Authentication method of field contents based challenge and enumerated pattern of field positions based response in random partial digitized path recognition system

摘要

An interactive method for authentication is based on a shared secret which is in the form of an enumerated pattern of fields on a frame of reference. An instance of the frame of reference comprises an array of characters in which the characters are arranged in a random or other irregular pattern on a grid of content fields. An authentication challenge includes characters from the character set, and is delivered in- or out-of-band. The authentication response includes the enumerated position numbers on the enumerated pattern of the field locations on the grid at which the challenge characters are found.

主权项

1. A method for identification and verification of a user at a client platform in a client/server, computer-networking system that implements an authentication server, the method using an authentication credential as a shared secret with the authentication server, the authentication credential comprising a data set identifying an enumerated pattern of fields on a frame of reference, the fields in the enumerated pattern having locations on the frame of reference and numbered positions in the enumerated pattern; the method comprising:
using a data processing machine or data processing machines, establishing one or more communication channels to the authentication server, and sending a user identifier via said one or more communication channels to the authentication server; receiving a session specific instance of the frame of reference as a result of successful identification of the user identifier by the authentication server, from the authentication server, from an application synchronized with a logical function used to produce an instance at the authentication server or from a combination of the authentication server and an application, the session-specific instance of the frame of reference having fields filled with a session-specific content, wherein the session-specific content comprises characters that are members of a set of characters; rendering an interface on a display including a graphical representation of the session-specific instance of the frame of reference; using an authentication challenge including a plurality of challenge characters from said set of characters, to determine a subset of session-specific numbered positions in the enumerated pattern of fields at which said plurality of challenge characters match the characters in said session-specific instance of the frame of reference; sending authentication response data via said one or more communication channels to the authentication server, the response data identifying said session-specific numbered positions in the enumerated pattern, said session specific numbered positions being usable by the authentication server as part of a verification process; and receiving a signal via said one or more communication channels from the authentication server that indicates completion of the verification process.