(12) United States Patent
`Ueshima
`
`(54) AUTHENTICATION METHOD,
`AUTHENTICATION SYSTEMAND
`RECORDING MEDIUM
`
`(75) Inventor: Yasushi Ueshima, Tokyo (JP)
`(73) Assignee: Comsquare Co., Ltd., Tokyo (JP)
`
`(*) Notice:
`
`USOO6731731B1
`(10) Patent No.:
`US 6,731,731 B1
`(45) Date of Patent:
`May 4, 2004
`
`2002/0106065 A1 * 8/2002 Joyce et al. ........... 379/114.02
`
`FOREIGN PATENT DOCUMENTS
`
`EP
`JP
`JP
`JP
`JP
`JP
`JP
`JP
`JP
`
`686905
`O8-227397
`10-229459
`1O-336345
`10-341224
`11-12O397
`11-161618
`11-178022
`2OOO-10927
`
`12/1995
`9/1996
`8/1998
`12/1998
`12/1998
`4/1999
`6/1999
`7/1999
`1/2000
`
`* cited by examiner
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 567 days.
`(21) Appl. No.:
`09/806,350
`(22) PCT Filed:
`Jul. 3, 2000
`(86) PCT No.:
`PCT/JP00/04399
`S371 (c)(1),
`Primary Examiner Benny Tieu
`(2), (4) Date: Mar. 29, 2001
`(74) Attorney, Agent, or Firm-Collard & Roe, P.C.
`(87) PCT Pub. No.: WO01/09735
`(57)
`ABSTRACT
`PCT Pub. Date: Feb. 8, 2001
`When a Service provider authenticates a preliminarily reg
`istered user, a telephone number of a telephone of the user
`Foreign Application Priority Data
`(30)
`is registered prior to the authentication and the user calls a
`Jul. 30, 1999
`(JP) ........................................... 11-216948 E. telephony integration) server by the use of
`(51) Int. Cl. ........................... H04M 3700; G06F 12/14
`the telephone. The CTI server authenticates the user with
`(52) U.S. Cl. ........................................ 379/196; 713/201
`reference to the telephone number of the call received. A
`(58) Field of Search ................................. 379,189, 191,
`password is generated by an information processing device
`379/196, 197, 198, 114.02; 713/200, 201,
`Such as the CTI server and is transmitted to both the user and
`2O2
`the Service provider. The Service provider compares the
`received password and a password inputted by the user and
`provides the user with Service upon coincidence between
`both passwords.
`
`(56)
`
`References Cited
`U.S. PATENT DOCUMENTS
`2001/0000358 A1
`4/2001 Isomichi et al. ............ 713/201
`
`30 Claims, 6 Drawing Sheets
`
`/SAR
`I 11
`| l
`
`2
`
`22
`
`PAGER
`
`s
`N
`y
`141 y
`
`..
`
`PersonIAL COMPUter, etc. f
`M
`
`
`
`:
`i
`
`H
`
`R
`
`
`
`PCNE
`CELLUAR
`NTRK
`10
`
`PUBLIC
`NETWORK
`
`2
`
`PAGING ?
`NETWORK N
`30
`
`40
`
`CALLERS
`ATA
`MUMBER
`IDENTIFYING cowrr
`unit
`22.
`
`MAIL
`sERVER 50
`
`PUCNTWORK 20
`CONNECTION UNIT
`
`RGISTER
`TABLE
`3.
`
`ASSWOR
`TALE
`32
`
`PASSWOR
`GENERATION 4
`NIT
`
`AtAAS 30
`
`NETWORK
`LAN, WAN,
`NTERNET)
`
`50
`
`PASSWORD
`control 42
`UNIT
`
`. -> AUTHENTCATION
`
`SYSTEMUNT
`
`60
`
`EXPERIAN EXHIBIT 1006
`IPR2023-01406
`
`
`Ueshima
`
`(54) AUTHENTICATION METHOD,
`AUTHENTICATION SYSTEMAND
`RECORDING MEDIUM
`
`(75) Inventor: Yasushi Ueshima, Tokyo (JP)
`(73) Assignee: Comsquare Co., Ltd., Tokyo (JP)
`
`(*) Notice:
`
`USOO6731731B1
`(10) Patent No.:
`US 6,731,731 B1
`(45) Date of Patent:
`May 4, 2004
`
`2002/0106065 A1 * 8/2002 Joyce et al. ........... 379/114.02
`
`FOREIGN PATENT DOCUMENTS
`
`EP
`JP
`JP
`JP
`JP
`JP
`JP
`JP
`JP
`
`686905
`O8-227397
`10-229459
`1O-336345
`10-341224
`11-12O397
`11-161618
`11-178022
`2OOO-10927
`
`12/1995
`9/1996
`8/1998
`12/1998
`12/1998
`4/1999
`6/1999
`7/1999
`1/2000
`
`* cited by examiner
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 567 days.
