发明名称 |
Authentication method of field contents based challenge and enumerated pattern of field positions based response in random partial digitized path recognition system |
摘要 |
An interactive method for authentication is based on a shared secret which is in the form of an enumerated pattern of fields on a frame of reference. An instance of the frame of reference comprises an array of characters in which the characters are arranged in a random or other irregular pattern on a grid of content fields. An authentication challenge includes characters from the character set, and is delivered in- or out-of-band. The authentication response includes the enumerated position numbers on the enumerated pattern of the field locations on the grid at which the challenge characters are found. |
申请公布号 |
US8868919(B2) |
申请公布日期 |
2014.10.21 |
申请号 |
US201213658800 |
申请日期 |
2012.10.23 |
申请人 |
Authernative, Inc. |
发明人 |
Barton Edward M.;Mizrah Len L. |
分类号 |
G06F21/00;G06F21/36;H04L9/32 |
主分类号 |
G06F21/00 |
代理机构 |
Haynes Beffel & Wolfeld LLP |
代理人 |
Haynes Beffel & Wolfeld LLP |
主权项 |
1. A method for identification and verification of a user at a client platform in a client/server, computer-networking system that implements an authentication server, the method using an authentication credential as a shared secret with the authentication server, the authentication credential comprising a data set identifying an enumerated pattern of fields on a frame of reference, the fields in the enumerated pattern having locations on the frame of reference and numbered positions in the enumerated pattern; the method comprising:
using a data processing machine or data processing machines, establishing one or more communication channels to the authentication server, and sending a user identifier via said one or more communication channels to the authentication server; receiving a session specific instance of the frame of reference as a result of successful identification of the user identifier by the authentication server, from the authentication server, from an application synchronized with a logical function used to produce an instance at the authentication server or from a combination of the authentication server and an application, the session-specific instance of the frame of reference having fields filled with a session-specific content, wherein the session-specific content comprises characters that are members of a set of characters; rendering an interface on a display including a graphical representation of the session-specific instance of the frame of reference; using an authentication challenge including a plurality of challenge characters from said set of characters, to determine a subset of session-specific numbered positions in the enumerated pattern of fields at which said plurality of challenge characters match the characters in said session-specific instance of the frame of reference; sending authentication response data via said one or more communication channels to the authentication server, the response data identifying said session-specific numbered positions in the enumerated pattern, said session specific numbered positions being usable by the authentication server as part of a verification process; and receiving a signal via said one or more communication channels from the authentication server that indicates completion of the verification process. |
地址 |
Redwood City CA US |