| 摘要 |
Systems, methods, and computer program products are provided for authenticating and efficiently re-authenticating a user with a financial institution in order to gain access to account information using a web-enabled device. The web-enabled device stores user profiles associated with the user including authentication information provided by the user during primary authentication. The device retrieves the authentication information upon secondary authentication, that is, validation of the user's identity, which in some embodiments, includes local validation of a personal identification number (“PIN”) and/or a remote control passcode (“RCP”). As such, the web-enabled device re-authenticates the user without requiring authentication communication with a financial institution server, and thereafter, the user interacts with an application running on the web-enabled device to retrieve desired account information from the financial institution server. |
| 主权项 |
1. A method for providing efficient authentication of a user desiring access to account information maintained by a financial institution, the method comprising:
determining a time of validation of primary authentication; receiving a user request for access to account information using the primary authentication; determining whether a predetermined period of time has lapsed since the time of validation of primary authentication; in response to determining that the predetermined period of time has lapsed since the time of validation of primary authentication, prompting the user for new user authentication information; receiving, via a web-enabled device associated with the user, the new user authentication information from the user; communicating, from the web-enabled device, the new user authentication information to a financial institution server; receiving, at the web-enabled device, validation of the new primary authentication from the financial institution server; and in response to receiving the validation of the new primary authentication from the financial institution server, storing, at the web-enabled device, the new user authentication information in one or more user profiles associated with the user; in response to receiving the validation of the new primary authentication from the financial institution server:
receiving a personal identification number (PIN) from the user;receiving a mobile device identifier associated with a mobile device of the user, wherein the mobile device is configured to wirelessly communicate with the web-enabled device; andstoring, at the web-enabled device, the PIN received from the user and the mobile device identifier; retrieving the new user authentication information including verification of previously validated new primary authentication from the one or more user profiles stored on the web-enabled device when the user desires access to the account information within the predetermined period of time from the validation of the new primary authentication; verifying, at the web-enabled device, the identity of the user, thereby establishing secondary authentication at the web-enabled device by verifying the identity of the user without accessing the financial institution server, when the user desires access to the account information within the predetermined period of time from the validation of the new primary authentication, wherein establishing the secondary authentication further comprises:
establishing a wireless communication link comprising a predetermined communication range, between the web-enabled device and the mobile device;retrieving, by the web-enabled device via the wireless communication link, the mobile device identifier from the mobile device;receiving, at the web-enabled device via the wireless communication link, the PIN provided by the user via the mobile device; andestablishing the secondary authentication based on the successful validation of at least the mobile device identifier and the PIN; connecting the web-enabled device to the financial institution server, in response to establishing the secondary authentication; and conducting, using the web-enabled device, one or more account information transactions with the financial institution server, in response to establishing the secondary authentication. |
