problem and asked to submit the information again 250 . If the information given is correct, the system may prompt for more information 260 until all is given.
- FIG. 5 A flow chart of another exemplary embodiment of the invention is depicted in FIG. 5 .
- the registration system must communicate with the actual service provider system. Steps 200 to 260 are the same as in the previous example, but in step 270 , the registration system will send a confirmation request to the WAP server or the service provider system.
- This request may contain the user ID in the service provider system as given by the user in the previous set 230 , or it may be a request to receive this user ID, or an alias for the user ID based on information provided by the user or the system.
- the registration data are received 600 on the WAP Server side.
- the alias may be established expressly for the purpose of communication between the registration server and the service provider system, thus increasing security.
- step 610 the system checks that all is OK, and if not, in step 640 , notifies the registration server (telephony server) that it was not. Alternatively, if the information is OK, the system may need to save some information for later use 630 in a database 520 , and returns an OK, possibly with more information as required, to the registration server in step 640 .
- step 280 the registration server received this notification, i.e. the status from the WAP Server, and the system completes according the response in a similar way as in example 4 above.
- a registration may be to a specific service with a specific service provider and be valid for one service number only, such as a donation to a specific charity only.
- the registration may be more general, so that e.g. a registration to a donation service for a specific charity with donations paid via a credit card, may automatically, or semi-automatically, register the user for other payment services or for donations to other charities. In this way, a cumbersome registration process may be simplified or entirely eliminated.
- FIG. 6 depicts exemplary screen of a message to the user confirming successful registration.
- FIG. 6 b depicts an exemplary screen of a WAP link message transmitted to and presented to the user on the display of the mobile phone, the WAP link message containing the login key.
- the message can be:
- a heading provides a user of a mobile phone with information about the service sending the message, while the remaining characters constitute a WAP-link which the user may click on, in order to activate a service, in this case a donation to a charity of some form having a receiving account linked to a telephone donation number.
- the log-on key in this case includes an access code.
- FIG. 6 c depicts an exemplary screen of a message to the user confirming successful donation, including confirmation of the amount donated.
- FIG. 7 illustrates a typical mobile telephone to which embodiments of the present invention are applicable.
- FIG. 7 a shows a typical mobile telephone unit, including display and keyboard; and
- FIG. 7 b illustrates a typical numeric keyboard of such a unit.
- Alphabetic characters are accessed through multiple clicks on a numeric key. E.g. To type a “c”, the user must first put the phone in “alpha mode” and then click three times on the key of the number “2”.
- FIG. 8 is a schematic illustration of a computer system for implementing the present invention.
- a computer 800 for example in the form of a portable or handheld type of personal computer (PC) can be used to implement the method according to the present invention, wherein the computer includes, for example, a display device 802 , such as a conventional display device or a touch screen monitor with a touch-screen interface, etc., a keyboard 804 , a pointing device 806 , a mouse pad or digitizing pad 808 , a hard disk 810 , or other fixed, high density media drives, connected using an appropriate device bus (e.g., a SCSI bus, an Enhanced IDE bus, an Ultra DMA bus, a PCI bus, etc.), a floppy drive 812 , a tape or CD ROM drive 814 with tape or CD media 816 , or other removable media devices, such as magneto-optical media, etc., and a mother board 818 .
- a display device 802 such as a conventional display device or
- the mother board 818 includes, for example, a processor 820 , a RAM 822 , and a ROM 824 (e.g., DRAM, ROM, EPROM, EEPROM, SRAM, SDRAM, and Flash RAM, etc.), I/O ports 826 which may be used to couple to external devices, networks, etc., (not shown), and optional special purpose logic devices (e.g., ASICs) or configurable logic devices (e.g., GAL and re-programmable FPGA) 828 for performing specialized hardware/software functions, such as sound processing, image processing, signal processing, neural network processing, object character recognition (OCR) processing, etc., a microphone 830 , and a speaker or speakers 832 .
- a processor 820 e.g., a RAM 822 , and a ROM 824 (e.g., DRAM, ROM, EPROM, EEPROM, SRAM, SDRAM, and Flash RAM, etc.), I/O ports 826 which may be used to couple to external
- a computer program can be incorporated into the computer for realizing a telephone function.
- a telephone function would include a user interface, in this case denoted PB on FIG. 8 , presented on the display device for achieving telephone functionality.
- an external telephone device denoted PA on FIG. 8 , could be connected to the computer for achieving telephone function more similar to a traditional telephone.
- Such an external telephone device could for example be connected to a portable computer via a standard USB-interface in the computer.
- the system includes at least one computer readable medium, or alternatively, the computer readable medium may be accessed through various paths, such as networks, internet, drives, etc.
- Examples of computer readable media are compact discs, hard disks, floppy disks, tape, magneto-optical disks, PROMs (EPROM, EEPROM, Flash EPROM), DRAM, SRAM, SDRAM, etc.
- the present invention includes software for controlling both the hardware of the computer 800 and for enabling the computer 800 to interact with a human user via one of the said telephone devices PA, PB.
- Such software may include, but is not limited to, device drivers, operating systems and user applications, such as development tools.
- Such computer readable media further includes the computer program product of the present invention for performing any of the processes according to the present invention, described above (see, e.g., FIGS. 1-8 ).
- the computer code devices of the present invention can be any interpreted or executable code mechanism, including but not limited to scripts, interpreters, dynamic link libraries, Java classes, and complete executable programs, etc.
- the invention may also be implemented by the preparation of application specific integrated circuits or by interconnecting an appropriate network of conventional component circuits, as will be readily apparent to those skilled in the art.
- User identification and/or verification is a significant simplification relative to existing methods, and requires little or no training on the part of a user.
- a system according to embodiments of the present invention can be created in most existing programming languages and be connected to most modern data enabled telephones. Therefore, according to embodiments of the present invention, the process of login on to a secure web site is significantly simplified, since this may now be performed using the simplified log-on process and a reduced number of keystrokes.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Accounting & Taxation (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Finance (AREA)
- Computing Systems (AREA)
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
A method and system for authenticating a user for conduct of a transaction initiated by the user via a data-enabled telephone is presented. Efficient use is made of keystrokes on the data-enabled telephone. The data-enabled telephone is capable of initiating telephone calls over a telephone network and of engaging in two-way data communication with a data server in a network and the server enables conduct of the transaction. Caller identification information is received at the server. The information is associated with a telephone call request initiated by the user via the data-enabled telephone to a service number. The caller identification provides basis for authentication of the user and the caller identification information received at the service number is used to address a message to the user. Included in such a message is a logon key for use by the user in accomplishing the transaction. Thus the user can use the logon key to enter into data communication with the server for conduct of the transaction.
Description
- This invention relates to authentication of transactions, and more particularly to authentication of transactions initiated via mobile telephone or other data-enabled telephone.
