Centralized Identification and Authentication System and
`
`Method
`
`Related Applications
`
`This application is a Continuation of Application Number 11/239,046, filed 9-30-
`
`2005, with a priority of a US provisional application 60/615,603, filed Oct-5-2004, with
`
`the same inventors and assignee. This application is also a Continuation of another US
`
`application 09/940,635, filed Aug 29, 2001, and patented as PN 7,356,837, on Apr-8-
`
`2008, titled “Centralized identification and authentication system and method”, with the
`
`same inventors and assignee. Please note that the current application has the same exact
`
`specification and Figures as those submitted with the original application 09/940,635,
`
`filed Aug 29, 2001.
`
`BACKGROUND OF THE INVENTION
`
`1. FIELD OF THE INVENTION
`
`The present invention relates to a centralized identification and authentication
`
`system and method for identifying an individual over a communication network such as
`
`Internet, to increase security in e-commerce. More particularly a method and system for
`
`generation of a dynamic, non-predictable and time dependent SecureCode for the purpose
`
`of positively identifying an individual.
`
`1 U
`
`SAA 1013
`
`USAA 1013
`
`
`
`Method
`
`Related Applications
`
`This application is a Continuation of Application Number 11/239,046, filed 9-30-
`
`2005, with a priority of a US provisional application 60/615,603, filed Oct-5-2004, with
`
`the same inventors and assignee. This application is also a Continuation of another US
`
`application 09/940,635, filed Aug 29, 2001, and patented as PN 7,356,837, on Apr-8-
`
`2008, titled “Centralized identification and authentication system and method”, with the
`
`same inventors and assignee. Please note that the current application has the same exact
`
`specification and Figures as those submitted with the original application 09/940,635,
`
`filed Aug 29, 2001.
`
`BACKGROUND OF THE INVENTION
`
`1. FIELD OF THE INVENTION
`
`The present invention relates to a centralized identification and authentication
`
`system and method for identifying an individual over a communication network such as
`
`Internet, to increase security in e-commerce. More particularly a method and system for
`
`generation of a dynamic, non-predictable and time dependent SecureCode for the purpose
`
`of positively identifying an individual.
`
`1 U
`
`SAA 1013
`
`USAA 1013
`
`
`
`2. DESCRIPTION OF THE RELATED ART
`
`The increasing use of the Internet and the increase of businesses utilizing e-
`
`commerce have lead to a dramatic increase in customers releasing confidential personal
`
`and financial information, in the form of social security numbers, names, addresses,
`
`credit card numbers and bank account numbers, to identify themselves. This will allow
`
`them to get access to the restricted web sites or electronically purchase desired goods or
`
`services. Unfortunately this type of identification is not only unsafe but also it is not a
`
`foot proof that the user is really the person he says he is. The effect of these increases is
`
`refiected in the related art.
`
`U.S. Pat. No. 5,732,137 issued to Aziz outlines a system and method for
`
`providing remote user authentication in a public computer network such as the Internet.
`
`More specifically, the system and method provides for remote authentication using a one-
`
`time password scheme having a secure out-of-band channel for initial password delivery.
`
`U.S. Pat. No. 5,815,665 issued to Teper et al. outlines the use of a system and
`
`method for enabling consumers to anonymously, securely and conveniently purchase on-
`
`line services from multiple service providers over a distributed network, such as the
`
`Internet. Specifically, a trusted third-party broker provides billing and security services
`
`for registered service providers via an online brokering service, eliminating the need for
`
`the service providers to provide these services.
`
`U.S. Pat. No 5,991,408 issued to Pearson , et al. outlines a system and method for
`
`using a biometric element to create a secure identification and verification system, and
`
`
`
`more specifically to an apparatus and a method for creating a hard problem which has a
`
`representation of a biometric element as its solution.
`
`Although each of the previous patents outline a valuable system and method, what
`
`is really needed is a system and method that offers digital identity to the users and allows
`
`them to participate in e-commerce without worrying about the privacy and security. In
`
`addition to offering security and privacy to the users, the new system has to be simple for
`
`businesses to adopt and also doesn’t require the financial institutions to change their
`
`existing systems. Such a secure, flexible and scalable system and method would be of
`
`great value to the businesses that would like to participate in today’s electronic
`
`commerce.
`
`None of the above inventions and patents, taken either singularly or in
`
`combination, is seen to describe the instant invenfition as claimed. Thus a centralized
`
`identification and authentication system and method solving the aforementioned
`
`problems is desired.