`(21) Appl. No.:
`09/806,350
`(22) PCT Filed:
`Jul. 3, 2000
`(86) PCT No.:
`PCT/JP00/04399
`S371 (c)(1),
`Primary Examiner Benny Tieu
`(2), (4) Date: Mar. 29, 2001
`(74) Attorney, Agent, or Firm-Collard & Roe, P.C.
`(87) PCT Pub. No.: WO01/09735
`(57)
`ABSTRACT
`PCT Pub. Date: Feb. 8, 2001
`When a Service provider authenticates a preliminarily reg
`istered user, a telephone number of a telephone of the user
`Foreign Application Priority Data
`(30)
`is registered prior to the authentication and the user calls a
`Jul. 30, 1999
`(JP) ........................................... 11-216948 E. telephony integration) server by the use of
`(51) Int. Cl. ........................... H04M 3700; G06F 12/14
`the telephone. The CTI server authenticates the user with
`(52) U.S. Cl. ........................................ 379/196; 713/201
`reference to the telephone number of the call received. A
`(58) Field of Search ................................. 379,189, 191,
`password is generated by an information processing device
`379/196, 197, 198, 114.02; 713/200, 201,
`Such as the CTI server and is transmitted to both the user and
`2O2
`the Service provider. The Service provider compares the
`received password and a password inputted by the user and
`provides the user with Service upon coincidence between
`both passwords.
`
`(56)
`
`References Cited
`U.S. PATENT DOCUMENTS
`2001/0000358 A1
`4/2001 Isomichi et al. ............ 713/201
`
`30 Claims, 6 Drawing Sheets
`
`/SAR
`I 11
`| l
`
`2
`
`22
`
`PAGER
`
`s
`N
`y
`141 y
`
`..
`
`PersonIAL COMPUter, etc. f
`M
`
`
`
`:
`i
`
`H
`
`R
`
`
`
`PCNE
`CELLUAR
`NTRK
`10
`
`PUBLIC
`NETWORK
`
`2
`
`PAGING ?
`NETWORK N
`30
`
`40
`
`CALLERS
`ATA
`MUMBER
`IDENTIFYING cowrr
`unit
`22.
`
`sERVER 50
`
`PUCNTWORK 20
`CONNECTION UNIT
`
`RGISTER
`TABLE
`3.
`
`ASSWOR
`TALE
`32
`
`PASSWOR
`GENERATION 4
`NIT
`
`AtAAS 30
`
`NETWORK
`LAN, WAN,
`NTERNET)
`
`50
`
`PASSWORD
`control 42
`UNIT
`
`. -> AUTHENTCATION
`
`SYSTEMUNT
`
`60
`
`EXPERIAN EXHIBIT 1006
`IPR2023-01406
`
`
`
`U.S. Patent
`U.S. Patent
`
`Sheet 1 of6
`May 4, 2004
`Sheet 1 of 6
`May 4, 2004
`FIG. 1
`FIG. 1
`
`US 6,731,731 B1
`US 6,731,731 B1
`
`- - - - - - - - -
`
`/‘CELLULAR
`/CELLULAR
`f PHONE
`; PHONE
`| 111
`
`-
`
`- - -as
`
`a r - - - - - - -
`
`-
`
`is
`
`is a s
`
`PAGER
`
`m
`
`PERSONAL COMPUTER, etc. f
`
`is
`
`a
`
`|
`PUBLIC
`PUBLC
`NETWORK
`NETWORK
`120
`120
`
`m
`
`)
`PAGING
`E.
`NETWORK
`NETWORK
`130
`130
`
`140
`
`
`
`CELLULAR
`CESAR
`NETWORK
`NETWORK
`110
`110
`
`
`
`CALLER'S
`NUMBER
`IDENTIFYING
`UNIT
`21
`
`DATA
`CONVERTER
`22
`
`SERVER 50
`
`II
`iI
`!
