`
`(12) Ulllted States Patent
`Bennett et al.
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 8,781,975 B2
`Jul. 15, 2014
`
`(54) SYSTEM AND METHOD OF FRAUD
`
`(75)
`
`Inventors: Naftali Bennett, New York, NY (US);
`Lior G0lan,Te1AViV(1L);Nira Rivner,
`Ramat Gan (IL)
`
`,
`( * ) Notice:
`
`(73) Assignee: EMC Corporation, Hopkinton, MA
`(US)
`,
`,
`,
`,
`Subject to any d1scla1mer, the term of th1s
`patent is extended or adjusted under 35
`U.S.C. l54(b) by 1436 days.
`
`5,819,226 A
`,
`,
`2132:5221:
`2
`6,233,565 B1
`6,330,546 B1
`6,496,936 B1
`
`,
`,
`6,880,088 B1
`7,051,003 B1
`7,107,295 B2
`7,249,112 B2
`
`10/1998 Gopinathan et al.
`21S 1e
`.
`2/13331-,1
`firlfigggz et a1"
`5/2001 Lewis et al.
`12/2001 Gopinathan et al.
`12/2002 French et al.
`1c 1nson e a .
`ghalgener ettali
`4/2005 Gazier et al.
`5/2006 Kobata et al.
`9/2005 shimizu et 31.
`7/2007 Berardi et a1.
`(Continued)
`
`(21) App1.N0.r 11/134,479
`
`(22)
`
`Filed:
`
`May 23, 2005
`
`FOREIGN PATENT DOCUMENTS
`
`EP
`EP
`
`0 534 673
`1 176 489
`
`3/1993
`1/2002
`
`(65)
`
`Prior Publication Data
`
`US 2005/0273442 A1
`
`Dec. 8, 2005
`
`(Continued)
`
`OTHER PUBLICATIONS
`
`Related U-S- Application Data
`(60) Provisional application No. 60/572,776, filed on May
`213 2004'
`
`International Search Report for International Application No. PCT/
`US04/29690 mailed Mar‘ 9’ 2007'
`(Continued)
`
`(51)
`
`(2012.01)
`
`Int. Cl.
`G06Q 20/00
`(52) US_ CL
`USPC .......................................................... .. 705/67
`(58) Field of Classification Search
`USPC ............ .. 705/67, 16, 21, 59, 71; 380/44, 262,
`380/278, 279
`See application file for complete search history.
`
`(55)
`
`References Cited
`U.S. PATENT DOCUMENTS
`
`4,858,117 A
`5,708,422 A
`
`8/1989 DiChiara et al.
`1/1998 Blonder et al.
`
`.
`.
`. »
`.
`Calvin L Hewitt, II
`Przmary Examiner
`(74) Attorney, Agent, or Fzrm — Ba1nwoodHuang
`
`ABSTRACT
`(57)
`A system and method may allow for extending authentication
`to a two factor, out of band form, requiring an additional data
`element or code via a charmel different from the charmel used
`for the primary transaction, where the different charmel has
`the attribute that it is difficult or costly to achieve many access
`points to it, and it is possible to limit the number of users
`associated with a particular access point to it.
`
`19 Claims, 4 Drawing Sheets
`
`ONLINE SYSTEM
`
`AUTHENTICATION
`LOCAL MODULE
`(PLUG IN)
`
`
`
`
`
`
`HOSTED SYSTEM
`
`TWILIO, INC. EX. 1003
`Page 1
`
`TWILIO, INC. EX. 1003
`Page 1
`
`
`
`US 8,781,975 B2
`Page 2
`
`EP
`JP
`JP
`JP
`JP
`JP
`JP
`W0
`W0
`W0
`
`FOREIGN PATENT DOCUMENTS
`1 339 199
`8/2003
`11212922
`8/1999
`2002—304522
`10/2002
`2003-006161
`1/2003
`2003—091509
`3/2003
`2003—091650
`3/2003
`2003—196566
`7/2003
`W0 99/60482
`11/1999
`W0 01/22651
`3/2001
`W0 01/90861
`11/2001
`
`OTHER PUBLICATIONS
`Supplementary European Search Repoit for Application No. EP 04
`80 9730 dated Dec. 11,2008.