- Numerous enterprises offer Internet, Intranet and Extranet services which require the user to authenticate him or herself to conduct a transaction, such as accessing a personal bank account, purchasing goods or services or accessing information which may have limited access for any number of reasons. Such transactions are often conducted over the World Wide Web.
- Accomplishing transactions of this type using a mobile telephone (as defined below) is difficult. Many suppliers of such information wish to allow access to such World Wide Web access directly or via the Wireless Application Protocol (WAP), but limitations, among other things, of keyboards associated with mobile telephones pose obstacles to the user.
- Although user-specific information, such as Caller ID, normally is sent with a call request from a telephone (including from a mobile telephone), no such unique identifier is sent with most standard WAP or web requests from mobile devices. Thus while a person receiving a phone call can typically use caller ID to determine from which telephone the call originates, a WAP or web server typically lacks data identifying specifically the mobile telephone or other device accessing its services.
- As a result, existing methods to offer secure web sites normally includes more or less complex processes for the user to identify him or herself, for example by requiring an ID card of the user at a bank, or having the user send a signature as a response to a certified or registered mail letter before a first use, and then requiring use of a combination of a logon name or account number for identification and a password or PIN code for verification. In fact, account numbers or user names and PIN codes have become so frequent that users no longer are able to remember all their different identities and passwords. As a result, users often have to write down their different user names and password in a “secure” location, thus compromising security, or simply do not use the service.
- Other methods include voice identification for identification and/or verification, or other types of biometric data readers, such as fingerprint.
- Other methods include attaching special devices to the terminals to read credit cards or other user cards, maybe combined with a PIN code.
- However, users find such known methods cumbersome and time consuming, particularly in the context of mobile telephones, since the small space allocated to the keyboard makes the entry of long strings difficult, particularly in response to dialogs in which the user is prompted to supply a series of responses that give passwords and user identifications, for example. Furthermore, in a mobile setting, the user may not have access to his or her “secure” storage of user names and password.
- It is an object of the invention to provide method for user authentication and a related system in which a user may conduct a transaction whereby a user may conduct a transaction in a less cumbersome and less time consuming manner.
- It is a further object of some embodiments of the invention to provide a method which can be used in a system incorporating a mobile setting in which a user may be authenticated in order to allow the user to perform a transaction.
- Embodiments of the present invention provide ways of a authenticating a user for conduct of a transaction initiated by the user via a mobile telephone (or other data-enabled telephone) of the user in such a manner as to make efficient use of keystrokes on the telephone. Such embodiments may be implemented so as to reduce or eliminate the need for entering a user name or password. Furthermore, various embodiments facilitate activity by a user of a mobile telephone or other data-enabled telephone to easily and securely log on to a secure web or WAP site a minimum of codes and passwords to remember. Various embodiments take advantage of Caller ID data that are generated at a time a telephone user, including a mobile telephone user makes a telephone call.
- In a method according to one embodiment of the present invention, the mobile telephone is capable of initiating telephone calls over a wireless telephone network and of engaging in two-way data communication with a data server in network. The data server, which may be implemented, for example, as a WAP server or a web server, enables conduct of the transaction. The method includes receiving caller identification information associated with a telephone call request initiated by the user via the mobile telephone to a service number. This caller identification information provides a basis for authentication of the user. The method further includes using the caller identification information received at the service number to address a message to the user, as well as including, in the message, a logon key for use by the user in accomplishing the transaction. Finally the method includes sending the message; so that on receipt of the message, the user may use the logon key to enter into data communication with the server for conduct of the transaction.
- In further related embodiments, including in such message a logon key includes providing the logon key and service web-address as a hyperlink, e.g. on the form www.servicedomain.com/logon.asp?logonkey=XYZ, where www.servicedomain.com is the web site for the service, logon.asp is the specific logon page for the domain, and XYZ is the logon key. The logon key in a further embodiment identifies the user. Optionally, the logon key has a lifetime, for purposes of accomplishing the transaction, of less than a specified amount of time. The lifetime may, for example, be limited to less than 6 hours, or less then 1 hour. In further embodiments, the lifetime may be limited to a specific number of log-ons, e.g. one logon, or one log-on within a certain time frame, e.g. one logon and the logon must occur within one hour.
- In yet further embodiments the message is a WAP push message. Optionally, the caller identifying information includes a telephone number of the mobile telephone.
- In a further related embodiment, receiving and using the caller identification information is accomplished without answering the call request, so that a connection does not result from the call request. Alternatively, receiving and using the caller identification information includes answering the call request, so that a connection is established.
- In yet another related embodiment, sending the message includes sending the message to the user's mobile telephone and, on receipt of the message, the user may use the logon key to cause the key to cause the mobile telephone to enter into data communication with the server.
- In another embodiment, the invention provides a system for authenticating a user for conduct of a transaction initiated by the user via a data-enabled telephone of the user in such a manner as to make efficient use of keystrokes on the data-enabled telephone. Again, in this embodiment, the data-enabled telephone is capable of initiating telephone calls over a telephone network and of engaging in two-way data communication with a data server in a network. The data server enables conduct of the transaction. In this embodiment, the system includes a telephone server, associated with one or more service telephone numbers, for receiving caller identification information associated with a telephone call request initiated by the user via the data-enabled telephone to the service number. A specific service telephone number may be linked to a specific service, such as a donation service, or a specific service provider, such as a specific bank. The caller identification provides a basis for authentication of the user. The telephone server uses the caller identification information received at the service number to address a message to the user. The message includes a logon key for use by the user in accomplishing the transaction. The telephone server also sends the message. The embodiment also includes a data server for data communication with the data-enabled telephone of the user, accessible to the user upon use of the logon key by the user. In this embodiment, on receipt of the message, the user may use the logon key to enter into data communication with the data server for conduct of the transaction.
- In a further related embodiment, wherein the data-enabled telephone is a mobile telephone. Optionally, the data server is a WAP server, and also optionally, the logon key is a hyperlink to a web site. In addition, the logon key may identify the user. Optionally, the logon key has a lifetime, for purposes of accomplishing the transaction, of less than a specified amount of time, which may be, for example, less than 6 hours, or less than 1 hour. Also optionally the logon key can be used a limited number of times for purposes of accomplishing the transaction, for example, only once, or only once and the logon must occur within a certain timeframe, for example, within an hour.
- Also optionally, the message is a WAP push message. In a further related embodiment, the caller identifying information includes a telephone number of the mobile telephone. Optionally, the telephone server obtains the caller identification information without answering the call request, so that a connection does not result from the call request. Alternatively, the telephone server may obtain the caller identification information in the course of answering the call request, so that a connection is established following the call request.
- In a further related embodiment, the data-enabled telephone may have preinstalled software which can automatically establish the connection for accomplishing the transaction, based on the message and the logon key.
- An advantage of various embodiments is that they may be deployed without any software updates, downloads or other changes to the mobile telephone. Furthermore, embodiments may be implemented with more than one level of security, e.g. security based on Caller ID for medium sensitive data and operations, and an additional PIN code, for example, for more sensitive data and operations.
