发明名称 |
Methods and systems for authenticating users |
摘要 |
A method of authenticating users to reduce transaction risks includes indicating a desire to conduct a transaction, inputting information in a workstation, and determining whether the inputted information is known. Moreover, the method includes determining a state of a communications device when the inputted information is known, and transmitting a biometric authentication request from a server to a workstation when the state of the communications device is enrolled. Additionally, the method includes obtaining biometric authentication data in accordance with a biometric authentication data capture request with the communications device, biometrically authenticating the user, generating a one-time pass-phrase and storing the one-time pass-phrase on the authentication system when the user is authenticated, comparing the transmitted one-time pass-phrase against the stored one-time pass-phrase, and conducting the transaction when the transmitted and stored one-time pass-phrases match. |
申请公布号 |
US8826030(B2) |
申请公布日期 |
2014.09.02 |
申请号 |
US201012729167 |
申请日期 |
2010.03.22 |
申请人 |
Daon Holdings Limited |
发明人 |
White Conor Robert;Peirce Michael;Cramer Jason Scott;Steiner Chet Bradford;Diebes Suzanna |
分类号 |
G06F21/00;H04L29/06;G06F21/32 |
主分类号 |
G06F21/00 |
代理机构 |
|
代理人 |
McDermott, Esq. Kevin |
主权项 |
1. A method of authenticating users to reduce transaction risks comprising:
generating a merchant authentication request using a merchant system for a payment transaction and transmitting the merchant authentication request to a service provider server, the service provider server being different than the merchant system and the merchant authentication request including at least a unique user identifier for completing the transaction; transmitting a biometric authentication request from the service provider server over a first communications channel to a workstation, the biometric authentication request including at least a risk level of the payment transaction; in response to receiving the biometric authentication request at the workstation, invoking a security application stored in a communications device; initiating communications over a second communications channel by transmitting the biometric authentication request to an authentication system from the communications device over the second communications channel; extracting a risk level from the biometric authentication request; determining a biometric authentication data requirement corresponding to the extracted risk level; generating a biometric authentication data capture request in response to the biometric authentication request, and transmitting the biometric authentication data capture request from the authentication system to the communications device; validating the identity of a user; generating a one-time pass-phrase, storing the one-time pass-phrase on the authentication system and transmitting the one-time pass-phrase to the communications device over the second communications channel when the user is validated as one of a plurality of authorized users; obtaining the one-time pass-phrase from the communications device and inputting the one-time pass-phrase into the workstation; transmitting the one-time pass-phrase from the workstation to the authentication system over the first communications channel, and comparing the transmitted one-time pass-phrase against the stored one-time pass-phrase; and completing the payment transaction with the unique user identifier when the identity of the user is validated, the transmitted and stored one-time pass-phrases match, and the stored one-time pass-phrase has not expired. |
地址 |
George Town KY |