`International Search Report for International Application No. PCT/
`US05/18102 mailed May 23,2007.
`
`* cited by examiner
`
`(56)
`
`References Cited
`U.S. PATENT DOCUMENTS
`
`12/2009 Hoffman
`7,631,193 B1
`................ .. 713/185
`5/2003 Russo etal.
`2003/0101348 A1*
`8/2003 Armington etal.
`......... .. 713/202
`2003/0163739 A1*
`9/2003 Ehlersetal.
`................ .. 713/170
`2003/0172272 A1*
`9/2003 Justice etal.
`............... .. 379/145
`2003/0174823 A1*
`9/2003 Goodman etal.
`2003/0177246 A1
`3/2004 Huang etal.
`2004/0044621 A1
`705/39
`2004/0199462 A1* 10/2004 Starrs ............ ..
`705/64
`2004/0215574 A1* 10/2004 Michelsen etal
`705/40
`2004/0230527 A1* 11/2004 Hansen etal.
`.
`2004/0243832 A1* 12/2004 Wilfetal.
`................... .. 713/200
`2004/0260651 A1* 12/2004 Chan etal.
`.................... .. 705/50
`2005/0097320 A1*
`5/2005 Golan e131.
`, 713/165
`2005/0144279 A1*
`6/2005 Wexelblat
`. 709/225
`2009/0089869 A1*
`4/2009 Varghese
`726/7
`
`2012/0109824 Al*
`5/2012 Takatoriet al.
`............... .. 705/44
`
`
`
`TWILIO, INC. EX. 1003
`Page 2
`
`TWILIO, INC. EX. 1003
`Page 2
`
`
`
`U.S. Patent
`
`Jul. 15, 2014
`
`Sheet 1 014
`
`US 8,781,975 B2
`
`AUTHENTICATION
`
`LOCAL MODULE
`(PLUG IN)
`
`
`
`
`
`HOSTED SYSTEM
`
`FIG]
`
`TWILIO, INC. EX. 1003
`Page 3
`
`TWILIO, INC. EX. 1003
`Page 3
`
`
`
`U.S. Patent
`
`Jul. 15, 2014
`
`Sheet 2 of4
`
`US 8,781,975 B2
`
`12
`
`11
`
`103
`
`AUTHENTICATION
`LOCAL MODULE
`101
`
`ADMIN‘
`APP"
`
`USER
`DEVICE
`
`MAPPWG
`
`
`
`
`
`
`
`
`
` PROXY
`
`A33
`
`108
`
`ALERT
`LEVEL
`MONHOR
`
`
`
`DECISION ENGINE
`
`VALIDATION
`102
`
`MAPPING
`
`
`
`
`
`
`
`
`
`ONLINE SYSTEM
`
`DECISION MAKING
`
`CHANNEL
`USER MAPPING
`
`DB
`
`AUTH ENTI -
`CATION
`
`’ APPUCAHON
`
`
`
`
`EXTERNAL
`COMMUNICATION
`ENGINES
`
`
`
` AUTH ENTICATION
`
`- "4
`
`END USER
`
`lVY(?.£?
`
`
`
`10
`
`TWILIO, INC. EX. 1003
`Page 4
`
`
`
`
`
`
`TWILIO, INC. EX. 1003
`Page 4
`
`
`
`U.S. Patent
`
`Jul. 15, 2014
`
`Sheet 3 014
`
`US 8,781,975 B2
`
`.200
`
`200
`
`200
`
`
`
`
`
`REGULAR
`
`AUTH ENTICATION
`
`EVALUATE
`
`AUTH ENTICATION
`
`200
`
`200
`
`PROCEED TO
`ONLINE APP.