`
`For convenience, the term "user" is used throughout to represent both a typical
`
`person consuming goods and services as well as a business consuming goods and
`
`services.
`
`As used herein, a "Central-Entity" is any party that has user's personal and/or
`
`financial information, UserName, Password and generates dynamic, non-predictable and
`
`time dependable SecureCode for the user. Examples of Central-Entity are: banks, credit
`
`card issuing companies or any intermediary service companies.
`
`As also used herein, an "Extemal-Entity" is any party offering goods or services
`
`that users utilize by directly providing their UserName and SecureCode as digital
`
`
`
`identity. Such entity could be a merchant, service provider or an online site. An
`
`"Extemal-Entity" could also be an entity that receives the user's digital identity indirectly
`
`from the user through another Extemal-Entity, in order to authenticate the user, such
`
`entity could be a bank or a credit card issuing company.
`
`The term “UserName” is used herein to denote any alphanumeric name, id, login
`
`name or other identification phrase, which may be used by the “Central-Entity” to
`
`identify the user.
`
`The term “Password” is used herein to denote any alphanumeric password, secret
`
`code, PIN, prose phrase or other code, which may be stored in the system to authenticate
`
`the user by the “Central-Entity”.
`
`The term “SecureCode” is used herein to denote any dynamic, non-predictable
`
`and time dependent alphanumeric code, secret code, PIN or other code, which may be
`
`broadcast to the user over a communication network, and may be used as part of a digital
`
`identity to identify a user as an authorized user.
`
`The term "digital identity" is used herein to denote a combination of user's
`
`"SecureCode" and user's information such as "UserName", which may result in a
`
`dynamic, non-predictable and time dependable digital identity that could be used to
`
`identify a user as an authorized user.
`
`The term “financial information” is used herein to denote any credit card and
`
`banking account information such as debit cards, savings accounts and checking
`
`accounts.
`
`SUMMARY OF THE INVENTION
`
`
`
`The invention relates to a system and method provided by a Central-Entity for
`
`centralized identification and authentication of users and their transactions to increase
`
`security in e-commerce. The system includes:
`
`N
`
`A Central-Entity: This entity centralizes users personal and financial
`
`information in a secure environment in order to prevent the distribution of user’s
`
`information in e-commerce. This information is then used to create digital identity for the
`
`users. The users may use their digital identity to identify themselves instead of providing
`
`their personal and financial information to the Extemal-Entities;
`
`N
`
`A plurality of users: A user represents both a typical person consuming
`
`goods and services as well as a business consuming goods and services, who needs to be
`
`identified in order to make online purchases or to get access to the restricted web sites.
`
`The user registers at the Central-Entity to receive his digital identity, which is then
`
`provided to the Extemal-Entity for identification;
`
`N
`
`A plurality of Extemal-Entities: An Extemal-Entity is any party offering
`
`goods or services in e-commerce and needs to authenticate the users based on digital
`
`identity.
`
`The user signs-up at the Central-Entity by providing his personal or financial
`
`information. The Central-Entity creates a new account with user's personal or financial
`
`information and issues a unique UserName and Password to the user. The user provides
`
`his Usemame and Password to the Central-Entity for identification and authentication
`
`purposes when accessing the services provided by the Central-Entity. The Central-Entity
`
`also generates dynamic, non-predictable and time dependent SecureCode for the user per
`
`
`
`user's request and issues the SecureCode to the user. The Central-Entity maintains a copy
`
`of the SecureCode for identification and authentication of the user’s digital identity. The
`
`user presents his UserName and SecureCode as digital identity to the Extemal-Entity for
`
`identification. When an Extemal-Entity receives the user's digital identity (UserName and
`
`SecureCode), the Extemal-Entity will forward this information to the Central-Entity to
`
`identify and authenticate the user. The Central-Entity will validate the information and
`
`sends an approval or denial response back to the Extemal-Entity.
`
`There are also communications networks for the user, the Central-Entity and the
`
`Extemal-Entity to give and receive information between each other.
`
`This invention also relates to a system and method provided by a Central-Entity
`
`for centralized identification and authentication of users to allow them access to restricted
`
`web sites using their digital identity, preferably without revealing confidential personal or
`
`financial information.
`
`This invention further relates to a system and method provided by a Central-
`
`Entity for centralized identification and authentication of users to allow them to purchase
`
`goods and services from an Extemal-Entity using their digital identity, preferably without
`
`revealing confidential personal or financial information.