`:
`tI
`il
`
`il
`
`" PUBLIC NETWORK|20
`
`PUBLIC NETWORK 20
`CONNECTION UNIT
`CONNECTION UNIT
`UI
`
`!
`aT
`
`i
`
`REGISTER
`REGISTER
`TABLE
`TABLE
`31
`3.
`
`PASSWORD
`PASSWORD
`TABLE
`TABLE
`32
`32
`
`
`
`
`
`PASSWORD
`PASSWORD
`GENERATION 41
`GENERATION 4
`UNIT
`
`
`
`DATABASE 30
`1 DATABASE|30
`
`PASSWORD
`PASSWORD
`
`CONTROL
`|42
`i
`CONTROL 42
`UNIT
`"
`UNIT
`W
`
`\
`it
`s
`
`
`
`
`
`
`
`f i
`CALLER'S
`UNIT
`150
`
`NETWORK
`NETWORK
`(LAN, WAN,
`(LAN, WAN,
`INTERNET)
`1NTERNET)
`
`50
`
`= — AUTHENTICATION
`as -) AUTHENTCATION
`SYSTEM UNIT
`SYSTEM UNIT
`
`60
`60
`
`USER
`USER
`O
`10
`
`
`
`U.S. Patent
`
`May 4, 2004
`
`Sheet 2 of 6
`
`US 6,731,731 B1
`
`FIG. 2
`
`REPETITION OF TRIAL
`
`SEVERAL TIMES OF
`
`
`
`
`
`
`¥__
`
`sto
`
`RUPTS THE LINE AFTER
`MESSAGE AND INTER-
`CTI TRANSMITS ERROR
`
`
`
`
`W@
`
`CORD
`
`
`
`
`ID IS PROPER
`
`CIATION WITH CALLER'S
`USER'S NAME IN ASSO-
`BASE TO CHECK IF THE
`CTI INQUIRES AT DATA-
`
`Y
`
`NITION, FAX, etc.)
`
`
`
`
`
`
`
`
`DTMF, SPEECH RECOG-
`NAME (INPUT METHOD: |s3
`USER INPUTS USER'S
`
`
`
`
`
`
`
`s7
`
`OF USER'S NAME
`
`y
`
`CTI REQUESTS INPUT
`
`
`
`
`
`
`
`
`
`
`/€
`
`
`
`
`FOR GENERATION
`RATING PROGRAM
`PASSWORD GENE-
`
`
`
`
`
`
`CTI REQUESTS
`
`$11
`
`UNNECESSARY
`
`NECESSARY
`
`
`
`
`
`
`
`
`
`POCKET BELL
`
`SPEECH
`
`FAX
`
`etc.
`
`TO USER.
`
`PASSWORD IS NOTIFIED
`
`$14
`
` ¥
`
`
`
`
`
`TO DATABASE
`
`GENERATED PROGRAM
`
`PROGRAM GENERATES
`PASSWORD GENERATING
`$12
`
`Y.
`
`Y.
`
`
`
`
`
`
`
`
`
`
`EXAMPLES OF NOTIFICATION
`
`
`
`
`
`
`
`
`
`PROGRAM REGISTERS THE
`PASSWORD GENERATING
`$13
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`NAME IS NECESSARY.