- In another aspect of the invention there is provided a computer program product comprising program instructions which when executed on a computer system performs the steps according to any one of the embodiments of the method of the invention.
- In a further aspect of the present invention there is provided a computer readable medium for storing program instructions by which the method of the invention can be performed when the stored program instructions are appropriately loaded into one or more computers, and a system for implementing the method of the invention.
- A more complete appreciation of the invention and many of the attendant advantages thereof will be readily obtained as the same becomes better understood by reference to the following detailed description when considered in connection with the accompanying drawings, wherein:
-
FIG. 1 is a flow chart illustrating a method and system for user identification and verification according to an exemplary embodiment of the present invention; -
FIG. 2 is a flow chart illustrating another method and system for a user identification and verification, according to another exemplary embodiment of the present invention; -
FIG. 3 is a flow chart illustrating another exemplary embodiment of the invention; -
FIG. 4 is a flow chart illustrating another exemplary embodiment of the present invention; -
FIG. 5 is a flow chart illustrating a further exemplary embodiment of the present invention; -
FIG. 6 is a set of exemplary screen shots according to an exemplary embodiment of the present invention; -
FIG. 7 shows a typical mobile phone (FIG. 7 a) with keyboard (FIG. 7 b) with only a numeric keyboard to which embodiments of the present invention are applicable; and -
FIG. 8 is a schematic illustration of a general purpose computer for performing the processes of the present invention, according to an exemplary embodiment of the present invention. - Definitions. As used in this description and the accompanying claims, the following terms shall have the meanings indicated, unless the context otherwise requires:
- A “data-enabled telephone” is a communication device that is able both to initiate telephone calls over a telephone network and to engage in two-way data communication with a data server (such as a WAP server or a web server) in a data communication network; The data communication network may be a computer network, a communication network, or any otherwise known network capable of transmitting digital information. A data-enabled telephone (an example of which is the French Minitel) may operate over a wired telephone network or may be a mobile telephone (as defined herein).
- A “mobile telephone” is a personal communication device that is able both to initiate telephone calls over a wireless telephone network and to engage in two-way data communication with a data server (such as a WAP server or a web server) in a computer network; accordingly, the term “mobile telephone” includes a conventional cell phone having access to the World Wide Web directly or via the wireless application protocol (WAP) or internet access capability as well as an appropriately configured smartphone or a telephone-enabled personal digital assistant (PDA). A “mobile telephone” is therefore a species of a data-enabled telephone.
- In an embodiment of the present invention, user identification and verification is achieved by a service provider providing a service telephone number (access number). E.g. the service provider may be a church or charity donation system, or a banking application. The charity may have its own service number, in order to allow its donors to donate money to the church. The charity may also provide other, specific telephone numbers for targeted gifts, e.g. for gifts to aid after a natural disaster. Similarly, the bank may provide a specific number for online, mobile banking.
- In another embodiment of the invention, the service provider may service several charities, banks and other organizations, each with its own service access number or numbers. Such a service provider may be called a Service Implementer. Normally, the Service Implementer's customers are the Service Providers. For simplicity, in this document, the terms Service Provider and Service Implementer are used interchangeably.
- Further exemplary embodiments are described in the following examples.
- A flow chart of an identification and verification system and method according to a first exemplary embodiment of the invention is depicted in
FIG. 1 . In this example, we have assumed that the call is initiated by the user on a mobile telephone. However, it is within the scope of the present invention for the user to initiate the call on any other data-enabled telephone, such a French Minitel. - Users who wish to get access to a service, such as to donate money to a charity or access their online mobile bank, will dial the appropriate
service access number 100. - The service provider's telephone server receives the
call request 300 and reads the associated data, or at least the necessary part of the data. Such data may include Caller ID (which may include the user's telephone number). The telephone server may or may not answer the telephone call request, as the associated data may be available without answering the call. The Service provider's telephone server checks to see if the user is registered for thisservice 310, for a bank application this normally includes checking that the Caller ID is associated with one or more bank account numbers. For a donation service, the Caller ID would normally be associated with a credit card number or other payment account number, possibly together with information required for charity tax deductions. - As will be readily apparent to those skilled in the art, if a user is already registered with his or her credit card number in connection with donations to one charity, the user may subsequently call another charity's access number connected to the same telephone server and donate money, without further registration, or even pay for purchases calling the appropriate service access number.
- If the user's Caller ID is not registered for the service, the telephone server may send a message back to the
user 320. In a typical embodiment, the server will then answer the call request and play a voice message back to the user informing that he or she must first register. The user may then be given the choice to receive an SMS WAP push message with a link to a web server in order to register, or, alternatively, to register at once through this telephone connection. If the user wishes to register over the phone, he or she is connected to the registration module. In a typical embodiment, the registration module will interact with the user with voice/DTMF (DTMF-Dual Tone Multi-Frequency signalling), in which the user can type in the required registration information using the phone keyboard. The user may also be connected to a staffed service at this point. - If, on the other hand, the user is registered (or no registration is required), the telephone server will create a unique message including the
logon key 330. In one embodiment, this is simply a hyperlink to a web site, i.e. a web address, for the service (the same for all users) with a unique system generated string as a parameter serving as the logon key (normally different for each user and each request). In this embodiment, the logon key is stored with a time stamp and the users associated data in the service providers system's memory. An exemplary method is to send the unique message as an SMS WAP push message to the user's cell phone. - The telephone server, in related embodiments, may also send different messages, and utilize different message formats, dependent on the capabilities of the user's telephone. The capabilities of the user's telephone can be made available as information stored in the system, in order that the message format can be adapted to known capabilities of the user's phone. The system may for example know the size of the telephone screen, such as the number of pixels or characters which can fit on one display page, and format the message accordingly. In exemplary embodiments, the telephone server will send WAP push messages, or MMS messages to phones that can handle these types of messages, and different kinds of messages to other phones.
- The telephone server may utilize data as to the kind of phone the user has either because the user has given such data to the server, or because the telephone server may be able to determine the telephone type and model number from the information included in the user call request, and then look up the phone's capabilities.
- When the user receives the SMS
WAP push message 120 he may select theweb link 130, and the user's phone or terminal will make a connection with the web site. - The web link is typically implemented as a logon key and may include a time stamp or similar, possibly encoded, which will make the server accept these unique data elements for logon for a limited time, to increase security. If so, the web server system will look at the logon key in the log-on request, and, if the time stamp is expired, access will not be allowed. However, if the connection attempt is made within the limit set by the time stamp, and all other parts of the log-on parameters are ok, the server system will allow access.
- The logon key of the response message may also, or instead, include other features which limit multiple or indefinite accesses. In one embodiment, the server allows only one or a limited number of logons with any given logon key. Thus, in order to log on yet another time, the user may first have to obtain a new logon key. In one embodiment, the logon key may be used only for identification, i.e. to let the web server know which account the user wish to access.