`
`NO
`
`20
`
`0
`
`FURTHER
`CHEC-KS REQUIRED
`'2
`
`YES
`
`.200
`
`USER PROVIDES
`ADDITIONAL CHANNEL
`
`
`
`ADDITIONAL
`
`INFO O..K.
`'2
`
`YES L200
`
`200
`
`200
`
`END
`SESSION
`
`
`
`
`
`
`
`
`SEND A COMPLETION CODE
`VIA ADDITIONAL CHANNEL
`
`USER ENTERS
`
`COMPLETION CODE
`
`ZOO
`
`TWILIO, INC. EX. 1003
`Page 5
`
`TWILIO, INC. EX. 1003
`Page 5
`
`
`
`U.S. Patent
`
`Jul. 15, 2014
`
`Sheet 4 of4
`
`US 8,781,975 B2
`
`RELEASE
`
`360
`
`300
`310
`
`
`RELEASE
`
`350
`
`320
`
`LOW LEVEL
`
`ALERT
`
`330
`
`MEDIUM LEVEL
`
`ALERT
`
`340
`
`HIGH LEVEL
`
`FIG4
`
`TWILIO, INC. EX. 1003
`Page 6
`
`TWILIO, INC. EX. 1003
`Page 6
`
`
`
`1
`SYSTEM AND METHOD OF FRAUD
`REDUCTION
`
`RELATED APPLICATION DATA
`
`The present application claims benefit from prior provi-
`sional application Ser. No. 60/572,776 entitled “System and
`Method of Fraud Reduction”, filed on May 21, 2004, incor-
`porated by reference herein in its entirety.
`
`FIELD OF THE INVENTION
`
`The present invention relates to authentication; more spe-
`cifically the present invention may be used, for example, in
`authenticating parties in a transaction.
`
`BACKGROUND
`
`In parallel to the growth in use of online channels for
`accessing a variety of services, and performing a variety of
`transactions, identity theft has reached epidemic levels, and
`online account takeover and transaction fraud is growing at an
`enormous rate. Parties committing fraud (“fraudsters”) have
`new technologies at their disposal: for example “Trojan
`horses” and key loggers may be installed in unsuspecting
`customers’ computers,
`transmitting personal
`information
`back to the fraudster; and phishing attacks may trick consum-
`ers into giving up personal and financial information (for
`example without limitation: social security number (“SSN”),
`account numbers, banking information, user names and pass-
`words for various services, personal identification numbers
`(“PINs”), credit card numbers, which may be referred to as
`for example “user Credentials” or “Credentials”).
`Recent scams show a sophisticated, determined, innova-
`tive and well organized online crime wave. Fraudsters are
`more adaptive than ever, modifying their modus operandi and
`techniques quickly to exploit new vulnerabilities. While the
`fraudsters do not limit themselves to a specific sector, their
`main focus is on the banking and financial accounts sectors
`(other sectors prone to fraud are government services, ISPs,
`telecom companies and healthcare and many others).
`One issue is authentication—how does a service or trans-
`
`action provider know whether a certain user accessing a ser-
`vice and performing actions at a certain site is who he or she
`claims to be. Using the combination of a login and password
`alone (which still are the most prevalent method of authenti-
`cation) may not be satisfactory.
`Many solutions have been proposed for the problem of
`authentication, however many of them encounter an imbal-
`ance between usability vs. security: they are either not secure
`enough, or, when security is enhanced to satisfactory levels,
`they are cumbersome and expensive to deploy and operate.
`Various service providers may use Credentials in order to
`authenticate users in remote applications. Authentication
`may be required whenever a sensitive operation takes place,
`for example, viewing personal
`information, performing
`financial transactions, updating the user’s profile and more.
`During authentication the user may usually be required to
`supply a pre-established password and optionally an addi-
`tional shared secret between the user and the service provider.