`CTI JUDGES IF USER'S
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`CALL RECEPTION
`
`CTI REJECTS
`
`OR
`
`ERROR MESSAGE
`TRANSMITTING
`THE LINE AFTER
`AND INTERRUPTS
`
`
`
`
`56
`
`RECEIVES THE CALL
`CTI AUTOMATICALLY
`
`$3
`
` Vv
`
`
`
`
`
`
`Y
`
`
`
`
`RECEIVES THE CALL
`CTI AUTOMATICALLY
`
`
`
`
`
`
`CK
`
`<<
`
`$4
`
`
`
`
`
`
`
`CTI CONFIRMS AT DATA-~
`
`ID CORRESPONDS TO
`BASE THAT CALLER'S
`
`PROPER USER
`
`
`
`
`
`
`
`CK
`
`
`
`
`MITTED FROM CARRIER
`
`CALLER'S ID TRANS-
`
`CTI IDENTIFIES
`
` Y
`
`
`
`$1
`
`PUBLIC NETWORK
`SYSTEM THROUGH
`USER CALLS CTI
`
`
`
`CTI CALL RECEPTION FLOW
`PASSWORD GENERATION
`
`
`
`
` v
`
`
`
`
`
`
`U.S. Patent
`U.S. Patent
`
`May 4, 2004
`May 4, 2004
`
`Sheet 3 of6
`Sheet 3 of 6
`
`US 6,731,731 B1
`US 6,731,731 B1
`
`FIG. 3
`FIG. 3
`
`GENERATION OF ESSE
`GENERATION OF PASSWORD
`CT CALL NON-RECEPTIONELOW
`CTI CALL NON-RECEPTION FLOW
`
`USER CALLS CTI SYSTEM
`USER CALLS CT SYSTEM
`THROUGH PUBLIC NET
`
`WQRSANDANGSET
`WORK AND HANGS UP|_.,
`AFTER SEVERAL TIMES
`OF GENERATION OF
`RINGING TONE
`RINGING TONE
`
`
`
`
`
`
`CTIIDENTIFIES
`CTIDENTIFIES
`CALLER'S ID
`CALLERS ID
`TRANSMITTED
`TRANSMITTED
`FROM CARRIER
`FROM CARRIER
`
`
`
`
`
`
`
`
`
`
`CTI CHECKS AT DATA-
`CT CHECKSAT DATA
`BASE IF CALLER'S ID
`BASE IF CALLERS ID
`CORRESPONDS TO
`CORRESPONDS TO
`PROPER USER
`PROPER USER
`
`
`
`
`
`
`
`
`TS
`
`Té
`
`
`
`
`
`
`
`
`
`
`
`CTI REQUESTS
`CT REQUESTS
`PASSWORD GENE-
`
`
`PASSWORD GENE
`RATING PROGRAM
`RAING PROGRAM
`
`
`FOR GENERATION
`FOR GENERATION
`
` PASSWORD GENERATING
`
`PASSWORD GENERATING
`PROGRAM GENERATES
`PROGRAM GENERATES
`
`A PASSWORD
`APASSWORD
`
`
`
`PASSWORD GENERATING
`PASSWORD GENERATING
`PROGRAM REGISTERS
`PROGRAMREGISTERS
`GENERATED PROGRAM
`GENERATED PROGRAM
`
`TO DATABASE
`TODATABASE
`
`
`PASSWORD IS NOTIFIED
`PASSWORD IS NOTIFIED
`TO USER
`TO USER
`
`
`EXAMPLESOF NOTIFICATION
`EXAMPLES OF NOTIFICATION
`SPEECH
`SPEECH
`POCKET BELL
`POCKET.BELL
`FAXA
`FAX
`E-MA
`etc.
`etc.
`
`
`
`
`
`
`
`T3
`
`
`
`NO OPERATION
`NO OPERATION
`
`T38
`T8.
`
`
`
`U.S. Patent
`U.S. Patent
`
`May 4, 2004
`May 4, 2004
`
`Sheet 4 of6
`Sheet 4 of 6
`
`US 6,731,731 B1
`US 6,731,731 B1
`
`FIG. 4
`FIG. 4
`
`FLOW OF USING
`FLOW OF USING
`AUTHENTICATION SYSTE
`AUTHENTICATIONSYSTE
`
`AUTHENTICATION
`AUTHENTCATION
`SYSTEM REQUIRES
`SYSTEM REQUIRES
`USER'S NAME?
`USER'S NAME?