- The log on key for use by the user may also have a limited lifetime for limiting the time available for accomplishing a transaction. Such a lifetime can for example be less than 6 hours or even as low as 1 hour to limit the time such a transaction is accessible to the user, and for increasing security.
- The server may then ask the user to provide verification, e.g. in the form of a PIN code, fingerprint or any other form of verification that the user is who he or she claims to be. Some servers may also have different levels of security, e.g. simple and less sensitive tasks accept the logon key as identification and verification, while if the user wants to perform more sensitive tasks system may ask the user to provide stronger verification, such as a PIN code, biometric verification such as voice identification or fingerprint, etc. One such application may be in banking where the bank server may accept the logon key as identification of the user and verification for simple tasks, such as seeing the bank balance or transferring funds between the user's own accounts, and require stronger verification, e.g. in the form of a PIN code, to transfer funds to 3rd parties.
- Returning now to the figure, the web server receives the browse request with the
logon key 400, e.g. in the parameter, and looks it up to compare with previously storedlogon keys 410. If found, the web server checks that the time stamp is OK, i.e. that the user logon attempt is within theset time limit 410. If so, it allows access to the web site, and presents the first web page with the user already logged in 430. If the logon key is not found, or the logon attempt is after the time limit, another web page is presented to the user, informing him or her of thefailure 420. - Once the user s logged on to the web site, he or she may move around freely, as on any
web site 150. - A flow chart of an identification and verification system and method according to another exemplary embodiment of the invention is depicted in
FIG. 2 . - Once the telephony server receives the
user ID 300, it checks to see if this user is registered by checking against adatabase 500 of registered users for thisservice 310. If the user is not registered for the service, the system performs the appropriate handling of thissituation 320, for example, including telling the user that s/he needs to register for the service first. - If, on the other hand, the user is registered (or no registration is required), the telephone server will create a unique message including the
logon key 330. In a typical embodiment, this is simply a web address for the service (the same for all users) with a unique system generated string as a parameter serving as the logon key for this particular user and log-on attempt. An exemplary method is to send the unique message as an SMS WAP push message to the user's cell phone. The system also informs the WAP or web server for the service that it can expect a logon with theseparameters 335, and this is logged in adatabase 510. Thelog 510 may or may not be in the same database as theregistration information 500 the system also sends the unique to the user. - The WAP server receives the message and the log-on string parameters from the
telephone server 390, and stores these parameters, associated with the user in adatabase 520. The database may simply be a list stored in the computer's memory, a file, or a relational or any other database. - Once the user attempts the log-on using the unique log-on string received from the
telephone server 400, theWAP server checks 410 with thedatabase 520 to see if this is a correct log-on string. - If the log-on string is not correct, the system does not allow the log-on and presents a message to the
user 420. If, on the other hand, the log-on parameters are correct, the system proceeds to step 430 and allows the log-on, presenting to the user the appropriate web/WAP page. - The user may now interact with the web/WAP site normally 450.
- A flow chart of another exemplary embodiment of the invention is depicted in
FIG. 3 . This exemplary embodiment is similar to that of Example 2 above, with some differences, as described here. InStep 330, the unique logon message is created using information previously stored in adatabase 500, for example, during registration.Steps - A flow chart of another exemplary embodiment of the invention is depicted in
FIG. 4 . In this example the registration process may be handled entirely by the telephone server. In step 200, the registration server, which may or may not be the same as the telephone server, receives the registration request from the user. In a typical implementation of this embodiment, the user will call up the standard service number, and, if he is not registered, he will be transferred to this registration process. However, the registration process may also be achieved over the Internet, using DTMF over a phone line, WAP, or even with an operator-assisted service, or through any other suitable method. - The system will check if the user is already in the database of registered users for this
service 510. If the user is already registered 210, the user is given a message to this effect 220. If not, the system proceeds to step 230. Here, the system will prompt the user for the necessary information, such as the user ID for the service (e.g. account number), possibly a social security number or similar, if needed, etc. - If the registration process occurs through some other means than through the telephone line, the user must also specify his telephone caller ID (telephone number), and there may be a need to verify that the user has given the correct telephone number. This may be achieved by sending a message to the telephone number given by the user, and have the user respond to this message, or supply a code including a log-on key transferred as part of a message in the registration process, thus proving that the user is in possession of the phone with this ID.
- Once a certain piece of information is supplied by the user in step 230, the system may need to check that the information is correct, or has the correct format, e.g., the correct number of digits, etc. in
step 240. If one piece of information was incorrect, the user is given a message about the problem and asked to submit the information again 250. If the information given is correct, the system may prompt formore information 260 until all is given. - Once all the information is received, the necessary information is saved 295 in a
database 510, and the user is informed that the process is complete 299. - A flow chart of another exemplary embodiment of the invention is depicted in
FIG. 5 . In this exemplary embodiment the registration system must communicate with the actual service provider system. Steps 200 to 260 are the same as in the previous example, but instep 270, the registration system will send a confirmation request to the WAP server or the service provider system. - This request may contain the user ID in the service provider system as given by the user in the previous set 230, or it may be a request to receive this user ID, or an alias for the user ID based on information provided by the user or the system. The registration data are received 600 on the WAP Server side. The alias may be established expressly for the purpose of communication between the registration server and the service provider system, thus increasing security.
- In step 610 the system checks that all is OK, and if not, in
step 640, notifies the registration server (telephony server) that it was not. Alternatively, if the information is OK, the system may need to save some information forlater use 630 in adatabase 520, and returns an OK, possibly with more information as required, to the registration server instep 640. In step 280 the registration server received this notification, i.e. the status from the WAP Server, and the system completes according the response in a similar way as in example 4 above. - In an exemplary embodiment of the invention, a registration may be to a specific service with a specific service provider and be valid for one service number only, such as a donation to a specific charity only. In other embodiments, the registration may be more general, so that e.g. a registration to a donation service for a specific charity with donations paid via a credit card, may automatically, or semi-automatically, register the user for other payment services or for donations to other charities. In this way, a cumbersome registration process may be simplified or entirely eliminated.
- Various exemplary screen shots which are generated during execution of the program, according to the present invention, will now be described with reference to
FIG. 6 , which refer to an exemplary embodiment of a donation system according to the invention.FIG. 6 a depicts exemplary screen of a message to the user confirming successful registration.FIG. 6 b depicts an exemplary screen of a WAP link message transmitted to and presented to the user on the display of the mobile phone, the WAP link message containing the login key. As an example, the message can be: -
{quickCollect, regards mobileAxept <http://194.24.252.72;8080/sms/mobile/regstep2.jsp? accessNumber=004700030043& mobileNumber=0047637576240& accessCode=7293> } - In this example a heading provides a user of a mobile phone with information about the service sending the message, while the remaining characters constitute a WAP-link which the user may click on, in order to activate a service, in this case a donation to a charity of some form having a receiving account linked to a telephone donation number. As can be seen, the log-on key in this case includes an access code.