`
`Accordingly, it is a principal object of the invention to offer digital identity to the
`
`users for identification in e-commerce.
`
`It is another object of the invention to centralize user’s personal and financial
`
`information in a secure environment.
`
`It is another object of the invention to prevent the user from distributing their
`
`personal and financial information.
`
`
`
`It is a further object of the invention to keep merchants, service providers, Internet
`
`sites and financial institutions satisfied by positively identifying and authenticating the
`
`users.
`
`It is another object of the invention to reduce fraud and increase security for e-
`
`commerce.
`
`It is another object of the invention to allow businesses to control visitor's access
`
`to their web sites.
`
`It is another object of the invention to protect the customer from getting bills for
`
`goods and services that were not ordered.
`
`It is another object of the invention to increase customers‘ trust and reduce
`
`customers‘ fear for e-commerce.
`
`It is another object to decrease damages to the customers, merchants and financial
`
`institutions.
`
`It is an object of the invention to provide improved elements and arrangements
`
`thereof for the purposes described which are inexpensive, dependable and fully effective
`
`in accomplishing its intended purposes.
`
`These and other objects of the present invention will become readily apparent
`
`upon further review of the following specification and drawings.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`Fig. l is a high-level overview of a centralized identification and authentication
`
`system and method according to the present invention.
`
`
`
`Fig. 2 is a detailed overview of a centralized identification and authentication
`
`system and method according to the present invention.
`
`Fig. 3 is a block diagram of the registration of a customer utilizing a centralized
`
`identification and authentication system and method according to the present invention.
`
`Fig. 4 is a block diagram of the transaction of a customer utilizing a centralized
`
`identification and authentication system and method according to the present invention.
`
`Fig. 5 is a block diagram of a Central-Entity authorizing a user utilizing a
`
`centralized identification and authentication system and method according to the present
`
`invention.
`
`DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
`
`Detailed descriptions of the preferred embodiment are provided herein. It is to be
`
`understood, however, that the present invention may be embodied in various forms.
`
`Therefore, specific details disclosed herein are not to be interpreted as limiting, but rather
`
`as a basis for the claims and as a representative basis for teaching one skilled in the art to
`
`employ the present invention in virtually any appropriately detailed system, structure or
`
`1113111161‘.
`
`
`
`The invention relates to a system 1 and method 2 to identify and authenticate the
`
`users and their transactions to increase security in e-commerce. Fig. 1 illustrates a system
`
`to positively identify the users 10 in e-commerce based on digital identity.
`
`The system 1 comprises a plurality of users 10, a plurality of Extemal-Entities 20
`
`with goods and services that are desired by the users 10 and a Central-Entity 30 providing
`
`a unique UserName and Password to the users 10 and generating dynamic, non-
`
`predictable and time dependent SecureCode for the users 10 per user's request. There are
`
`also communication networks 50 for the user 10, the Central-Entity 30 and the Extemal-
`
`Entity 20 to give and receive information between each other.
`
`It would be desirable to develop a new system 1 and method 2 to centralize user's
`
`personal and financial information in a secure environment and to offer digital identity to
`
`the users 10 in order to provide privacy, increase security and reduce fraud in e-
`
`commerce. Ideally, a secure identification and authentication system 1 would identify
`
`legitimate users 10 and unauthorized users 10. This would increase the user's trust, which
`
`leads to more sales and cash flow for the merchants/service providers.
`
`The present invention relates to a system 1 and method 2 to support this ideal
`
`identification and authentication system. For identification purpose, a digital identity (a
`
`unique UserName and a dynamic, non-predictable and time dependent SecureCode) is
`
`used by the user 10 at the time of ordering or at the time of accessing a restricted Internet
`
`site. A series of steps describing the overall method are conducted between the users 10,
`
`the Central-Entity 30 and the Extemal-Entity 20 and are outlined in Fig. 3,4,5.
`
`There are three distinct phases involved in using the centralized identification and
`
`authentication system Fig. 2, the first of which being the registration phase, which is
`
`
`
`depicted in Fig. 3. During the registration phase, the user 10 provides his personal or
`
`financial information to the Central-Entity 30. The user l0 registers at the Central-Entity
`
`30, 100, 104 and receives his account and login information such as UserName and
`
`Password 108. User 10 can access his account at any time by accessing the Central-
`
`Entity's system using a communication network 50 and logging into the system.
