Multiple party benefit from an online authentication
Abstract
An account authentication service where a trusted party verifies an account holder's identity for the benefit of a requestor during an online transaction. The account authentication involves requesting a password from the account holder, verifying the password, and notifying the requestor whether the account holder's authenticity has been verified. An alternative embodiment of the account authentication service includes a value-adding component where information about a customer is shared with a value-adding party. The customer information is rich in detail about the customer since it is collected by each of the parties in the account authentication process. The value-adding party can then use this information in various manners. All of the parties involved can benefit from sharing the customer information. The value-adding party can be, for example, a merchant, a shipper, a security organization, or a governmental organization. A transaction identifier identifies a specific transaction between a customer, a merchant, and the customer information.
Claims
exact text as granted — not AI-modified1 - 51 . (canceled)
52 . An access control computer comprising:
a processor; and a non-transitory computer readable medium, the non-transitory computer readable medium configured to implement a method comprising:
receiving an online authentication request message from a requesting party to authenticate the identity of a presenter, the online authentication request message being routed via a computing device of the presenter;
receiving an identity-authenticating token and presenter information collected from the computing device of the presenter;
comparing the identity-authenticating token against a token previously designated for the presenter during the online transaction;
authenticating the presenter when the identity-authenticating token matches the token previously designated for the presenter; and
sending an online authentication response message to the requesting party via the computing device of the presenter during the online transaction, the online authentication response message notifying the requesting party that the presenter is authenticated for providing the authenticated presenter information to a value-adding party.
53 . The access control computer of claim 52 , wherein the presenter information is collected during the course of the online transaction by the requesting party from the computing device of the presenter.
54 . The access control computer of claim 52 , wherein the trusted party is an issuer that maintains an account of the presenter, the method further comprising:
verifying, by the issuer during a registration process, the identity of the presenter as the owner of the account and associating the previously designated token with the account.
55 . The access control computer of claim 52 , wherein the method further comprises:
generating a transaction identifier uniquely identifying the online transaction and the presenter information; and including the transaction identifier with the online authentication response message that is sent to the requesting party by the trusted party, the transaction identifier associating the presenter information with the online transaction.
56 . The access control computer of claim 55 , wherein the presenter information and the transaction identifier are sent to a history server for storage, wherein the presenter information and the transaction identifier are retrieved from the history server, and wherein the retrieved presenter information and the transaction identifier are used to perform dispute resolution or to perform data mining.
57 . A computer-implemented method of providing authenticated presenter information to a value-adding party for an online transaction between a presenter and a requesting party, the method comprising:
receiving, by an access control computer of a trusted party, an online authentication request message from the requesting party to authenticate the identity of the presenter, the online authentication request message being routed via a computing device of the presenter; receiving, by the access control computer, an identity-authenticating token and presenter information collected from the computing device of the presenter; comparing, by the access control computer, the identity-authenticating token against a token previously designated for the presenter during the online transaction; authenticating, by the access control computer, the presenter when the identity-authenticating token matches the token previously designated for the presenter; and sending, by the access control computer, an online authentication response message to the requesting party via the computing device of the presenter during the online transaction, the online authentication response message notifying the requesting party that the presenter is authenticated for providing the authenticated presenter information to the value-adding party.
58 . The computer-implemented method of claim 57 , wherein the presenter information is collected during the course of the online transaction by the requesting party from the computing device of the presenter.
59 . The computer-implemented method of claim 57 , wherein the trusted party is an issuer that maintains an account of the presenter, and the method further comprising:
verifying, by the issuer during a registration process, the identity of the presenter as the owner of the account and associating the previously designated token with the account.
60 . The method of claim 57 , further comprising:
generating a transaction identifier uniquely identifying the online transaction and the presenter information; and including the transaction identifier with the online authentication response message that is sent to the requesting party, the transaction identifier associating the presenter information with the online transaction.
61 . The computer-implemented method of claim 60 , wherein the presenter information and the transaction identifier are sent to a history server for storage, wherein the presenter information and the transaction identifier are retrieved from the history server, and wherein the retrieved presenter information and the transaction identifier are used to conduct a transaction between the requesting party and the value adding party.
62 . A requesting party computer comprising:
a processor; and a non-transitory computer readable medium, the non-transitory computer readable medium configured to implement a method comprising: collecting presenter information pertaining to the presenter from a computing device of the presenter during the course of the online transaction; sending an online authentication request message to an access control computer of a trusted party to authenticate the identity of the presenter, the online authentication request message being routed via a computing device of the presenter, wherein the access control computer compares an identity-authenticating token from the presenter against a token previously designated for the presenter; receiving an online authentication response message from the access control computer via the computing device of the presenter during the online transaction, the online authentication response message notifying the requesting party that the presenter is authenticated; and sending the authenticated presenter information to the value-adding party.
63 . The requesting party computer of claim 62 , wherein the method further comprises:
evaluating, by the requesting party, the collected presenter information against a set of criteria, the criteria related to whether the value-adding party desires the collected presenter information; and sending, by the requesting party, the collected presenter information to the value-adding party when it is determined that the presenter information satisfies the set of criteria.
64 . The requesting party computer of claim 62 , wherein the method further comprises:
collecting the presenter information over the course of multiple online transactions by the presenter, whereby the presenter information represents activity by the presenter over multiple transactions.
65 . The requesting party computer of claim 62 , wherein additional presenter information is included within the authentication response message that has previously been collected by the trusted party, the method further comprising:
sending the additional presenter information from the requesting party to the value-adding party.
66 . The requesting party computer of claim 62 , wherein the presenter information includes information describing the subject matter of the online transaction.
67 . A computer-implemented method of providing authenticated presenter information to a value-adding party for an online transaction between a presenter and a requesting party, the method comprising:
collecting, by the requesting party, presenter information pertaining to the presenter from a computing device of the presenter during the course of the online transaction; sending, by the requesting party, an online authentication request message to an access control computer of a trusted party to authenticate the identity of the presenter, the online authentication request message being routed via a computing device of the presenter, wherein the access control computer compares an identity-authenticating token from the presenter against a token previously designated for the presenter; receiving, by the requesting party, an online authentication response message from the access control computer via the computing device of the presenter during the online transaction, the online authentication response message notifying the requesting party that the presenter is authenticated; and sending, by the requesting party, the authenticated presenter information to the value-adding party.
68 . The computer-implemented method of claim 67 , further comprising:
evaluating, by the requesting party, the collected presenter information against a set of criteria, the criteria related to whether the value-adding party desires the collected presenter information; and sending, by the requesting party, the collected presenter information to the value-adding party when it is determined that the presenter information satisfies the set of criteria.
69 . The computer-implemented method of claim 67 , further comprising:
collecting the presenter information over the course of multiple online transactions by the presenter, whereby the presenter information represents activity by the presenter over multiple transactions.
70 . The method of claim 67 , wherein additional presenter information is included within the authentication response message that has previously been collected by the trusted party, the method further comprising:
sending the additional presenter information from the requesting party to the value-adding party.
71 . The method of claim 67 , wherein the presenter information includes information describing the subject matter of the online transaction.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.