- In some implementations, or on some cell phones or terminals, the link would not be explicitly visible to a user, but a clickable link could be indicated on the display.
FIG. 6 c depicts an exemplary screen of a message to the user confirming successful donation, including confirmation of the amount donated. -
FIG. 7 illustrates a typical mobile telephone to which embodiments of the present invention are applicable.FIG. 7 a shows a typical mobile telephone unit, including display and keyboard; andFIG. 7 b illustrates a typical numeric keyboard of such a unit. Alphabetic characters are accessed through multiple clicks on a numeric key. E.g. To type a “c”, the user must first put the phone in “alpha mode” and then click three times on the key of the number “2”. -
FIG. 8 is a schematic illustration of a computer system for implementing the present invention. Acomputer 800, for example in the form of a portable or handheld type of personal computer (PC) can be used to implement the method according to the present invention, wherein the computer includes, for example, adisplay device 802, such as a conventional display device or a touch screen monitor with a touch-screen interface, etc., akeyboard 804, apointing device 806, a mouse pad or digitizingpad 808, ahard disk 810, or other fixed, high density media drives, connected using an appropriate device bus (e.g., a SCSI bus, an Enhanced IDE bus, an Ultra DMA bus, a PCI bus, etc.), afloppy drive 812, a tape or CD ROM drive 814 with tape orCD media 816, or other removable media devices, such as magneto-optical media, etc., and amother board 818. Themother board 818 includes, for example, aprocessor 820, aRAM 822, and a ROM 824 (e.g., DRAM, ROM, EPROM, EEPROM, SRAM, SDRAM, and Flash RAM, etc.), I/O ports 826 which may be used to couple to external devices, networks, etc., (not shown), and optional special purpose logic devices (e.g., ASICs) or configurable logic devices (e.g., GAL and re-programmable FPGA) 828 for performing specialized hardware/software functions, such as sound processing, image processing, signal processing, neural network processing, object character recognition (OCR) processing, etc., amicrophone 830, and a speaker orspeakers 832. - Using the standard technology mentioned above a computer program can be incorporated into the computer for realizing a telephone function. In the case of a portable laptop or handheld computer having a wireless connection, for example using a WLAN (Wide-Area Local Area Network), such a telephone function would include a user interface, in this case denoted PB on
FIG. 8 , presented on the display device for achieving telephone functionality. In an alternative, an external telephone device, denoted PA onFIG. 8 , could be connected to the computer for achieving telephone function more similar to a traditional telephone. Such an external telephone device could for example be connected to a portable computer via a standard USB-interface in the computer. - As stated above, the system includes at least one computer readable medium, or alternatively, the computer readable medium may be accessed through various paths, such as networks, internet, drives, etc. Examples of computer readable media are compact discs, hard disks, floppy disks, tape, magneto-optical disks, PROMs (EPROM, EEPROM, Flash EPROM), DRAM, SRAM, SDRAM, etc. Stored on any one or on a combination of computer readable media, the present invention includes software for controlling both the hardware of the
computer 800 and for enabling thecomputer 800 to interact with a human user via one of the said telephone devices PA, PB. Such software may include, but is not limited to, device drivers, operating systems and user applications, such as development tools. Such computer readable media further includes the computer program product of the present invention for performing any of the processes according to the present invention, described above (see, e.g.,FIGS. 1-8 ). The computer code devices of the present invention can be any interpreted or executable code mechanism, including but not limited to scripts, interpreters, dynamic link libraries, Java classes, and complete executable programs, etc. - The invention may also be implemented by the preparation of application specific integrated circuits or by interconnecting an appropriate network of conventional component circuits, as will be readily apparent to those skilled in the art.
- User identification and/or verification, according to embodiments of this invention, is a significant simplification relative to existing methods, and requires little or no training on the part of a user. In addition, a system according to embodiments of the present invention, can be created in most existing programming languages and be connected to most modern data enabled telephones. Therefore, according to embodiments of the present invention, the process of login on to a secure web site is significantly simplified, since this may now be performed using the simplified log-on process and a reduced number of keystrokes.
- Although embodiments of the present invention is defined in terms of the user typing using the terminal or phone keyboard, the invention may also be implemented using voice identification or other substitutes for keyboard interaction, thus eliminating entirely or partly the need to use the terminal keyboard, as will be readily apparent to those skilled in the art.
- Although embodiments of the present invention have been described in terms of the user's being able to activate a link to access a secure web site, the invention may also be implemented or used in a manner such that the user must type in the link and/or the logon key in order to access the web site.
- Although embodiments of the present invention have been described in terms of the caller identification information being the caller ID or telephone number, the system may also be implemented using other unique information associated with the call request.
- Although embodiments of the present invention have been described in terms of sending the logon message to the user using the Caller ID as the address, the system may also use other means for identifying the user, and look up the correct address for the logon message based on such other identification.
- Although the exemplary embodiments described in this text and figures imply a specific order of events, several of the events and processes may happen in a different order.
- Although the present invention is described in terms of telephone servers, WAP servers, registration servers and/or service provider servers, these systems may in fact be combined in many different ways, e.g. into fewer systems and servers, or, on the contrary, be further divided into more servers performing only parts of the functionality described for each server in the embodiments described herein. Obviously, numerous modifications and variations of embodiments of the present invention are possible in light of the above teachings. It is therefore to be understood that within the scope of the appended claims, the invention may be practiced otherwise than as specifically described herein.
Claims (19)
1. A method of authenticating a user for conduct of a transaction initiated by the user via a data-enabled telephone in such a manner as to make efficient use of keystrokes on the data-enabled telephone, such data-enabled telephone capable of initiating telephone calls over a telephone network and of engaging in two-way data communication with a data server in a network, such server enabling conduct of the transaction, the method comprising:
receiving caller identification information associated with a telephone call request initiated by the user via the data-enabled telephone to a service number, such caller identification providing a basis for authentication of the user; and
using the caller identification information received at the service number to address a message to the user;
including in such message a logon key for use by the user in accomplishing the transaction; and
sending such message;
so that on receipt of the message, the user may use the logon key to enter into data communication with the server for conduct of the transaction.
2. A method according to claim 1 , wherein the logon key has a lifetime, for purposes of accomplishing the transaction, of less than a specified amount of time.
3. A method according to claim 1 , wherein the logon key for use by the user can be used a limited number of times for purposes of accomplishing the transaction.
4. A method according to claim 1 , wherein the caller identifying information includes a telephone number of the mobile telephone.
5. A method according to claim 1 , wherein receiving and using the caller identification information is accomplished without answering the call request, so that a connection does not result from the call request.
6. A method according to claim 1 , wherein receiving and using the caller identification information includes answering the call request, so that a connection is established.