`Users’ credentials may enable access to sensitive information
`as well as funds, and therefore getting hold of them has
`become a popular criminal activity Stealing users’ credentials
`may be done in various ways. For example, theft of a file
`containing credentials from the bank or a third party (includ-
`ing an “inside job”), a large and successful “Phishing” attack,
`keyboard sniffing and more.
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`US 8,781,975 B2
`
`2
`
`When faced with a major theft of user credentials, the
`service provider may execute one or more of the following
`options:
`Provider may operate its business at a much higher risk
`level, for example, may check and analyze transactions to
`make sure no fraudulent activity takes place.
`Provider may perform a costly operation of changing the
`user credentials or deploying a new authentication mecha-
`nism.
`
`Provider may shut down parts of the business in case the
`other two options may not be acceptable.
`Provider may perform other sets of actions.
`The service provider may not have any external alert as to
`the occurrence of a massive credential theft. For example, it
`may not know when a large set of credentials is stolen by an
`insider job, or from a third party service provider. In addition,
`even when a large theft may be known, like in the case of a
`large phishing attempt, the service provider may not know
`when the stolen credentials will actually be used.
`Service providers may be therefore looking for alternative
`authentication options. Some of the alternative solutions
`offered today are:
`1. Provider may ask for shared secret information that
`changes over time and may be therefore more difficult to
`obtain or that may lose its value after some time, as it becomes
`irrelevant, for example, details about recent transactions, or
`invoicing.
`2. Provider may ask for random parts of shared secret
`information, for example, random digits of the password, or
`random data elements out of a set of known data elements
`
`3. Mobile or telephone authentication, for example, mobile
`telephone may be pre-registered to the service and may be
`used to authenticate the user
`4. Token based authentication
`
`The current solutions may not be satisfactory, since none of
`them may strike a good balance between security and usabil-
`ity. Either they may not be secure enough, for example, asking
`for random pieces of a shared secret, information which may
`easily be obtained during the initial user credentials theft,
`may not be usable enough or may be too expensive to actually
`deploy, for example, token authentication which may be
`expensive to implement, may require customer education,
`and deployment ahead of time to all users.
`
`SUMMARY
`
`Embodiments of the present invention may relate to a
`method and system for addressing massive theft (or suspected
`theft) of identification information used in order to access
`services that contain, for example, confidential information
`of the users of those services, services where the user can
`perform sensitive operations or other services. Such identify-
`ing information may include but
`is not
`limited to,
`for
`example, user-names, codes, passwords of any form, or any
`other personal identifying data that can be used in order to
`access services that contain confidential information (re-
`ferred herein as “Credentials” or “User Credentials”).
`Embodiments of the present invention may relate to a
`method and/or system for authenticating a user participating
`in a transaction, for example, a financial transaction, opening
`an account, etc. A user may communicate with an institution
`via a first communication channel such as for example the
`Internet and a web site. The system may transmit a data
`element, for example a code, to the user via a second com-
`munication charmel, (the identification of which may be pro-
`vided by the user, or may be generated in another manner), for
`example, a telephone connection, e-mail connection etc. The
`
`TWILIO, INC. EX. 1003
`Page 7
`
`TWILIO, INC. EX. 1003
`Page 7
`
`
`
`US 8,781,975 B2
`
`3
`authentication system may receive the data element from the
`user via the first communication channel and may determine,
`based on the data element, if the user is allowed to perform a
`transaction. In some embodiments, the transmitting of the
`data element to a user and receiving the data element from the
`user may be done only if an alert level is not sufficient, or is a
`certain level. The authentication system may allow the user to
`proceed with the transaction only if the data element received
`via the second communication channel is supplied correctly
`via a first communication channel, for example, the received
`code matches the sent code. In some embodiments the first
`
`communication channel may be a telephone connection while
`the second communication charmel may be the Internet; other
`suitable channels may be used. The second communication
`channel may or may not be the communication channel by
`which the transaction is conducted.