`
`Next is the transaction phase, where the user 10 attempts to access a restricted
`
`web site or attempts to buy services or products ll0, as illustrated in Fig. 4, through a
`
`standard interface provided by the Extemal-Entity 20, similar to what exists today and
`
`selects digital identity as his identification and authorization or payment option. The
`
`Extemal-Entity 20 displays the access or purchase authorization form requesting the user
`
`10 to authenticate himself using his UserName and SecureCode as digital identity. The
`
`user 10 requests SecureCode from the Central-Entity 30 by accessing his account over
`
`the communication network 50, ll4. The Central-Entity 30 generates dynamic, non-
`
`predictable and time dependable SecureCode M8 for the user 10. The Central-Entity 30
`
`maintains a copy of the SecureCode for identification and authentication of the user l0
`
`and issues the SecureCode to the user 10. When the user 10 receives the SecureCode 120,
`
`the user 10 provides his UserName and SecureCode as digital identity to the Extemal-
`
`Entity 20, l24, Fig. 4.
`
`The third phase is identification and authorization phase. Once the user l0
`
`provides his digital identity to the Extemal-Entity 20, the Extemal-Entity 20 forwards
`
`user's digital identity along with the identification and authentication request to the
`
`Central-Entity 30, l30, as illustrated in Fig. 5. When the Central-Entity 30 receives the
`
`request containing the user's digital identity, the Central-Entity 30 locates the user's
`
`l0
`
`
`
`digital identity (UserName and SecureCode) in the system 134 and compares it to the
`
`digital identity received fiom the Extemal-Entity 20 to identify and validate the user l0,
`
`l38. The Central-Entity 30 generates a reply back to the Extemal-Entity 20 via a
`
`communication network 50 as a result of the comparison. If both digital identities match,
`
`the Central-Entity 30 will identify the user l0 and will send an approval of the
`
`identification and authorization request to the Extemal-Entity 20, l40, otherwise will
`
`send a denial of the identification and authorization request to the Extemal-Entity 20,
`
`l50. The Extemal-Entity 20 receives the approval or denial response in a matter of
`
`seconds. The Extemal-Entity 20 might also display the identification and authentication
`
`response to the user 10.
`
`To use the digital identity feature, the Central-Entity 30 provides the authorized
`
`user l0 the capability to obtain a dynamic, non-predictable and time dependable
`
`SecureCode. The user 10 will provide his UserName and SecureCode as digital identity
`
`to the Extemal-Entity 20 when this information is required by the Extemal-Entity 20 to
`
`identify the user 10.
`
`The Central-Entity 30 may add other information to the SecureCode before
`
`sending it to the user 10, by algorithmically combining SecureCode with user’s
`
`information such as UserName. The generated SecureCode will have all the information
`
`needed by the Central-Entity 30 to identify the user 10. In this case the user will only
`
`need to provide his SecureCode as digital identity to the Extemal-Entity 20 for
`
`identification.
`
`In the preferred embodiment, the user 10 uses the communication network 50 to
`
`receive the SecureCode from the Central-Entity 30. The user 10 submits the SecureCode
`
`ll
`
`
`
`in response to Extemal-Entity's request 124. The SecureCode is preferably implemented
`
`through the use of an indicator. This indicator has two states: "on" for valid and "off' for
`
`invalid. When the user 10 receives the SecureCode, the SecureCode is in "on" or "valid"
`
`state. The Central-Entity 30 may improve the level of security by invalidating the
`
`SecureCode after it's use. This may increase the level of difficulty for unauthorized user.
`
`Two events may cause a valid SecureCode to become invalid:
`
`l.
`
`Timer event: This event occurs when the predefined time passes. As
`
`mentioned above the SecureCode is time dependent.
`
`2.
`
`Validation event: This event occurs when the SecureCode forwarded to
`
`the Central-Entity 30 (as part of digital identity) corresponds to the user's SecureCode
`
`held in the system. When this happens the Central-Entity 30 will invalidate the
`
`SecureCode to prevent future use and sends an approval identification and authorization
`
`message to the Extemal-Entity 20,140.
`
`A valid digital identity corresponds to a valid SecureCode. When the SecureCode
`
`becomes invalid, the digital identity will also become invalid.
`
`While the invention has been described in connection with a preferred
`
`embodiment, it is not intended to limit the scope of the invention to the particular form
`
`set forth, but on the contrary, it is intended to cover such alternatives, modifications, and
`
`equivalents as may be included within the spirit and scope of the invention as defined by
`
`the appended claims.