7. A method according to claim 1 , wherein sending the message includes sending the message to the user's mobile telephone and, on receipt of the message, the user may use the logon key to cause the mobile telephone to enter into data communication with the server.
8. A method according to claim 1 , wherein the logon key serves to identify the user, and the method further comprises obtaining an additional verification of the user as a condition to conduct of the transaction.
9. A method according to claim 2 wherein the message is in a format adapted to the capabilities of the user's telephone.
10. A system for authenticating a user for conduct of a transaction initiated by the user via a data-enabled telephone in such a manner as to make efficient use of keystrokes on the data-enabled telephone, such data-enabled telephone capable of initiating telephone calls over a telephone network and of engaging in two-way data communication with a data server in a network, such server enabling conduct of the transaction, the system comprising:
a telephone server, associated with a service telephone number, for receiving caller identification information associated with a telephone call request initiated by the user via the data-enabled telephone to the service telephone number, such caller identification providing a basis for authentication of the user; such telephone server using the caller identification information received at the service number to address a message to the user, wherein such message includes a logon key for use by the user in accomplishing the transaction, and to send such message;
a data server for data communication with the data-enabled telephone of the user, accessible to the user upon use of the logon key by the user;
so that on receipt of the message, the user may use the logon key to enter into data communication with the data server for conduct of the transaction.
11. A system according to claim 10 , wherein the logon key has a lifetime, for purposes of accomplishing the transaction, of less than a specified amount of time.
12. A system according to claim 10 , wherein the logon key for use by the user can be used a limited number of times for purposes of accomplishing the transaction.
13. A system according to claim 10 , wherein the caller identifying information includes a telephone number of the mobile telephone.
14. A system according to claim 10 , wherein the telephone server obtains the caller identification information without answering the call request, so that a connection does not result from the call request.
15. A system according to claim 10 , wherein the telephone server obtains the caller identification information in the course of answering the call request, so that a connection is established following the call request.
16. A system according to claim 10 , wherein the logon key serves to identify a user, and the telephone server obtains an additional verification of the user as a condition to conduct of the transaction.
17. A system according to claim 10 , wherein the capabilities of the user's telephone is information which is made available in the system, in order that the message format can be adapted to said capabilities.
18. Computer program product comprising program instructions which when executed on a computer system performs the steps a method according to any one of the claims 1 -9.
19. Computer readable medium storing program instructions by which the method of the invention can be performed when the stored program instructions are appropriately loaded into and executed on one or more computers.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/520,270 US20100029249A1 (en) | 2006-12-22 | 2007-12-20 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/615,211 US8325889B2 (en) | 2006-12-22 | 2006-12-22 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
PCT/NO2007/000454 WO2008079018A2 (en) | 2006-12-22 | 2007-12-20 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
US12/520,270 US20100029249A1 (en) | 2006-12-22 | 2007-12-20 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/615,211 Continuation US8325889B2 (en) | 2006-12-22 | 2006-12-22 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
Publications (1)
Publication Number | Publication Date |
---|---|
US20100029249A1 true US20100029249A1 (en) | 2010-02-04 |
Family
ID=39542820
Family Applications (7)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/615,211 Active 2031-04-21 US8325889B2 (en) | 2006-12-22 | 2006-12-22 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
US12/520,270 Abandoned US20100029249A1 (en) | 2006-12-22 | 2007-12-20 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
US13/661,846 Abandoned US20130080332A1 (en) | 2006-12-22 | 2012-10-26 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
US14/171,440 Abandoned US20150039508A1 (en) | 2006-12-22 | 2014-02-03 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
US15/058,980 Abandoned US20170024741A1 (en) | 2006-12-22 | 2016-03-02 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
US16/504,471 Abandoned US20200034843A1 (en) | 2006-12-22 | 2019-07-08 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
US17/559,605 Abandoned US20220129898A1 (en) | 2006-12-22 | 2021-12-22 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/615,211 Active 2031-04-21 US8325889B2 (en) | 2006-12-22 | 2006-12-22 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
Family Applications After (5)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/661,846 Abandoned US20130080332A1 (en) | 2006-12-22 | 2012-10-26 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
US14/171,440 Abandoned US20150039508A1 (en) | 2006-12-22 | 2014-02-03 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
US15/058,980 Abandoned US20170024741A1 (en) | 2006-12-22 | 2016-03-02 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
US16/504,471 Abandoned US20200034843A1 (en) | 2006-12-22 | 2019-07-08 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
US17/559,605 Abandoned US20220129898A1 (en) | 2006-12-22 | 2021-12-22 | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone |
Country Status (4)
Country | Link |
---|---|
US (7) | US8325889B2 (en) |
EP (1) | EP2116010A2 (en) |
CA (1) | CA2673512A1 (en) |
WO (1) | WO2008079018A2 (en) |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090271855A1 (en) * | 2008-04-23 | 2009-10-29 | Thumbplay, Inc. | Computer based method and system for registering a user at a server computer system |
US20130246296A1 (en) * | 2012-03-19 | 2013-09-19 | @Pay LLC | Method for processing multimodal mobile donations via text message and email communication |
WO2013192551A3 (en) * | 2012-06-21 | 2014-03-06 | 24/7 Customer, Inc. | Method and apparatus for diverting callers to web sessions |
US9202212B1 (en) | 2014-09-23 | 2015-12-01 | Sony Corporation | Using mobile device to monitor for electronic bank card communication |
US9292875B1 (en) | 2014-09-23 | 2016-03-22 | Sony Corporation | Using CE device record of E-card transactions to reconcile bank record |
