System and method for transaction security responsive to a signed authentication
Abstract
A system arranged to authenticate a user via its mobile device to a service provider, the system comprising: an authentication server; the user mobile device, the user mobile device provided with a verification application arranged to communicate with the authentication server; and a notification server in communication with the authentication server and arranged to transmit a notification to the user mobile device responsive to the authentication server, the authentication server arranged to provide a signed authentication to the service provider responsive to present and historical information regarding one of: the user mobile device; and an additional user device in communication with said authentication server, said signed authentication provided in accordance with a rule set determined by an authorized entity stored on said authentication server memory governing the required present and historical information attribute.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A system comprising a server arranged to authorize access of a user device to a server device;
the server comprising, at least one processor operatively connected to a non-transitory memory, said memory having loaded thereon instructions executable by said at least one processor to: determine that a user device is attempting to access the server; provide to said user device, data including human verification test for collecting human verification data from the user device; wherein the data further includes instruction to a user to activate the human verification test on the user device, and wherein following activation, the human verification test is responsive for receiving user input for a predefined time period; verify whether or not an input, including human verification data, received from the user device has been provided by a human based on whether or not at least the human verification data has been provided to the user device within the predefined time period; and based at least partly on the verification, determine whether to authorize access of the user device to a service provider.
2 . The system according to claim 1 , wherein the human verification data includes a voice input recorded during a time equal or shorter to the time period.
3 . The system according to claim 2 , wherein said voice input includes voice response of a user to at least one word displayed on a display device of the user device.
4 . The system according to claim 3 , wherein the voice input includes a representation of said recorded voice response, said server is arranged to determine whether said representation of said recorded voice response matches a pre-registered recorded voice responsive, and authorize access of the user device to the service provider if it does.
5 . The system according to claim 1 , wherein the server is arranged to:
transmit a keypad image to said user device for display on a touch screen input device of said user device; receive from said user device verification data comprising touch screen coordinates for each passcode segment entered; and authorize access of the user device to the service provider if said received touch screen coordinates are consonant with a pre-registered passcode.
6 . The system according to claim 5 , wherein said keypad image is a special purpose keyboard configured to be responsive to the passcode.
7 . The system according to claim 1 , further comprising said user device, said user device comprising a user device processor and an associated user device non-transitory memory, said user device non-transitory memory having instructions loaded thereon which when executed by said user device processor cause said device to send to said server the human verification data.
8 . The system according to claim 1 , wherein the instructions are executable by said at least one processor to:
provide to said user device a list of at least one selectable service provider and at least one selectable registered user device other than said user device; receive a selection made at said user device of a service provider, from among said at least one selectable service provider, to which access is desired, and of a user device, from among said at least one selectable registered user device, by which access to said selected service provider is desired; and based on the verification, determine whether to send authentication message to the selected service provider to authorize access of the user device to the selected service provider.
9 . A method of authorizing access of user device to a server device, comprising:
at the server device using at least one processor for: determining that a user device is attempting to access the server; providing to said user device, data including human verification test for collecting human verification data from the user device; wherein the data further includes instruction to a user to activate the human verification test on the user device, and wherein following activation, the human verification test is responsive for receiving user input for a predefined time period; verifying whether or not an input, including human verification data, received from the user device has been provided by a human based on whether or not at least the human verification data has been provided to the user device within the predefined time period; and based at least partly on the verification, determining whether to authorize access of the user device to a service provider.
10 . The method according to claim 9 , wherein the human verification data includes a voice input recorded during a time equal or shorter to the time period.
11 . The method according to claim 10 , wherein said voice input includes voice response of a user to at least one word displayed on a display device of the user device.
12 . The method according to claim 11 , wherein the voice input includes a representation of said recorded voice response, the method further comprising:
determining whether said representation of said recorded voice response matches a pre-registered recorded voice responsive, and authorize access of the user device to the service provider if it does.
13 . The method according to claim 9 , further comprising:
transmitting a keypad image to said user device for display on a touch screen input device of said user device; receiving from said user device verification data comprising touch screen coordinates for each passcode segment entered; and authorizing access of the user device to the service provider if said received touch screen coordinates are consonant with a pre-registered passcode.
14 . The method according to claim 9 , further comprising:
providing to said user device a list of at least one selectable service provider and at least one selectable registered user device other than said user device; receiving a selection made at said user device of a service provider, from among said at least one selectable service provider, to which access is desired, and of a user device, from among said at least one selectable registered user device, by which access to said selected service provider is desired; and based on the verification, determining whether to send authentication message to the selected service provider to authorize access of the user device to the selected service provider.
15 . A user device comprising at least one processor operatively connected to a non-transitory memory, said non-transitory memory having instructions loaded thereon which when executed by said at least one processor cause said user device to:
receive from a server data related to a human verification test for collecting human verification data from the user device; wherein the data includes instruction to a user to activate displaying of the human verification test on the user device; responsive to activation by a user, display the human verification test for a predefined time period; transmit the human verification data to the server for enabling the server to: verify whether or not an input, including human verification data, received from the user device has been provided by a human based on whether or not at least the human verification data has been provided to the user device within the predefined time period; and based on the verification, determine whether to authorize access of the user device to a service provider.Join the waitlist — get patent alerts
Track US2015304850A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.