| 发明名称 |
CREDENTIAL-FREE IDENTIFICATION AND AUTHENTICATION |
| 摘要 |
A method of authenticating a user so that the user can access a website without entering a unique user credential. A user accesses a target and is presented with an authentication code and an address, and the user sends a message containing the authentication code to that address. Alternatively, the user is pre-supplied with an address and is presented only with an authentication code when the user accesses the target. The user's identity is authenticated by comparing an aspect of the metadata of the message with known metadata aspects, and the user is authenticated by comparing the authentication key presented to the user with the one received in the message. Both the user and the user's identity are authenticated in a single step without requiring the user to input any unique user credential. |
| 申请公布号 |
US2017041320(A1) |
申请公布日期 |
2017.02.09 |
| 申请号 |
US201615237520 |
申请日期 |
2016.08.15 |
| 申请人 |
TextPower, Inc. |
发明人 |
Foster Robert;Goldman Scott;Nielsen Mark |
| 分类号 |
H04L29/06;G07F19/00;H04W12/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A system for authenticate a user with respect to a target service via a user-operated device, comprising:
a database that stores user credentials associated with a plurality of users; and an authentication engine comprising a processor and memory storing software instructions that when executed by the processor causing the process to perform the following steps:
instructing a target user interface associated with the target service to present an authentication passkey and an authentication address without first requiring the user to provide a unique user credential,receiving, from the user-operated device, a message addressed to the authentication address, and comprising a test passkey and a device identifier,detecting a similarity between the test passkey and the authentication passkey,identifying the user-operated device as an authorized device by comparing the device identifier against a stored set of identifiers,retrieving user credentials associated with the user by querying a user database using solely the device identifier, wherein the user credentials comprise at least a user identifier and a password, andsubmitting the retrieved user credentials to the target user interface for accessing the target service. |
| 地址 |
San Juan Capistrano CA US |