US9317847B2 (en) | 2014-09-23 | 2016-04-19 | Sony Corporation | E-card transaction authorization based on geographic location |
US9355424B2 (en) | 2014-09-23 | 2016-05-31 | Sony Corporation | Analyzing hack attempts of E-cards |
US9367845B2 (en) | 2014-09-23 | 2016-06-14 | Sony Corporation | Messaging customer mobile device when electronic bank card used |
US9378502B2 (en) | 2014-09-23 | 2016-06-28 | Sony Corporation | Using biometrics to recover password in customer mobile device |
US9521141B2 (en) | 2014-02-12 | 2016-12-13 | Bank Of America Corporation | Caller validation |
US9558488B2 (en) | 2014-09-23 | 2017-01-31 | Sony Corporation | Customer's CE device interrogating customer's e-card for transaction information |
US9646307B2 (en) | 2014-09-23 | 2017-05-09 | Sony Corporation | Receiving fingerprints through touch screen of CE device |
US9953323B2 (en) | 2014-09-23 | 2018-04-24 | Sony Corporation | Limiting e-card transactions based on lack of proximity to associated CE device |
US10237732B2 (en) | 2013-06-12 | 2019-03-19 | Telecom Italia S.P.A. | Mobile device authentication in heterogeneous communication networks scenario |
US10262316B2 (en) | 2014-09-23 | 2019-04-16 | Sony Corporation | Automatic notification of transaction by bank card to customer device |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080216153A1 (en) * | 2007-03-02 | 2008-09-04 | Aaltonen Janne L | Systems and methods for facilitating authentication of network devices |
US20140355592A1 (en) | 2012-11-01 | 2014-12-04 | Datavalet Technologies | System and method for wireless device detection, recognition and visit profiling |
US9003488B2 (en) * | 2007-06-06 | 2015-04-07 | Datavalet Technologies | System and method for remote device recognition at public hotspots |
US8185443B2 (en) * | 2008-10-27 | 2012-05-22 | Ebay, Inc. | Method and apparatus for authorizing a payment via a remote device |
CA2904950A1 (en) * | 2014-09-18 | 2016-03-18 | Edatanetworks Inc. | Systems and methods for loyalty programs |
US9781089B2 (en) * | 2015-01-28 | 2017-10-03 | Dropbox, Inc. | Authenticating a user account with a content management system |
GB2539899A (en) * | 2015-06-29 | 2017-01-04 | Aeriandi Ltd | Secure payment method and system for a voice telephony based payment system implemented over a telecommunications network |
CN107093072B (en) * | 2016-12-20 | 2021-02-02 | 招商银行股份有限公司 | Card activation method and device |
CN111048083A (en) * | 2019-12-12 | 2020-04-21 | 深圳康佳电子科技有限公司 | Voice control method, device and storage medium |
US20220321403A1 (en) * | 2021-04-02 | 2022-10-06 | Nokia Solutions And Networks Oy | Programmable network segmentation for multi-tenant fpgas in cloud infrastructures |
Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20010028636A1 (en) * | 2000-03-10 | 2001-10-11 | Robert Skog | Method and apparatus for mapping an IP address to an MSISDN number within a service network |
US20010045451A1 (en) * | 2000-02-28 | 2001-11-29 | Tan Warren Yung-Hang | Method and system for token-based authentication |
US20020110230A1 (en) * | 1996-12-24 | 2002-08-15 | Ileana A. Leuca | Method of wireless retrieval of information |
US20020159597A1 (en) * | 2000-12-22 | 2002-10-31 | Adams Thomas Lee | Method and system for calling line authenticated key distribution |
US20030157925A1 (en) * | 2002-02-21 | 2003-08-21 | Sorber Russell E. | Communication unit and method for facilitating prepaid communication services |
US6799155B1 (en) * | 1998-12-11 | 2004-09-28 | Allied Signal Inc. | Replacement of externally mounted user interface modules with software emulation of user interface module functions in embedded processor applications |
US20050033983A1 (en) * | 2003-08-06 | 2005-02-10 | Hiroshi Takekawa | Secure device, information processing terminal, integrated circuit, terminal application generation apparatus, application authentication method |
US20050125315A1 (en) * | 2003-12-08 | 2005-06-09 | Munoz Jaime M.N. | System for account management and method therefor |
US20050159597A1 (en) * | 2003-12-22 | 2005-07-21 | Abbott Laboratories | 3-Quinuclidinyl amino-substituted biaryl derivatives |
US20100041423A1 (en) * | 2004-11-01 | 2010-02-18 | Mcnamara Justin | Mass Multimedia Messaging |
US20100076853A1 (en) * | 2006-07-07 | 2010-03-25 | Alon Schwarz | Method and system for ordering and supplying goods and services via a cellular phone |
Family Cites Families (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TW249877B (en) * | 1993-11-23 | 1995-06-21 | Bellsouth Int Inc | |
US5892900A (en) * | 1996-08-30 | 1999-04-06 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
US6208853B1 (en) * | 1998-02-24 | 2001-03-27 | Lucent Technologies Inc. | Methods for registering a warranty for a wireless device |
JP2001344537A (en) | 2000-05-31 | 2001-12-14 | Ntt Docomo Inc | Electronic value system, communication terminal and server |
WO2003046784A1 (en) | 2001-11-29 | 2003-06-05 | Niel Eben Viljoen | Method and system for operating a banking service |
IL152626A0 (en) * | 2002-11-03 | 2003-06-24 | Hello Tech Technologies Ltd | Improved mobile payment system |
US6934535B2 (en) | 2002-12-02 | 2005-08-23 | Nokia Corporation | Privacy protection in a server |
NO324253B1 (en) | 2003-11-03 | 2007-09-17 | Mobileaxept As | Procedure and system for providing access to bank account information, from mobile phone |
US20050222913A1 (en) * | 2004-04-01 | 2005-10-06 | Ian Eisenberg | PR/SMS business method, system and method of conducting business |
DE602004015854D1 (en) | 2004-05-12 | 2008-09-25 | Ericsson Telefon Ab L M | AUTHENTICATION SYSTEM |
WO2006079145A1 (en) * | 2004-10-20 | 2006-08-03 | Salt Group Pty Ltd | Authentication method |
CA2589834A1 (en) | 2004-11-03 | 2006-05-18 | Mobileaxept As | A method and a system for providing information from a customer's bank account to his mobile phone |
-
2006
- 2006-12-22 US US11/615,211 patent/US8325889B2/en active Active
-
2007
- 2007-12-20 EP EP07860921A patent/EP2116010A2/en not_active Withdrawn
- 2007-12-20 US US12/520,270 patent/US20100029249A1/en not_active Abandoned
- 2007-12-20 CA CA002673512A patent/CA2673512A1/en not_active Abandoned
- 2007-12-20 WO PCT/NO2007/000454 patent/WO2008079018A2/en active Application Filing
-
2012
- 2012-10-26 US US13/661,846 patent/US20130080332A1/en not_active Abandoned
-
2014
- 2014-02-03 US US14/171,440 patent/US20150039508A1/en not_active Abandoned
-
2016
- 2016-03-02 US US15/058,980 patent/US20170024741A1/en not_active Abandoned
-
2019
- 2019-07-08 US US16/504,471 patent/US20200034843A1/en not_active Abandoned
-
2021
- 2021-12-22 US US17/559,605 patent/US20220129898A1/en not_active Abandoned
Patent Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020110230A1 (en) * | 1996-12-24 | 2002-08-15 | Ileana A. Leuca | Method of wireless retrieval of information |
US6799155B1 (en) * | 1998-12-11 | 2004-09-28 | Allied Signal Inc. | Replacement of externally mounted user interface modules with software emulation of user interface module functions in embedded processor applications |
