Multiple party benefit from an online authentication service

摘要

An account authentication service where a trusted party verifies an account holder's identity for the benefit of a requestor during an online transaction. The account authentication involves requesting a password from the account holder, verifying the password, and notifying the requestor whether the account holder's authenticity has been verified. An alternative embodiment of the account authentication service includes a value-adding component where information about a customer is shared with a value-adding party. The customer information is rich in detail about the customer since it is collected by each of the parties in the account authentication process. The value-adding party can then use this information in various manners. All of the parties involved can benefit from sharing the customer information. The value-adding party can be, for example, a merchant, a shipper, a security organization, or a governmental organization. A transaction identifier identifies a specific transaction between a customer, a merchant, and the customer information.

主权项

1. A method of providing presenter information of high integrity to a value-adding party in the course of an online transaction between an individual presenter and a requesting party, said method comprising:
collecting presenter information pertaining to said presenter during the course of said online transaction, said presenter information being collected by said requesting party from a computing device of said presenter; receiving, by said trusted party at an access control computer, an online authentication request message from said requesting party to authenticate the identity of said presenter during said online transaction, said request message being routed via said computing device of said presenter; receiving, by said trusted party at said access control computer during said online transaction, an identity-authenticating token from said presenter; comparing by said access control computer said identity-authenticating token against a token previously designated for said presenter during said online transaction; sending an online authentication response message from said access control computer of said trusted party to said requesting party during said online transaction notifying said requestor that said presenter is authenticated when said identity-authenticating token matches said token previously designated for said presenter, said response message being routed via said computing device of said presenter; and sending said collected presenter information from said requesting party to said value-adding party.