`
`l2
`
`
`
`Claims
`
`1. A method for authenticating a user in e-commerce for a transaction based on a digital
`
`identity issued by a Central-Entity, the method comprising:
`
`a. the user communicates with an External-Entity and performs a secure
`
`transaction with the External-Entity;
`
`b. the External-Entity requires the user to authenticate itself by providing a valid
`
`digital identity before executing the transaction;
`
`c. the user establishes communication with the Central-Entity and submits a
`
`request for a dynamic SecureCode in response to the Extemal-Entity's requirement;
`
`d. the Central-Entity:
`
`i. dynamically generates a dynamic SecureCode for the user in response to the
`
`user request;
`
`ii. algorithmically combines said generated SecureCode with user-specific
`
`information before providing the SecureCode to the user;
`
`iii. maintains a copy of said generated SecureCode; and
`
`iv. provides said generated SecureCode to the user,
`
`e. the Extemal-Entity receives a digital identity from the user, wherein the digital
`
`identity comprises a UserName and said generated SecureCode, and forwards said digital
`
`identity to the Central-Entity for authentication of the user;
`
`f. the Central-Entity receives said digital identity, validates said digital identity
`
`based on said SecureCode maintained in its system, and if valid, then authenticates the
`
`user and sends an affirrnation message to the Extemal-Entity; and
`
`13
`
`
`
`g. upon receipt of an affirmation message from the Central-Entity, the Extemal-
`
`Entity executes the transaction.
`
`2. A method as recited in claim 1, wherein said user has a pre-existing
`
`relationship with the Extemal-Entity.
`
`3. A method as recited in claim 1, wherein said user has no pre-existing
`
`relationship with the Extemal-Entity.
`
`4. A method as recited in claim 1, wherein said Extemal-Entity and said Central-
`
`Entity share a cryptographic algorithm.
`
`5. A method as recited in claim 1, wherein said Extemal-Entity and said Central-
`
`Entity do not share any cryptographic algorithm.
`
`6. A method as recited in claim 1, wherein said Extemal-Entity and said Central-
`
`Entity are within the same organization.
`
`7. A method as recited in claim 1, wherein said Extemal-Entity and said Central-
`
`Entity are the same organization.
`
`8. A method as recited in claim 7, wherein all the communications and
`
`transactions between said Extemal-Entity and said Central-Entity are within said same
`
`organization.
`
`9. A method as recited in claim 8, wherein said all the communications and
`
`transactions between said Extemal-Entity and said Central-Entity are transparent to said
`
`user and an outside observer.
`
`l4
`
`
`
`10. A method as recited in claim 8, wherein said all the communications and
`
`transactions between said Extemal-Entity and said Central-Entity are done within a same
`
`server.
`
`ll. A method as recited in claim 8, wherein said all the communications and
`
`transactions between said Extemal-Entity and said Central-Entity are done between two
`
`or more different servers.
`
`12. A method as recited in claim 1, wherein said digital identity is based on a
`
`logical combination of the SecureCode and the user-specific information.
`
`13. A method as recited in claim 1, wherein said digital identity is based on the
`
`SecureCode and the user-specific information.
`
`14. The method of claim 1, wherein the user-specific information comprises
`
`UserName.
`
`15. The method of claim 14, wherein the UserName corresponds to a
`
`alphanumeric name, ID, login name, an identification phrase, account number, phone
`
`number, IP address, hardware key, software key, or serial number.
`
`16. The method of claim l, wherein the transaction corresponds to a financial
`
`transaction.
`
`17. The method of claim l, wherein the transaction corresponds to a non-financial
`
`transaction.
`
`18. The method of claim 1, wherein the transaction corresponds to access to
`
`restricted web-site.
`
`l5
`
`
`
`19. The method of claim 1, wherein said communication is done on a
`
`communication network including Internet, wireless, mobile network, satellite, or private
`
`network.
`
`20. The method of claim 1, wherein said communication is done on a
`
`communication network including at least a server and a client device.