`
`U1
`
`U2
`
`U3
`
`U4
`
`NECESSARY
`NECESSARY
`O
`Cc
`
` AUTHENTICATION
`AUTHENTCATION
`
`SYSTEM RECEIVES
`SYSTEM RECEIVES
`INPUT OF USER'S NAME
`INPUT OF USER'S NAME
`
`
`
`AUTHENTICATION
`AUTHENTCATION
`SYSTEM RECEIVES
`SYSTEM RECEIVES
`
`INPUT OF PASSWORD
`INPUT OF PASSWORD
`
`USER INPUTS©
`USER INPUTS
`USER'S NAM
`USER'S NAME TO
`
`AUTHENTICATION
`AUTHENTICATION
`SYSTEM
`USER INPUTS
`SYSTEM
`
`USER INPUTS
`PASSWORDT'
`AUTHENTICATION
`PASSWORD TO
`
`AUTHENTICATION
`SYSTEM
`
`
`
`AUTHENTICATION
`AUTHENTCATION
`SYSTEM INQUIRES
`SYSTEM INQUIRES
`
`
`
`AUTHENTICATION
`AT DATABASE
`AUTHENTICATION
`ATDATABASE
`
`SYSTEM INQUIRES
`SYSTEM INQUIRES
`
`AT DATABASE
`ATDATABASE
`(IF USER'S NAME IS
`(IF USER'S NAME IS
`PRESENT, INQUIRES BY
`PRESENT, INQUIRES BY
`
`THE USE OF COMBINA-
`THE USE OF COMBINA
`
`TION OF USER'S NAME
`TION OF USER'S NAME
`AND PASSWORD)
`AND PASSWORD)
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`CNG)
`
`COK
`
`Us
`U8
`AUTHENTICATION
`AUTHENTICATION
`SYSTEM ALLOWS
`SYSTEM ALLOWS
`AUTHENTICATION
`AUTHENTICATION
`
`AUTHENTICATION
`AU
`NTICATION
`SYSTEM DOES NOT Ug
`SYSTEM DOES NOT
`|us
`ALLOW AUTHENTICATION
`ALLOW AUTHENTICATION
`
`
`
`U.S. Patent
`U.S. Patent
`
`May 4, 2004
`May 4, 2004
`
`Sheet 5 of6
`Sheet 5 of 6
`
`US 6,731,731 B1
`US 6,731,731 B1
`
`FIG. 5
`FIG. 5
`
`PASSWORD CONTROL
`PASSWORD CONTROL
`FLOW
`FLOW
`
`
`
`
`
`
`
`PASSWORD CONTROL PROGRAM
`PASSWORD CONTROL PROGRAM
`
`
`MONITORS PASSWORD
`MONITORS PASSWORD
`REGISTERED TODATABASE
`REGISTERED TO DATABASE
`
`AND DELETES OR INVALIDATES V1
`AND DELETES OR INVALIDATES|;V1
`THE PASSWORD
`
`THE PASSWORD
`
`NACCORDANCE WITH
`INACCORDANCE WITH
`PREDETERMINED CONDITIONS
`PREDETERMINED CONDITIONS
`
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`U.S. Patent
`
`May 4, 2004
`May4, 2004
`
`Sheet 6 of 6
`Sheet 6 of 6
`
`US 6,731,731 B1
`US 6,731,731 B1
`
`FIG. 6
`FIG. 6
`
`
`
`5
`5
`AT
`ATM
`INQUIRES AT
`INQUIRES AT
`DATABASE
`DATABASE
`
`
`
`ASATM
`s
`ATM
`ALLOWS _AUTHEN-
`ALLOWS AUTHEN
`TICATION TO ENABLE
`TICATION TO ENAELE
`OPERATION OF USER'S
`OPERATION OF USER'S
`BANK ACCOUNT ASSO-
`BANKACCOUNTASSO
`ATED WITH T!
`PASSWORD (BALANCE
`CIATED WITH THE
`PASSWORD (BALANCE
`NQUIRY, CREDITING,
`INQUIRY,CRECREDITING,
`TRANSFERRING
`WITHDRAWALS
`WITHORAWAL.
`
`FLow OF USING ATM
`FLOW OF USING ATM
`BY CELLULAR PHONE
`BY CELLULAR PHONE
`
`
`
`1
`USER
`USER
`USER REQUESTS
`USERREGUESTS
`GENERATION OF
`GENERATION OF
`PASSWORD
`PASSWORD
`
`SECURITY IS IMPROVED
`
`2
`2
`USER
`USER
`USER RECEIVES PASS -
`USER RECEIVES PASS
`WORDUSING E-MAIL
`WORDUSING E-MAIL
`RECEIVING FUNCTION
`RECEIVING FUNCTION
`OF CELLULAR PHONE
`OF CELLULAR PHONE
`IF PASSWORDITSELFIS
`IF PASSWORDITSELFS
`TRANSMITTED AS
`TRANSMITTED AS
`BINARY CODE AND
`BNARY CODE AND
`IF CELLULAR PHONE
`IF CELLULARPHONE
`IS PROVIDED WITH
`IS PROVIDED WITH
`DECODING PROGRAM, °
`DECODING PROGRAM,
`SECURITY IS IMPROVED
`
`
`
`
`3
`ATM
`ATM
`
`
`RECEIVES INPUT
`RECEIVES INPUT
`OF PASSWORD
`OF PASSWORD
`
`
`
`
`
`wa
`
`4.
`USER
`USER
`USER TRANSMITS PASS-
`USER TRANSMITS PASS
`WORDTO ATM BY USING
`WORD TO ATM BY USING
`PASSWORD TRANSMIS-
`PASSWOR TRANSMS
`SION FUNCTION OF
`CELLULAR PHONE
`CELLULARPHONE
`TRANSMISSIONIS PER-
`TRANSMISSION IS PER
`Wa
`FORMED BY WAYOF
`FORMED BY WAY OF WA
`NON-CONTACT SYSTEM
`NON-CONTACT SYSTEM
`FOR PASSWORD
`FOR PASSWORD
`TRANSMISSION FUNC-
`TRANSMISSION FUNC
`TION OF CELLULAR
`TION OF CELLULAR
`PHONE, CELLULAR
`PHONE, CELLULAR
`PHONE PREFERABLY
`PHONE PREFERABLY
`SAWITH RESPECT TO
`HAS A PASSWORD
`WITH RESPECT TO
`TRANSMISSION
`TRANSMISSION
`
`
`
`1
`1
`AUTHENTICATION METHOD,
`AUTHENTICATION METHOD,
`AUTHENTICATION SYSTEM AND
`AUTHENTICATION SYSTEMAND
`RECORDING MEDIUM
`RECORDING MEDIUM
`CROSS REFERENCE TO RELATED
`CROSS REFERENCE TO RELATED
`APPLICATIONS
`APPLICATIONS
`Applicant claims priority under 35 USC 119 of Japanese
`Applicant claims priority under 35 USC 119 of Japanese
`application No. 216948/1999 filed Jul. 30, 1999. Applicant
`application No. 216948/1999 filed Jul. 30, 1999. Applicant
`also claims priority under 35 USC 120 of PCT/JP00/04399
`also claimspriority under 35 USC 120 of PCT/JP00/04399
`filed Jul. 3, 2000. The international application under PCT
`filed Jul. 3, 2000. The international application under PCT
`article 21(2) was not published in English.
`article 21(2) was not published in English.
`TECHNICAL FIELD
`TECHNICAL FIELD
`This invention relates to CTI (computer telephony
`This invention relates to CTI
`(computer telephony
`integration) and, particularly, to user authentication utilizing
`integration) and,particularly, to user authentication utilizing
`a CTI technique.
`a CTItechnique.
`BACKGROUND TECHNIQUE
`BACKGROUND TECHNIOUE
`In the modern Society, a technique for authenticating a
`In the modern society, a technique for authenticating a
`person who has preliminarily been registered as a regular
`person who has preliminarily been registered as a regular
`user (hereinafter called as a registered user) is used in
`user (hereinafter called as a registered user) is used in
`various situations in the Society. For example, Such an
`various situations in the society. For example, such an
`authentication technique is utilized in the Situations where a
`authentication techniqueis utilized in the situations where a
`user makes access to information providing Service on a
`user makes access to information providing service on a
`communications network System or where an electronic lock
`communications network system or where an electronic lock
`Set at an entrance of an office building is unlocked.
`set at an entrance of an office building is unlocked.
`AS the above-mentioned authentication technique, use has
`As the above-mentioned authentication technique, use has
`traditionally been made of a System in which each registered
`traditionally been made of a system in which eachregistered
`user is assigned with a fixed password. Upon authentication,
`useris assigned with a fixed password. Uponauthentication,
`a user of the System is required to input a password, which
`a user of the system is required to input a password, which
`is then compared with the password which has already been
`is then compared with the password which hasalready been
`registered. Only when the coincidence is detected between
`registered. Only when the coincidence is detected between
`them, the user is allowed to use the System. Hereinafter, Such
`them,the useris allowed to use the system. Hereinafter, such
`a technique that the authentication is carried out by the use
`a technique that the authentication is carried out by the use
`of the fixed password as a general rule will hereinafter be
`of the fixed password as a general rule will hereinafter be
`called a fixed password System. In the fixed password
`called a fixed password system.
`In the fixed password
`System, the registered user can easily be authenticated.
`system,
`the registered user can easily be authenticated.