`
`A system and method according to one embodiment may,
`during a transaction with a user, transmit to the user, via a first
`communication charmel, a code; and receive from the user,
`via a second communication channel, the code. The transac-
`tion may proceed, or the user may be authenticated, if the
`code matches. A system and method according to one
`embodiment may conduct transactions with a number of
`users, ensuring that for each of a set of first communications
`channels, only a certain number of users can use a particular
`access point to that first communication charmel. The second
`communication channel may be the communication channel
`by which the transaction is conducted; but
`in alternate
`embodiments need not be.
`
`Some embodiments of the present invention may relate to
`a method and/or system for authenticating a user participating
`in a transaction, for example, a financial transaction, opening
`an account, a password recovery, etc. A user may communi-
`cate with an institution via a communication channel such as
`
`for example the Internet and a web site. The system may
`transmit a data element, for example a code, to the user via a
`different communication charmel (the identification of which
`may be provided by e.g. the user, or may be generated in
`another manner), for example, a telephone connection, e-mail
`connection etc.
`
`The authentication system may receive the data element
`from the user via a communication charmel and may deter-
`mine, based on the data element, if the user is allowed to
`perform a transaction. In some embodiments one of the com-
`munication channels may have characteristics that it may be
`difficult and/or expensive to obtain many access points to it.
`In some embodiments, the transmitting ofthe data element to
`a user and receiving the data element from the user may be
`done when there is a greater probability of transaction risk.
`The authentication system may allow the user to proceed with
`the transaction only if the data element received via one
`communication charmel is supplied correctly via a different
`communication channel, for example,
`the received code
`matches the sent code. In some embodiments one communi-
`
`cation channel may be a telephone connection while the other
`communication channel may be the Internet; other suitable
`channels may be used The other communication channel may
`or may not be the communication charmel by which the
`transaction is conducted. Some embodiment of the present
`invention may include initiating contacting with a user via
`one of the communication charmels.
`
`A system and method according to one embodiment may,
`during a transaction with a user, transmit to the user, via one
`communication charmel, a code; and receive from the user,
`via a different communication channel, the code. The trans-
`action may proceed, or the user may be authenticated, if the
`code matches. A system and method according to one
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`4
`
`embodiment may conduct transactions with a number of
`users, ensuring that for each one of the communication chan-
`nels, only a certain number of users can use each access point
`to such communication charmel. One of the communication
`
`channels may be the communication charmel by which the
`transaction is conducted; but in alternate embodiments need
`not be. In some embodiments the code may be transmitted
`only on the suspicion as to the existence of a certain risk level.
`The risk level may be related to the transaction in some
`embodiments; but in alternate embodiments the risk level
`may be related to an event outside of the transaction. In some
`embodiments it may be possible to limit the number of users
`who may use an access point to one of the communication
`channels, for example, no more than N users may be permit-
`ted to use an access point to one of the communication chan-
`nels. In some embodiments the access point to one of the
`communication charmels may be invalid if, for example, it has
`existed for fewer than N days. The identity ofthe access point
`to one of the communication channels may be collected
`before a transaction or during a transaction.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`The subject matter regarded as the invention is particularly
`pointed out and distinctly claimed in the concluding portion
`of the specification. The invention, however, both as to orga-
`nization and method of operation, together with objects, fea-
`tures and advantages thereof, may best be understood by
`reference to the following detailed description when read
`with the accompanied drawings in which:
`FIG. 1 depicts an authentication system according to one
`embodiment of the present invention;
`FIG. 2 depicts an authentication system according to one
`embodiment of the present invention;
`FIG. 3 is a flowchart depicting a process according to an
`embodiment of the present invention; and
`FIG. 4 is a flowchart depicting a process for moving
`between alert levels according to an embodiment of the
`present invention.
`Reference numerals may be repeated among the figures to
`indicate corresponding or analogous elements.
`
`DETAILED DESCRIPTION
`
`In the following detailed description, numerous specific
`details are set forth in order to provide a thorough understand-
`ing of the invention. However it will be understood by those
`of ordinary skill in the art that the present invention may be
`practiced without these specific details. In other instances,
`well-known methods, procedures, components and circuits
`have not been described in detail so as not to obscure the
`
`present invention. Various modifications to the described
`embodiments will be apparent to those with skill in the art,
`and the general principles defined herein may be applied to
`other embodiments. The present invention is not intended to
`be limited to the particular embodiments
`shown and
`described.
`
`Unless specifically stated otherwise, as apparent from the
`following discussions, it is appreciated that throughout the
`specification, discussions utilizing terms such as “process-
`ing,” “computing,” “calculating,” “determining,” or the like,
`may refer in whole or in part to the action and/or processes of
`a processor, computer or computing system, or similar elec-
`tronic computing device, that manipulate and/or transform
`data represented as physical, such as electronic, quantities
`within the system’ s registers and/or memories into other data
`similarly represented as physical quantities within the sys-
`
`TWILIO, INC. EX. 1003
`Page 8
`
`TWILIO, INC. EX. 1003
`Page 8
`
`
`
`US 8,781,975 B2
`
`5
`tem’s memories, registers or other such information storage,
`transmission or display devices.
`The processes presented herein are not inherently related to
`any particular computer, processing device, article or other
`apparatus. An example of a structure for a variety of these
`systems will appear from the description below. In addition,
`embodiments of the present invention are not described with
`reference to any particular processor, programming language,
`machine code, etc. It will be appreciated that a variety of
`programming languages, machine codes, etc. may be used to
`implement the teachings of the invention as described herein.
`Embodiments of the invention may be used so Service
`Providers that may provide services containing confidential
`information, will be able to continue providing access to such
`services to their users, for example, in the face of massive
`theft, or suspected theft of credentials of the users of their
`services. It will be appreciated, however that the present
`invention may not be limited to usage by service providers,
`but rather may also be used by the government, and any other
`authority or entity that offers access to information of confi-
`dential or private nature.
`A system and method may allow for extending authentica-
`tion to a two factor, out ofband form, requiring for example an
`additional data element or code via a channel different from
`
`the charmel used for the primary transaction. The system may
`contact a user who may wish to conduct a transaction via a
`communication charmel, which may be the communication
`channel of conducting the transaction or an additional com-
`munication channel, and provide the user with a secret, for
`example, a code or a data element. The user may provide the
`system with the secret via a communication channel which is
`different from the channel the secret may be received by. For
`example, a user may log in to a web via the Internet and the
`system may contact the user by sending a SMS with a code to
`the user’s mobile telephone. The user may enter the code
`received via the second channel (e g., the mobile phone) via
`the first channel (e.g., the Internet) in order to access the
`system. In another embodiment the user may receive the code
`via the first channel (e.g., the Internet) and the system may
`contact the user via the second charmel, for example a land-
`line telephone and may request the user to supply the code via
`the second charmel. In other embodiments the user may con-
`tact the system via a second channel and may supply the
`secret via a first or a second channel.
`
`An embodiment of the invention and system may be used,
`for example, by financial institutions (FIs), or non-financial
`institutions to address massive credentials theft or suspected
`theft of their users and members. The present invention may
`be relevant to anyone that operates a service requiring remote
`customer access using some form of credentials and that may
`be subjected to any kind of credential exposure. An FI that
`may be using an embodiment of the invention may not be
`required to distribute any hardware ahead of time, nor may it
`be required to educate its users. The FI may deploy a method
`according to one embodiment exactly when needed and
`where needed. An embodiment ofthe invention may therefore
`provide a high level of protection against any kind of theft of
`credentials, at low cost.
`Some embodiments ofthe present invention may include a
`system and/or method which may provide flexible transaction
`processing based on for example the risk assessment or risk
`level of a transaction and/or a user or party to a transaction.
`For example, based on a risk level, a level of authentication or
`other aspects of a transaction may be set or altered.
`It will be appreciated by persons skilled in the art that this
`system and method may not be limited to use by financial
`institutions, but rather by any Service provider, that users may
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`6
`be required to authenticate themselves in order to gain access
`to the services. Moreover, in some embodiments reference
`may be made to a telephone and a telephone number, as the
`second factor for the authentication. While a telephone line
`and number may correspond to the requirements defined
`herein for the second communication channel, it should be
`appreciated by persons skilled in the art that other communi-
`cation channels may be used as well, and the telephone may
`be used in order to provide a simple illustration of a certain
`embodiments of this invention.
`
`It will also be appreciated by persons skilled in the art that
`the “Users” referred to herein, could be individuals as well as
`corporations and other legal entities. The alert levels or levels
`of fraud alert referred to in the following sections may be
`intended as an illustration and there may be many other con-
`figurations intended to distinguish between various levels of
`fraud attack or suspected attack.
`The system and method described herein may be imple-
`mented whenever massive Credentials’ theft may occur, as
`well as when it is suspected to have occurred, or anytime.
`One ofthe advantages of an embodiment ofthe invention is
`that it may be deployed immediately when needed and where
`needed, and may have very low operational and deployment
`costs, moreover, it may not require prior access such as, for
`example, pre-enrolment, or pre-distribution of hardware to
`users, who may be potential victims of such theft.
`An embodiment of the invention may extend authentica-
`tion to a two-factor out-of-band form, requiring an additional
`data element, in addition to the credentials, to be transmitted
`to the user via a different channel. In one embodiment such
`
`second charmel may be, but is not limited to a mobile tele-
`phone or a landline telephone, or a pager, or any channel that
`has the characteristic that it is difficult either logistically,
`money-wise, or time-wise, to obtain access to many access
`points to it, for example, it may be difficult and/or expensive
`to own numerous telephone lines, or mobile numbers or
`beeper numbers, and in a preferable embodiment of this
`invention, it may be widely available and easy to access by
`users (on an individual basis). Charmels not having such
`characteristics may be used for out-of-band communication.
`It should be noted that unlike typical two-factor authenti-
`cation methods, the additional authentication channel (e.g., a
`channel used outside a normal process or channel for authen-
`tication or identification) may not be previously uniquely
`linked to a user, and therefore there may not be a need for prior
`access to the users, for example, in the form of registration,
`distribution of hardware or education of users, prior to
`deploying a method according to one embodiment.
`In one embodiment, the system may ensure that for each of
`an out-of-band or secondary communication channel, only
`one or a certain number of users or accounts can use this
`
`channel for authentication. Security may be achieved by for
`example limiting the number of different user service
`accounts that may use the same authentication charmel. For
`example, ifthe service is a bank account, such limitation may
`be achieved by limiting the number ofbar1k accounts that may
`be linked to a certain telephone number, or by limiting the
`number ofusers who may link their accounts to that telephone
`number, based on for example name/SSN/whether they are
`members of the same family, and by deploying as part of a
`method according to one embodiment only those channels
`that may have the characteristic that it may be difficult (e.g.,
`logistically, money-wise, or time-wise) to obtain access to
`many access points to it. For example, it may be both expen-
`sive and logistically difficult to obtain access to a significant
`number of land-line telephone numbers.
`
`TWILIO, INC. EX. 1003
`Page 9
`
`TWILIO, INC. EX. 1003
`Page 9
`
`
`
`US 8,781,975 B2
`
`7
`The deployment of an embodiment ofthe invention may be
`governed and set according to criteria intended to specify the
`level of the threat of fraud. It may also be applied selectively
`to users according to various criteria intended to assess the
`probability of fraud, for example, at various levels of fraud
`users logging into a service from their typical IP location may
`be exempt from a method according to one embodiment, or
`users who may perform a successful out of band authentica-
`tion, for example from a certain location (such as computer or
`ATM machine) may be exempt from extra authentication in
`their next attempt to access the service from the same loca-
`tion).
`Embodiments of the invention may pertain to a two factor
`authentications using a communication charmel that meets
`certain criteria. Users may be authenticated using a combina-
`tion of their regular Credentials and proof that the user may
`have access to a communication channel that meets the cri-
`
`teria of this method, for example, without limitation, such
`proof could be delivered by the user presenting a dynamic
`piece of data that may be delivered to it via a communication
`channel that meets the criteria of this method, by the user
`showing it knows the content of this dynamic data, or by the
`user initiating a call from a telephone or a charmel to a certain
`telephone number. The criteria that the additional communi-
`cation channel may need to meet under this method, may be
`that it would be difficult and/or cumbersome and/or expensive
`to obtain a significant number of it, for example, without
`limitation, it is expensive and cumbersome to obtain numer-
`ous telephone or mobile telephone numbers including access
`to them. Security may be achieved not only by selecting such
`a type of commumcation channel for delivery ofthe dynamic
`password, but also by restricting the number of, for example,
`users or user accounts, or any other number of distinct values
`of a property of the users or accounts, such as owner name,
`SSN, billing address, that may be linked to a particular chan-
`nel. This method may be used either with respect to users may
`have pre-registered the details of their secondary authentica-
`tion charmel, as well as with respect to users who may not
`pre-registered With respect to the latter, such details may be
`collected during the authentication session.
`Other secondary communication charmels having other
`characteristics, for example that may not be difiicult to obtain,
`may be used.
`This method may more generally be seen as a method for
`achieving a sufficient level of security in authentication not by
`actually validating user’s identity but rather by (i) requiring
`users to provide details of “something” that may be either
`expensive, complicated or hard to achieve in large numbers
`(e.g., it may be something that meets the above criteria, but
`that may be readily available, such as for example, a tele-
`phone line); and (ii) by limiting the number of different user
`service accounts or users who may use the same “something”
`for authentication.
`
`FIG. 1 depicts an authentication system 10 according to
`one embodiment ofthe present invention. Referring to FIG. 1,
`an end user 14 may use a terminal such as a personal com-
`puter, automated teller machine, PDA, telephone, cellular
`device, or other computing device may wish to conduct a
`transaction (e.g., login to a service, make a purchase, opening
`a financial account, etc.) with an institution 18. Institution 18
`may be, for example, a provider that may provide services
`containing confidential or private information, for example, a
`financial
`institution (“FI”) system, government agencies,
`health institution, communication service provider or any
`other institution, authority or entity. End user 14 and institu-
`tion 18 may communicate, for example, via one or more
`communications network(s) 15 such as, for example, the
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`8
`Internet, a cellular system, intranets, data lines, a combination
`of networks, etc. In one embodiment, institution 18 may
`provide a web page which is displayed on the user’s computer
`system; in such case a processor or controller executing a part
`ofa method according to an embodiment ofthe invention may
`be located at an end user 14. The institution 18 may include a
`hosted system, which his not necessarily hosted outside ofthe
`institution (“HS”) 11 and an online system (“OS”) 12 which
`may include an authentication local module 13. In some
`embodiments of the present invention, the HS 11 may be
`located inside the institution 18 while in other embodiments
`
`the HS 11 may be, for example, located outside the institution
`18, or may be a separate service which may be operated by the
`institution 18 or another service provider. For example, insti-
`tution 18 may include OS 12, for example a system handling
`online transactions, and HS 11 may be a third-party provided
`system, physically and organizationally separate from insti-
`tution 18. In such embodiments the HS 11 may communicate
`with the institution 18 via a plug in 13; plug in capability may
`be used ifthe HS is included within the institution 18. The OS
`
`12 may be, for exa