`
`21. A system for authenticating a user in e-commerce for a transaction based on a digital
`
`identity issued by a Central-Entity, the system comprising:
`
`a. the user in communication with an Extemal-Entity and performs a secure
`
`transaction with the Extemal-Entity;
`
`b. the Extemal-Entity requires the user to authenticate itself by providing a valid
`
`digital identity before executing the transaction;
`
`c. the user in communication with the Central-Entity and with a request for a
`
`dynamic SecureCode in response to the Extemal-Entity's requirement;
`
`d. the Central-Entity adapted to:
`
`i. dynamically generate a dynamic SecureCode for the user in response to the user
`
`request;
`
`ii. algorithmically combine said generated SecureCode with user-specific
`
`information before providing the SecureCode to the user;
`
`iii. maintain a copy of said generated SecureCode; and
`
`iv. provide said SecureCode to the user,
`
`16
`
`
`
`e. the Extemal-Entity adapted to receive a digital identity from the user, wherein
`
`the digital identity comprises a UserName and said generated SecureCode, and to
`
`forward said digital identity to the Central-Entity to authenticate the user;
`
`f. the Central-Entity further adapted to Validate the received said digital identity
`
`based on said SecureCode maintained in its system, and if Valid, then to authenticate the
`
`user, and send an affirrnation message to the Extemal-Entity; and
`
`g. the Extemal-Entity further adapted to execute the transaction upon receipt of an
`
`affirmation message from the Central-Entity.
`
`22. A system as recited in claim 21, wherein said user has a pre-existing
`
`relationship with the Extemal-Entity.
`
`23. A system as recited in claim 21, wherein said user has no pre-existing
`
`relationship with the Extemal-Entity.
`
`24. A system as recited in claim 21, wherein said Extemal-Entity and said
`
`Central-Entity share a cryptographic algorithm.
`
`25. A system as recited in claim 21, wherein said Extemal-Entity and said
`
`Central-Entity do not share any cryptographic algorithm.
`
`26. A system as recited in claim 21, wherein said Extemal-Entity and said
`
`Central-Entity are within the same organization.
`
`27. A system as recited in claim 21, wherein said Extemal-Entity and said
`
`Central-Entity are the same organization.
`
`17
`
`
`
`28. A system as recited in claim 26, wherein all the communications and
`
`transactions between said Extemal-Entity and said Central-Entity are within said same
`
`organization.
`
`29. A system as recited in claim 28, wherein said all the communications and
`
`transactions between said Extemal-Entity and said Central-Entity are transparent to an
`
`outside observer and said user.
`
`30. A system as recited in claim 28, wherein said all the communications and
`
`transactions between said Extemal-Entity and said Central-Entity are done within a same
`
`server.
`
`3 l. A system as recited in claim 28, wherein said all the communications and
`
`transactions between said Extemal-Entity and said Central-Entity are done between two
`
`or more different servers.
`
`32. A system as recited in claim 21, wherein said digital identity is based on a
`
`logical combination of the SecureCode and the user-specific information.
`
`33. A system as recited in claim 21, wherein said digital identity is based on the
`
`SecureCode and the user-specific information.
`
`34. The system of claim 21, wherein the user-specific information comprises
`
`UserName.
`
`35. The system of claim 34, wherein the UserName corresponds to a
`
`alphanumeric name, ID, lo gin name, identification phrase, account number, phone
`
`number, IP address, hardware key, software key, or serial number.
`
`36. The system of claim 21, wherein the transaction corresponds to a financial
`
`transaction.
`
`18
`
`
`
`37. The system of claim 21, wherein the transaction corresponds to a non-
`
`financial transaction.
`
`38. The system of claim 21, wherein the transaction corresponds to access to
`
`restricted web-site.
`
`39. The system of claim 21, wherein said communication is done on a
`
`communication network including Internet, wireless, mobile network, satellite, or private
`
`network.
`
`40. The system of claim 21, wherein said communication is done on a
`
`communication network including at least a server and a client device.
`
`41. A method as recited in claim 4, wherein said Extemal-Entity is using said
`
`shared cryptographic algorithm to authenticate a user’s identity based on said
`
`SecureCode.
`
`42. A method as recited in claim 4, wherein said Central-Entity is using said
`
`shared cryptographic algorithm to generate said SecureCode.
`
`43. A method as recited in claim 4, wherein said Central-Entity is using said
`
`shared cryptographic algorithm to authenticate a user’s identity based on said
`
`SecureCode.
`
`44. A method as recited in claim l, wherein said Extemal-Entity and said Central-
`
`Entity are the same entity.
`
`45. The method as recited in claim l, wherein said Central —Entity generates
`
`SecureCode with dependence on at least a dynamic variable.