US20010045451A1 (en) * | 2000-02-28 | 2001-11-29 | Tan Warren Yung-Hang | Method and system for token-based authentication |
US20010028636A1 (en) * | 2000-03-10 | 2001-10-11 | Robert Skog | Method and apparatus for mapping an IP address to an MSISDN number within a service network |
US20020159597A1 (en) * | 2000-12-22 | 2002-10-31 | Adams Thomas Lee | Method and system for calling line authenticated key distribution |
US20030157925A1 (en) * | 2002-02-21 | 2003-08-21 | Sorber Russell E. | Communication unit and method for facilitating prepaid communication services |
US20050033983A1 (en) * | 2003-08-06 | 2005-02-10 | Hiroshi Takekawa | Secure device, information processing terminal, integrated circuit, terminal application generation apparatus, application authentication method |
US20050125315A1 (en) * | 2003-12-08 | 2005-06-09 | Munoz Jaime M.N. | System for account management and method therefor |
US20050159597A1 (en) * | 2003-12-22 | 2005-07-21 | Abbott Laboratories | 3-Quinuclidinyl amino-substituted biaryl derivatives |
US20100041423A1 (en) * | 2004-11-01 | 2010-02-18 | Mcnamara Justin | Mass Multimedia Messaging |
US20100076853A1 (en) * | 2006-07-07 | 2010-03-25 | Alon Schwarz | Method and system for ordering and supplying goods and services via a cellular phone |
Cited By (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8769652B2 (en) * | 2008-04-23 | 2014-07-01 | Clear Channel Management Services, Inc. | Computer based method and system for registering a user at a server computer system |
US20090271855A1 (en) * | 2008-04-23 | 2009-10-29 | Thumbplay, Inc. | Computer based method and system for registering a user at a server computer system |
US11496459B2 (en) | 2008-04-23 | 2022-11-08 | Iheartmedia Management Services, Inc. | Registration process using multiple devices |
US10701063B2 (en) | 2008-04-23 | 2020-06-30 | Iheartmedia Management Services, Inc. | Providing access to registered-user website |
US20130246296A1 (en) * | 2012-03-19 | 2013-09-19 | @Pay LLC | Method for processing multimodal mobile donations via text message and email communication |
US11769138B2 (en) | 2012-03-19 | 2023-09-26 | Swoop Ip Holdings Llc | Method for processing multimodal mobile donations via text message and email communication |
US9871921B2 (en) | 2012-06-21 | 2018-01-16 | 24/7 Customer, Inc. | Method and apparatus for diverting callers to web sessions |
WO2013192551A3 (en) * | 2012-06-21 | 2014-03-06 | 24/7 Customer, Inc. | Method and apparatus for diverting callers to web sessions |
US9325845B2 (en) | 2012-06-21 | 2016-04-26 | 24/7 Customer, Inc. | Method and apparatus for diverting callers to Web sessions |
US10257353B2 (en) | 2012-06-21 | 2019-04-09 | [24]7.ai, Inc. | Method and apparatus for diverting callers to web sessions |
US10237732B2 (en) | 2013-06-12 | 2019-03-19 | Telecom Italia S.P.A. | Mobile device authentication in heterogeneous communication networks scenario |
US9521141B2 (en) | 2014-02-12 | 2016-12-13 | Bank Of America Corporation | Caller validation |
US9292875B1 (en) | 2014-09-23 | 2016-03-22 | Sony Corporation | Using CE device record of E-card transactions to reconcile bank record |
US9646307B2 (en) | 2014-09-23 | 2017-05-09 | Sony Corporation | Receiving fingerprints through touch screen of CE device |
US9652760B2 (en) | 2014-09-23 | 2017-05-16 | Sony Corporation | Receiving fingerprints through touch screen of CE device |
US9558488B2 (en) | 2014-09-23 | 2017-01-31 | Sony Corporation | Customer's CE device interrogating customer's e-card for transaction information |
US9953323B2 (en) | 2014-09-23 | 2018-04-24 | Sony Corporation | Limiting e-card transactions based on lack of proximity to associated CE device |
US9378502B2 (en) | 2014-09-23 | 2016-06-28 | Sony Corporation | Using biometrics to recover password in customer mobile device |
US9367845B2 (en) | 2014-09-23 | 2016-06-14 | Sony Corporation | Messaging customer mobile device when electronic bank card used |
US10262316B2 (en) | 2014-09-23 | 2019-04-16 | Sony Corporation | Automatic notification of transaction by bank card to customer device |
US9355424B2 (en) | 2014-09-23 | 2016-05-31 | Sony Corporation | Analyzing hack attempts of E-cards |
US9317847B2 (en) | 2014-09-23 | 2016-04-19 | Sony Corporation | E-card transaction authorization based on geographic location |
US9202212B1 (en) | 2014-09-23 | 2015-12-01 | Sony Corporation | Using mobile device to monitor for electronic bank card communication |
Also Published As
Publication number | Publication date |
---|---|
US20150039508A1 (en) | 2015-02-05 |
US20130080332A1 (en) | 2013-03-28 |
US20200034843A1 (en) | 2020-01-30 |
WO2008079018A2 (en) | 2008-07-03 |
EP2116010A2 (en) | 2009-11-11 |
US20220129898A1 (en) | 2022-04-28 |
WO2008079018A3 (en) | 2008-09-12 |
US8325889B2 (en) | 2012-12-04 |
US20080152099A1 (en) | 2008-06-26 |
CA2673512A1 (en) | 2008-07-03 |
US20170024741A1 (en) | 2017-01-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20220129898A1 (en) | Efficient authentication of a user for conduct of a transaction initiated via mobile telephone | |
US11461760B2 (en) | Authentication using application authentication element | |
US8887232B2 (en) | Central biometric verification service | |
US6973575B2 (en) | System and method for voice recognition password reset | |
US8151326B2 (en) | Using audio in N-factor authentication | |
US9578022B2 (en) | Multi-factor authentication techniques | |
US20120144461A1 (en) | Mobile pin pad | |
KR20060047252A (en) | Account creation via a mobile device | |
JP2007328381A (en) | Authentication system and method in internet banking | |
CN106875177A (en) | Order processing method, device and paying server | |
US11941093B2 (en) | Digital identity sign-in | |
KR101282824B1 (en) | Meeting attestation system and providing method thereof | |
JP2009245273A (en) | Individual identification system and method | |
GB2547885A (en) | Establishing a communication session | |
JP2018036790A (en) | Authentication device, identity confirmation method, and program | |
AU2016277629A1 (en) | Authentication using application authentication element | |
AU2015200732B2 (en) | Authentication using application authentication element | |
TWI745804B (en) | Method for accessing financial service via interactive message and system thereof | |
WO2013140193A1 (en) | Method and system for establishing secure online video connection | |
JP5495333B2 (en) | Authentication device, authentication system, authentication method, and program | |
US20240330898A1 (en) | Systems and methods for digital pin prompting and setting | |
TWM627363U (en) | System for performing cross-platform identity verification | |
TWM575156U (en) | Video verification providing system | |
TWM609560U (en) | Dynamic Identity Verification System |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: MOBILE AXEPT AS,NORWAY Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BILSTAD, LARS SIGVE;HESTAS, OLE VIDAR;HEDLOY, ATLE;SIGNING DATES FROM 20090701 TO 20090728;REEL/FRAME:023259/0472 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |