(19) United States
`(12) Patent Application Publication (10) Pub. No.: US 2005/0273442 A1
`(43) Pub. Date:
`Dec. 8, 2005
`Bennett et al.
`
`US 20050273442A1
`
`(54) SYSTEM AND METHOD OF FRAUD
`REDUCTION
`
`(76) Inventors: Naftali Bennett, New York, NY (US);
`Lior Golan, Tel Aviv (IL); Nira
`Rivner, Ramat Gan (IL)
`
`Correspondence Address:
`PEARL COHEN ZEDEK, LLP
`10 ROCKEFELLER PLAZA
`SUITE 1001
`NEW YORK, NY 10020 (US)
`
`(21) Appl. No.:
`
`11/134,479
`
`(22) Filed:
`
`May 23, 2005
`
`Related US. Application Data
`
`(60) Provisional application No. 60/572,776, ?led on May
`21, 2004.
`
`Publication Classi?cation
`
`(51) Int. Cl? ..................................................... ..H04K 1/00
`(52) Us. 01. .............................................................. .. 705/67
`
`ABSTRACT
`(57)
`A system and method may alloW for extending authentica
`tion to a tWo factor, out of band form, requiring an additional
`data element or code via a channel different from the channel
`used for the primary transaction, Where the different channel
`has the attribute that it is dif?cult or costly to achieve many
`access points to it, and it is possible to limit the number of
`users associated With a particular access point to it.
`
`/-‘1-4
`
`END
`USER
`
`1 5
`
`K18
`
`K12
`
`ON Ll NE SYSTEM
`
`AUTHENTICATION
`LOCAL MODULE
`(PLUG IN)
`
`J1 3
`
`K11
`
`HOSTED SYSTEM
`
`TWILIO, INC. EX. 1031
`Page 1
`
`

`
`Patent Application Publication Dec. 8,2005 Sheet 1 of4
`
`US 2005/0273442 A1
`
`K14
`
`I
`
`ONLINE SYSTEM
`
`‘
`
`12
`
`/
`
`UE§EDR
`
`'
`
`g
`
`15
`
`}
`AUTHENTICATION
`LOCAL MODULE $13
`(PLUG IN)
`
`\-/—-17
`
`K11
`
`HOSTED SYSTEM
`
`FIG]
`
`TWILIO, INC. EX. 1031
`Page 2
`
`

`
`Patent Application Publication Dec. 8, 2005 Sheet 2 0f 4
`
`US 2005/0273442 A1
`
`12
`(
`
`1(3
`AUTHENTICATION
`LOOAL MODULE
`TOT
`
`HS
`
`vALIDATION ‘
`
`‘13
`N
`
`11
`(
`
`1(04
`193
`ADI/"NI _ QSFEE
`APP"
`—'
`DB
`L
`TOT
`
`195
`‘ USER
`DEVICE
`MAPPING
`TOG
`
`ALERT ‘
`LEVEL
`MONITOR
`
`RISK
`ASS
`"
`
`198
`
`DEOISION ENGINE
`
`DECIS|ON MAK|NG
`
`102
`I
`
`PROXY
`MAPPING
`
`ONLINE SYSTEM
`‘
`12
`
`I
`
`I09
`(
`HISTORY
`DB
`
`111
`I
`
`—
`
`V
`AUTHENTI
`’ GATION
`APPLIOATION
`
`I10
`I
`
`CHANNEL
`USER MAPPING
`DB
`
`I12
`
`(
`
`HSM
`
`113
`(
`
`EXTERNAL
`COMMUNICATION
`ENGINES
`
`V
`
`H6 ‘
`
`AUTHENTICATION
`
`HOSTED SYSTEM
`1I4
`
`i
`
`END USER
`
`\
`
`TWILIO, INC. EX. 1031
`Page 3
`
`

`
`Patent Application Publication Dec. 8, 2005 Sheet 3 0f 4
`
`US 2005/0273442 A1
`
`_ REGULAR I
`
`AUTHENTICATION
`
`I
`
`EVALUATE
`AUTH ENTICATION
`
`"\JZOO
`
`N200
`
`[200
`PROCEED TO
`'ONLINE APPv
`A
`
`ZOO
`
`NO
`
`FURTHER
`CHECKS REQUIRED
`
`200
`
`? .
`
`YES
`
`200
`
`USER PROVIDES
`ADDITIONAL CHANNEL
`
`"\200
`
`ADDITIONAL
`
`r200
`END
`SESSION
`A
`
`V200 '
`
`SEND A COMPLETION CODE
`vIA ADDITIONAL CHANNEL N200
`I
`
`USER ENTERS
`COMPLETION CODE
`
`‘M200
`
`V200
`
`NO
`
`YES
`
`FIGS
`
`TWILIO, INC. EX. 1031
`Page 4
`
`

`
`Patent Application Publication Dec. 8, 2005 Sheet 4 0f 4
`
`US 2005/0273442 A1
`
`LOW LEvEL
`
`f' 300
`
`ALERT
`330
`
`RELEASE
`360
`
`MEDIUM LEvEL
`
`L/~510
`
`ALERT
`
`RELEASE
`
`340
`
`'
`
`350
`
`HIGH LEvEL f 320
`
`FIG. 4
`
`TWILIO, INC. EX. 1031
`Page 5
`
`

`
`US 2005/0273442 A1
`
`Dec. 8, 2005
`
`SYSTEM AND METHOD OF FRAUD REDUCTION
`
`RELATED APPLICATION DATA
`
`[0001] The present application claims bene?t from prior
`provisional application Ser. No. 60/572,776 entitled “Sys
`tem and Method of Fraud Reduction”, ?led on May 21,
`2004, incorporated by reference herein in its entirety.
`
`FIELD OF THE INVENTION
`
`[0002] The present invention relates to authentication;
`more speci?cally the present invention may be used, for
`example, in authenticating parties in a transaction.
`
`BACKGROUND
`
`[0003] In parallel to the groWth in use of online channels
`for accessing a variety of services, and performing a variety
`of transactions, identity theft has reached epidemic levels,
`and online account takeover and transaction fraud is groW
`ing at an enormous rate. Parties committing fraud (“fraud
`sters”) have neW technologies at their disposal: for example
`“Trojan horses” and key loggers may be installed in unsus
`pecting customers’ computers, transmitting personal infor
`mation back to the fraudster; and phishing attacks may trick
`consumers into giving up personal and ?nancial information
`(for example Without limitation: social security number
`(“SSN”), account numbers, banking information, user
`names and passWords for various services, personal identi
`?cation numbers (“PINs”), credit card numbers, Which may
`be referred to as for example “user Credentials” or “Cre
`dentials”).
`[0004] Recent scams shoW a sophisticated, determined,
`innovative and Well organiZed online crime Wave. Fraud
`sters are more adaptive than ever, modifying their modus
`operandi and techniques quickly to exploit neW vulnerabili
`ties. While the fraudsters do not limit themselves to a
`speci?c sector, their main focus is on the banking and
`?nancial accounts sectors (other sectors prone to fraud are
`government services, ISPs, telecom companies and health
`care and many others).
`
`[0005] One issue is authentication—hoW does a service or
`transaction provider knoW Whether a certain user accessing
`a service and performing actions at a certain site is Who he
`or she claims to be. Using the combination of a login and
`passWord alone (Which still are the most prevalent method of
`authentication) may not be satisfactory.
`[0006] Many solutions have been proposed for the prob
`lem of authentication, hoWever many of them encounter an
`imbalance betWeen usability vs. security: they are either not
`secure enough, or, When security is enhanced to satisfactory
`levels, they are cumbersome and expensive to deploy and
`operate.
`[0007] Various service providers may use Credentials in
`order to authenticate users in remote applications. Authen
`tication may be required Whenever a sensitive operation
`takes place, for example, vieWing personal information,
`performing ?nancial transactions, updating the user’s pro?le
`and more.
`
`provider. Users’ credentials may enable access to sensitive
`information as Well as funds, and therefore getting hold of
`them has become a popular criminal activity Stealing users’
`credentials may be done in various Ways. For example, theft
`of a ?le containing credentials from the bank or a third party
`(including an “inside job”), a large and successful “Phish
`ing” attack, keyboard sniffing and more.
`
`[0009] When faced With a major theft of user credentials,
`the service provider may execute one or more of the fol
`loWing options:
`[0010] Provider may operate its business at a much higher
`risk level, for example, may check and analyZe transactions
`to make sure no fraudulent activity takes place.
`[0011] Provider may perform a costly operation of chang
`ing the user credentials or deploying a neW authentication
`mechanism.
`
`[0012] Provider may shut doWn parts of the business in
`case the other tWo options may not be acceptable.
`
`[0013] Provider may perform other sets of actions.
`
`[0014] The service provider may not have any external
`alert as to the occurrence of a massive credential theft. For
`example, it may not knoW When a large set of credentials is
`stolen by an insider job, or from a third party service
`provider. In addition, even When a large theft may be knoWn,
`like in the case of a large phishing attempt, the service
`provider may not knoW When the stolen credentials Will
`actually be used.
`[0015] Service providers may be therefore looking for
`alternative authentication options. Some of the alternative
`solutions offered today are:
`
`[0016] 1. Provider may ask for shared secret information
`that changes over time and may be therefore more difficult
`to obtain or that may lose its value after some time, as it
`becomes irrelevant, for example, details about recent trans
`actions, or invoicing.
`
`[0017] 2. Provider may ask for random parts of shared
`secret information, for example, random digits of the pass
`Word, or random data elements out of a set of knoWn data
`elements
`
`[0018] 3. Mobile or telephone authentication, for example,
`mobile telephone may be pre-registered to the service and
`may be used to authenticate the user
`
`[0019] 4. Token based authentication
`
`[0020] The current solutions may not be satisfactory, since
`none of them may strike a good balance betWeen security
`and usability. Either they may not be secure enough, for
`example, asking for random pieces of a shared secret,
`information Which may easily be obtained during the initial
`user credentials theft, may not be usable enough or may be
`too expensive to actually deploy, for example, token authen
`tication Which may be expensive to implement, may require
`customer education, and deployment ahead of time to all
`users.
`
`SUMMARY
`
`[0008] During authentication the user may usually be
`required to supply a pre-established passWord and optionally
`an additional shared secret betWeen the user and the service
`
`[0021] Embodiments of the present invention may relate
`to a method and system for addressing massive theft (or
`suspected theft) of identi?cation information used in order to
`
`TWILIO, INC. EX. 1031
`Page 6
`
`

`
`US 2005/0273442 A1
`
`Dec. 8, 2005
`
`access services that contain, for example, con?dential infor
`mation of the users of those services, services Where the user
`can perform sensitive operations or other services. Such
`identifying information may include but is not limited to, for
`example, user-names, codes, passWords of any form, or any
`other personal identifying data that can be used in order to
`access services that contain con?dential information
`(referred herein as “Credentials” or “User Credentials”).
`
`[0022] Embodiments of the present invention may relate
`to a method and/or system for authenticating a user partici
`pating in a transaction, for example, a ?nancial transaction,
`opening an account, etc. A user may communicate With an
`institution via a ?rst communication channel such as for
`example the Internet and a Web site. The system may
`transmit a data element, for example a code, to the user via
`a second communication channel, (the identi?cation of
`Which may be provided by the user, or may be generated in
`another manner), for example, a telephone connection,
`e-mail connection etc. The authentication system may
`receive the data element from the user via the ?rst commu
`nication channel and may determine, based on the data
`element, if the user is alloWed to perform a transaction. In
`some embodiments, the transmitting of the data element to
`a user and receiving the data element from the user may be
`done only if an alert level is not suf?cient, or is a certain
`level. The authentication system may alloW the user to
`proceed With the transaction only if the data element
`received via the second communication channel is supplied
`correctly via a ?rst communication channel, for example, the
`received code matches the sent code. In some embodiments
`the ?rst communication channel may be a telephone con
`nection While the second communication channel may be the
`Internet; other suitable channels may be used. The second
`communication channel may or may not be the communi
`cation channel by Which the transaction is conducted.
`
`[0023] A system and method according to one embodi
`ment may, during a transaction With a user, transmit to the
`user, via a ?rst communication channel, a code; and receive
`from the user, via a second communication channel, the
`code. The transaction may proceed, or the user may be
`authenticated, if the code matches. A system and method
`according to one embodiment may conduct transactions With
`a number of users, ensuring that for each of a set of ?rst
`communications channels, only a certain number of users
`can use a particular access point to that ?rst communication
`channel. The second communication channel may be the
`communication channel by Which the transaction is con
`ducted; but in alternate embodiments need not be.
`
`[0024] Some embodiments of the present invention may
`relate to a method and/or system for authenticating a user
`participating in a transaction, for example, a ?nancial trans
`action, opening an account, a passWord recovery, etc. Auser
`may communicate With an institution via a communication
`channel such as for example the Internet and a Web site. The
`system may transmit a data element, for example a code, to
`the user via a different communication channel (the identi
`?cation of Which may be provided by eg the user, or may
`be generated in another manner), for example, a telephone
`connection, e-mail connection etc.
`
`[0025] The authentication system may receive the data
`element from the user via a communication channel and may
`determine, based on the data element, if the user is alloWed
`
`to perform a transaction. In some embodiments one of the
`communication channels may have characteristics that it
`may be dif?cult and/or expensive to obtain many access
`points to it. In some embodiments, the transmitting of the
`data element to a user and receiving the data element from
`the user may be done When there is a greater probability of
`transaction risk. The authentication system may alloW the
`user to proceed With the transaction only if the data element
`received via one communication channel is supplied cor
`rectly via a different communication channel, for example,
`the received code matches the sent code. In some embodi
`ments one communication channel may be a telephone
`connection While the other communication channel may be
`the Internet; other suitable channels may be used The other
`communication channel may or may not be the communi
`cation channel by Which the transaction is conducted. Some
`embodiment of the present invention may include initiating
`contacting With a user via one of the communication chan
`nels.
`
`[0026] A system and method according to one embodi
`ment may, during a transaction With a user, transmit to the
`user, via one communication channel, a code; and receive
`from the user, via a different communication channel, the
`code. The transaction may proceed, or the user may be
`authenticated, if the code matches. A system and method
`according to one embodiment may conduct transactions With
`a number of users, ensuring that for each one of the
`communication channels, only a certain number of users can
`use each access point to such communication channel. One
`of the communication channels may be the communication
`channel by Which the transaction is conducted; but in
`alternate embodiments need not be. In some embodiments
`the code may be transmitted only on the suspicion as to the
`existence of a certain risk level. The risk level may be related
`to the transaction in some embodiments; but in alternate
`embodiments the risk level may be related to an event
`outside of the transaction. In some embodiments it may be
`possible to limit the number of users Who may use an access
`point to one of the communication channels, for example, no
`more than N users may be permitted to use an access point
`to one of the communication channels. In some embodi
`ments the access point to one of the communication chan
`nels may be invalid if, for example, it has existed for feWer
`than N days. The identity of the access point to one of the
`communication channels may be collected before a trans
`action or during a transaction.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`[0027] The subject matter regarded as the invention is
`particularly pointed out and distinctly claimed in the con
`cluding portion of the speci?cation. The invention, hoWever,
`both as to organiZation and method of operation, together
`With objects, features and advantages thereof, may best be
`understood by reference to the folloWing detailed descrip
`tion When read With the accompanied draWings in Which:
`
`[0028] FIG. 1 depicts an authentication system according
`to one embodiment of the present invention;
`
`[0029] FIG. 2 depicts an authentication system according
`to one embodiment of the present invention;
`
`[0030] FIG. 3 is a ?oWchart depicting a process according
`to an embodiment of the present invention; and
`
`TWILIO, INC. EX. 1031
`Page 7
`
`

`
`US 2005/0273442 A1
`
`Dec. 8, 2005
`
`[0031] FIG. 4 is a ?owchart depicting a process for
`moving between alert levels according to an embodiment of
`the present invention.
`
`[0032] Reference numerals may be repeated among the
`?gures to indicate corresponding or analogous elements.
`
`DETAILED DESCRIPTION
`
`[0033] In the folloWing detailed description, numerous
`speci?c details are set forth in order to provide a thorough
`understanding of the invention. HoWever it Will be under
`stood by those of ordinary skill in the art that the present
`invention may be practiced Without these speci?c details. In
`other instances, Well-knoWn methods, procedures, compo
`nents and circuits have not been described in detail so as not
`to obscure the present invention. Various modi?cations to
`the described embodiments Will be apparent to those With
`skill in the art, and the general principles de?ned herein may
`be applied to other embodiments. The present invention is
`not intended to be limited to the particular embodiments
`shoWn and described.
`
`[0034] Unless speci?cally stated otherWise, as apparent
`from the folloWing discussions, it is appreciated that
`throughout the speci?cation, discussions utiliZing terms
`such as "processing,”“computing, ”“calculating,”“determin
`ing,” or the like, may refer in Whole or in part to the action
`and/or processes of a processor, computer or computing
`system, or similar electronic computing device, that manipu
`late and/or transform data represented as physical, such as
`electronic, quantities Within the system’s registers and/or
`memories into other data similarly represented as physical
`quantities Within the system’s memories, registers or other
`such information storage, transmission or display devices.
`
`[0035] The processes presented herein are not inherently
`related to any particular computer, processing device, article
`or other apparatus. An example of a structure for a variety
`of these systems Will appear from the description beloW. In
`addition, embodiments of the present invention are not
`described With reference to any particular processor, pro
`gramming language, machine code, etc. It Will be appreci
`ated that a variety of programming languages, machine
`codes, etc. may be used to implement the teachings of the
`invention as described herein.
`
`[0036] Embodiments of the invention may be used so
`Service Providers that may provide services containing
`con?dential information, Will be able to continue providing
`access to such services to their users, for example, in the face
`of massive theft, or suspected theft of credentials of the users
`of their services. It Will be appreciated, hoWever that the
`present invention may not be limited to usage by service
`providers, but rather may also be used by the government,
`and any other authority or entity that offers access to
`information of con?dential or private nature.
`
`[0037] A system and method may alloW for extending
`authentication to a tWo factor, out of band form, requiring for
`example an additional data element or code via a channel
`different from the channel used for the primary transaction.
`The system may contact a user Who may Wish to conduct a
`transaction via a communication channel, Which may be the
`communication channel of conducting the transaction or an
`additional communication channel, and provide the user
`With a secret, for example, a code or a data element. The user
`
`may provide the system With the secret via a communication
`channel Which is different from the channel the secret may
`be received by. For example, a user may log in to a Web via
`the Internet and the system may contact the user by sending
`a SMS With a code to the user’s mobile telephone. The user
`may enter the code received via the second channel (e g., the
`mobile phone) via the ?rst channel (e.g., the Internet) in
`order to access the system. In another embodiment the user
`may receive the code via the ?rst channel (e.g., the Internet)
`and the system may contact the user via the second channel,
`for example a landline telephone and may request the user
`to supply the code via the second channel. In other embodi
`ments the user may contact the system via a second channel
`and may supply the secret via a ?rst or a second channel.
`
`[0038] An embodiment of the invention and system may
`be used, for example, by ?nancial institutions (FIs), or
`non-?nancial institutions to address massive credentials
`theft or suspected theft of their users and members. The
`present invention may be relevant to anyone that operates a
`service requiring remote customer access using some form
`of credentials and that may be subjected to any kind of
`credential exposure. An FI that may be using an embodiment
`of the invention may not be required to distribute any
`hardWare ahead of time, nor may it be required to educate its
`users. The El may deploy a method according to one
`embodiment exactly When needed and Where needed. An
`embodiment of the invention may therefore provide a high
`level of protection against any kind of theft of credentials, at
`loW cost.
`
`[0039] Some embodiments of the present invention may
`include a system and/or method Which may provide ?exible
`transaction processing based on for example the risk assess
`ment or risk level of a transaction and/or a user or party to
`a transaction. For example, based on a risk level, a level of
`authentication or other aspects of a transaction may be set or
`altered.
`[0040] It Will be appreciated by persons skilled in the art
`that this system and method may not be limited to use by
`?nancial institutions, but rather by any Service provider, that
`users may be required to authenticate themselves in order to
`gain access to the services. Moreover, in some embodiments
`reference may be made to a telephone and a telephone
`number, as the second factor for the authentication. While a
`telephone line and number may correspond to the require
`ments de?ned herein for the second communication channel,
`it should be appreciated by persons skilled in the art that
`other communication channels may be used as Well, and the
`telephone may be used in order to provide a simple illus
`tration of a certain embodiments of this invention.
`
`[0041] It Will also be appreciated by persons skilled in the
`art that the “Users” referred to herein, could be individuals
`as Well as corporations and other legal entities. The alert
`levels or levels of fraud alert referred to in the folloWing
`sections may be intended as an illustration and there may be
`many other con?gurations intended to distinguish betWeen
`various levels of fraud attack or suspected attack.
`[0042] The system and method described herein may be
`implemented Whenever massive Credentials’ theft may
`occur, as Well as When it is suspected to have occurred, or
`anytime.
`[0043] One of the advantages of an embodiment of the
`invention is that it may be deployed immediately When
`
`TWILIO, INC. EX. 1031
`Page 8
`
`

`
`US 2005/0273442 A1
`
`Dec. 8, 2005
`
`needed and Where needed, and may have very loW opera
`tional and deployment costs, moreover, it may not require
`prior access such as, for example, pre-enrolment, or pre
`distribution of hardWare to users, Who may be potential
`victims of such theft.
`
`[0044] An embodiment of the invention may extend
`authentication to a tWo-factor out-of-band form, requiring an
`additional data element, in addition to the credentials, to be
`transmitted to the user via a different channel. In one
`embodiment such second channel may be, but is not limited
`to a mobile telephone or a landline telephone, or a pager, or
`any channel that has the characteristic that it is dif?cult
`either logistically, money-Wise, or time-Wise, to obtain
`access to many access points to it, for example, it may be
`dif?cult and/or expensive to oWn numerous telephone lines,
`or mobile numbers or beeper numbers, and in a preferable
`embodiment of this invention, it may be Widely available
`and easy to access by users (on an individual basis). Chan
`nels not having such characteristics may be used for out
`of-band communication.
`
`[0045] It should be noted that unlike typical tWo-factor
`authentication methods, the additional authentication chan
`nel (e.g., a channel used outside a normal process or channel
`for authentication or identi?cation) may not be previously
`uniquely linked to a user, and therefore there may not be a
`need for prior access to the users, for example, in the form
`of registration, distribution of hardWare or education of
`users, prior to deploying a method according to one embodi
`ment.
`
`[0046] In one embodiment, the system may ensure that for
`each of an out-of-band or secondary communication chan
`nel, only one or a certain number of users or accounts can
`use this channel for authentication. Security may be
`achieved by for example limiting the number of different
`user service accounts that may use the same authentication
`channel. For example, if the service is a bank account, such
`limitation may be achieved by limiting the number of bank
`accounts that may be linked to a certain telephone number,
`or by limiting the number of users Who may link their
`accounts to that telephone number, based on for example
`name/SSN/Whether they are members of the same family,
`and by deploying as part of a method according to one
`embodiment only those channels that may have the charac
`teristic that it may be dif?cult (e.g., logistically, money-Wise,
`or time-Wise) to obtain access to many access points to it.
`For example, it may be both expensive and logistically
`dif?cult to obtain access to a signi?cant number of land-line
`telephone numbers.
`
`[0047] The deployment of an embodiment of the invention
`may be governed and set according to criteria intended to
`specify the level of the threat of fraud. It may also be applied
`selectively to users according to various criteria intended to
`assess the probability of fraud, for example, at various levels
`of fraud users logging into a service from their typical IP
`location may be exempt from a method according to one
`embodiment, or users Who may perform a successful out of
`band authentication, for example from a certain location
`(such as computer or ATM machine) may be exempt from
`extra authentication in their next attempt to access the
`service from the same location).
`
`[0048] Embodiments of the invention may pertain to a tWo
`factor authentications using a communication channel that
`
`meets certain criteria. Users may be authenticated using a
`combination of their regular Credentials and proof that the
`user may have access to a communication channel that
`meets the criteria of this method, for example, Without
`limitation, such proof could be delivered by the user pre
`senting a dynamic piece of data that may be delivered to it
`via a communication channel that meets the criteria of this
`method, by the user shoWing it knoWs the content of this
`dynamic data, or by the user initiating a call from a tele
`phone or a channel to a certain telephone number. The
`criteria that the additional communication channel may need
`to meet under this method, may be that it Would be difficult
`and/or cumbersome and/or expensive to obtain a signi?cant
`number of it, for example, Without limitation, it is expensive
`and cumbersome to obtain numerous telephone or mobile
`telephone numbers including access to them. Security may
`be achieved not only by selecting such a type of communi
`cation channel for delivery of the dynamic passWord, but
`also by restricting the number of, for example, users or user
`accounts, or any other number of distinct values of a
`property of the users or accounts, such as oWner name, SSN,
`billing address, that may be linked to a particular channel.
`This method may be used either With respect to users may
`have pre-registered the details of their secondary authenti
`cation channel, as Well as With respect to users Who may not
`pre-registered With respect to the latter, such details may be
`collected during the authentication session.
`[0049] Other secondary communication channels having
`other characteristics, for example that may not be dif?cult to
`obtain, may be used.
`
`[0050] This method may more generally be seen as a
`method for achieving a suf?cient level of security in authen
`tication not by actually validating user’s identity but rather
`by
`requiring users to provide details of “something” that
`may be either expensive, complicated or hard to achieve in
`large numbers (e.g., it may be something that meets the
`above criteria, but that may be readily available, such as for
`example, a telephone line); and (ii) by limiting the number
`of different user service accounts or users Who may use the
`same “something” for authentication.
`
`[0051] FIG. 1 depicts an authentication system 10 accord
`ing to one embodiment of the present invention. Referring to
`FIG. 1, an end user 14 may use a terminal such as a personal
`computer, automated teller machine, PDA, telephone, cel
`lular device, or other computing device may Wish to conduct
`a transaction (e.g., login to a service, make a purchase,
`opening a ?nancial account, etc.) With an institution 18.
`Institution 18 may be, for example, a provider that may
`provide services containing con?dential or private informa
`tion, for example, a ?nancial institution (“FI”) system,
`government agencies, health institution, communication ser
`vice provider or any other institution, authority or entity. End
`user 14 and institution 18 may communicate, for example,
`via one or more communications netWork(s) 15 such as, for
`example, the Internet, a cellular system, intranets, data lines,
`a combination of netWorks, etc. In one embodiment, insti
`tution 18 may provide a Web page Which is displayed on the
`user’s computer system; in such case a processor or con
`troller executing a part of a method according to an embodi
`ment of the invention may be located at an end user 14. The
`institution 18 may include a hosted system, Which his not
`necessarily hosted outside of the institution (“HS”) 11 and
`an online system (“OS”) 12 Which may include an authen
`
`TWILIO, INC. EX. 1031
`Page 9
`
`

`
`US 2005/0273442 A1
`
`Dec. 8, 2005
`
`tication local module 13. In some embodiments of the
`present invention, the HS 11 may be located inside the
`institution 18 While in other embodiments the HS 11 may be,
`for example, located outside the institution 18, or may be a
`separate service Which may be operated by the institution 18
`or another service provider. For example, institution 18 may
`include OS 12, for example a system handling online
`transactions, and HS 11 may be a third-party provided
`system, physically and organiZationally separate from insti
`tution 18. In such embodiments the HS 11 may communicate
`With the institution 18 via a plug in 13; plug in capability
`may be used if the HS is included Within the institution 18.
`The OS 12 may be, for example, an online application
`hosted in a data center and may include an authentication
`local module 13 Which may be, for example, a plug in unit
`Which may be installed at a data center or another system in
`Which the OS 12 may be hosted. The OS may belong to, for
`example, a bank or other ?nancial institution, an online or
`other business, or any other institution conducting business.
`
`[0052] The authentication local module 13 may be suitable
`for any system architecture Which may be used by the OS,
`for example, J2EE, Microsoft Net, Microsoft ASP, or any
`other architecture. The authentication local module 13 may
`be substantially contained Within the authentication local
`module 13 (e.g., a self contained softWare module(s)), or
`may be partially or Wholly contained elseWhere For
`example, authentication local module 13 may be a plug-in or
`a shell Which may communicate (e.g., via communications
`network 17, or via other methods) With a different authen
`tication server, for example HS 11. In the event that all
`authentication, including out of channel authentication, is
`done at one institution (e.g., a bank), such local module may
`not be needed. Communication netWork 17 may be, for
`example a hard Wired link, air link or any other communi
`cation channel. Furthermore, the authentication local mod
`ule 13 may communicate With an authentication application
`in the HS 11 including, for example, a cryptographic vali
`dation of the HS 11 response to ensure, for example, that it
`is transacting With HS 11. A local module 13 need not be
`used; for example if all the functionality