`
`46. The method as recited in claim 45, wherein said dynamic variable is time.
`
`19
`
`
`
`47. The method as recited in claim l, wherein said Central-Entity generates
`
`SecureCode with dependence on one or more alphanumeric Values.
`
`48. The method as recited in claim 47, wherein said one or more alphanumeric
`
`Values are one or more of the following: unique key, ID, login name, password,
`
`identification phrase, account number, phone number, IP address, Hardware key,
`
`software key or serial number.
`
`49. The method as recited in claim 47, wherein said one or more alphanumeric
`
`Values are seed Values.
`
`50. The method as recited in claim l, wherein said digital identity is a
`
`SecureCode.
`
`5 l. The method as recited in claim l, wherein said user communicates with said
`
`Central-Entity over a communication network.
`
`52. The system as recited in claim 21, wherein said digital identity is a
`
`SecureCode.
`
`53. The method as recited in claim l, wherein said user communicates with said
`
`Extemal-Entity over a communication network.
`
`54. The system as recited in claim 21, wherein said user communicates with said
`
`Central-Entity over a communication network.
`
`55. The system as recited in claim 21, wherein said user communicates with said
`
`Extemal-Entity over a communication network.
`
`56. The method as recited in claim 1, wherein said request is generated based on a
`
`request event which is automatically generated from a computer, server, or central entity.
`
`20
`
`
`
`57. The method as recited in claim 1, wherein said request is generated based on a
`
`request event which is manually generated by an entity or person.
`
`58. The method as recited in claim 1, wherein said request is generated based on a
`
`request event.
`
`59. The method as recited in claim 58, wherein said request event is pressing a
`
`button.
`
`60. The method as recited in claim 58, wherein said request event is a user’s
`
`authentication request at said Extemal-Entity.
`
`61. The method as recited in claim 58, wherein said request event is sending a
`
`message to said Central-Entity.
`
`62. The method as recited in claim 61, wherein said message is a text message.
`
`21
`
`
`
`ABSTRACT OF THE DISCLOSURE
`
`A method and system is provided by a Central-Entity, for identification and
`
`authorization of users over a communication network such as Internet. Central-Entity
`
`centralizes users personal and financial information in a secure environment in order to
`
`prevent the distribution of user’s information in e-commerce. This information is then
`
`used to create digital identity for the users. The digital identity of each user is dynamic,
`
`non predictable and time dependable, because it is a combination of user name and a
`
`dynamic, non predictable and time dependable secure code that will be provided to the
`
`user for his identification. The user will provide his digital identity to an Extemal-Entity
`
`such as merchant or service provider. The Extemal-Entity is dependent on Central-Entity
`
`to identify the user based on the digital identity given by the user. The Extemal-Entity
`
`forwards user’s digital identity to the Central-Entity for identification and authentication
`
`of the user and the transaction. The identification and authentication system provided by
`
`the Central-Entity, determines whether the user is an authorized user by checking
`
`whether the digital identity provided by the user to the Extemal-Entity, corresponds to the
`
`digital identity being held for the user by the authentication system. If they correspond,
`
`then the authentication system identifies the user as an authorized user, and sends an
`
`approval identification and authorization message to the Extemal-Entity, otherwise the
`
`authentication system will not identify the user as an authorized user and sends a denial
`
`identification and authorization message to the Extemal-Entity.
`
`22
`
`
`
`1/5
`
`50
`
`20
`
`External-Entity 1
`
`Communication
`Network
`
`(such as Internet)
`
`20
`
`External-Entity 2
`
`20
`
`External-Entity 3
`
`
`
`
`
`
`
`30
`
`Central-Entity
`
`Figure 1
`
`23
`
`
`
`Personal or Financial information
`
`2/5
`
`SecureCode
`
`Generation
`Account
`
`Creation ‘”\~—— .. \
`V
`» ‘”
`Digital Identity
`“
`
`Comparison
`®e,
`
`Account Information
`
`//i
`
`
`Registration
`
`RequestJReceive SecureCode
`, ,./—\_
`
`
`
`
`,,,.—\.,-""““ xi
`
`Central-Entity
`
`30
`
`V}, Communication
`Network
`
`/
`
`'
`
`/
`
`
`
`_....“
`
`External-Entity
`
`20
`
`§teegFi:tration Phase
`
`Co.) @
`
`Transaction Phase
`Steps:
`
`Q’) G) G) @ ® 6)
`
`Identification&Author
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