`However, it is difficult to create, as a password, a character
`However, it is difficult to create, as a password, a character
`String which can easily be memorized only by the registered
`string which can easily be memorized only by the registered
`user and which can not be guessed by a third perSon other
`user and which can not be guessed by a third person other
`than the registered perSon. It is also difficult to make all the
`than the registered person. It is also difficult to make all the
`registered users conduct perfect management of the pass
`registered users conduct perfect management of the pass-
`word. Under the circumstances, it is highly probable that the
`word. Underthe circumstances,it is highly probable that the
`fixed password System is invaded if repeatedly attacked as a
`fixed password system is invaded if repeatedly attacked as a
`target of a hacker.
`target of a hacker.
`In order to overcome the above-mentioned disadvantages
`In order to overcome the above-mentioned disadvantages
`of the fixed password System, a variety of techniques have
`of the fixed password system, a variety of techniques have
`been proposed.
`been proposed.
`For example, Japanese Unexamined Patent Publication
`For example, Japanese Unexamined Patent Publication
`(JP-A) H10-336345 discloses an authentication system
`(JP-A) H10-336345 discloses an authentication system
`which is used when a user’s information terminal is con-
`which is used when a user's information terminal is con
`nected to an information provider on the communications
`nected to an information provider on the communications
`network System. In this authentication System, the registered
`network system. In this authentication system,the registered
`user is authenticated by the use of a caller's telephone
`user is authenticated by the use of a caller’s telephone
`number peculiar to the users information terminal instead of
`numberpeculiarto the user’s information terminal instead of
`the fixed password System. Therefore, it is possible to
`the fixed password system. Therefore,
`it
`is possible to
`prevent the third person from making access to the infor
`prevent the third person from making access to the infor-
`mation provider by using any device other than the infor
`mation provider by using any device other than the infor-
`mation terminal which is registered.
`mation terminal which is registered.
`However, restrictions have been imposed on the above
`However, restrictions have been imposed on the above-
`mentioned technique Such that a terminal for use in authen
`mentioned technique such that a terminal for use in authen-
`tication of the registered user should be the Same as a
`tication of the registered user should be the same as a
`terminal for use in receiving the Service from the informa
`terminal for use in receiving the service from the informa-
`tion provider. In other words, because the telephone number
`tion provider. In other words, because the telephone number
`used by the information terminal of the registered user is
`used by the information terminal of the registered user is
`
`35
`
`40
`
`45
`45
`
`50
`50
`
`55
`55
`
`60
`60
`
`65
`65
`
`US 6,731,731 B1
`US 6,731,731 B1
`
`10
`
`15
`15
`
`20
`
`25
`25
`
`2
`2
`registered, even the registered user can not be authenticated
`registered, even the registered user can not be authenticated
`if he/she uses another information terminal connected with
`if he/she uses another information terminal connected with
`an unregistered telephone number.
`an unregistered telephone number.
`The above-mentioned authentication System can be used
`The above-mentioned authentication system can be used
`in authentication of making access to the information pro
`in authentication of making access to the information pro-
`vider on the communications network System. However, the
`vider on the communications network system. However, the
`System is not available to authentication of using an infor
`system is not available to authentication of using an infor-
`mation processing device which can not be accessed from
`mation processing device which can not be accessed from
`the user's terminal. Specifically, no authentication can be
`the user’s terminal. Specifically, no authentication can be
`executed by the above-mentioned System in case where the
`executed by the above-mentioned system in case where the
`electronic lock of the building is unlocked or in case where
`electronic lock of the building is unlocked or in case where
`a customer is authenticated at a cash dispenser in a bank.
`a customeris authenticated at a cash dispenser in a bank.
`Moreover, since the telephone number used by the infor
`Moreover, since the telephone number used bythe infor-
`mation terminal is authenticated, it is not possible to Sepa
`mation terminal is authenticated, it is not possible to sepa-
`rately authenticate individual users in case where a single
`rately authenticate individual users in case where a single
`information terminal is used by a plurality of users.
`information terminal is used by a plurality of users.
`Beside the above-mentioned technique disclosed in JP-A
`Beside the above-mentioned technique disclosed in JP-A
`H10-336345, a so-called one-time password system is
`H10-336345, a so-called one-time password system is
`known as a technique to Solve the problem in the fixed
`known as a technique to solve the problem in the fixed
`password technique. In the fixed password System, the
`password technique.
`In the fixed password system,
`the
`password is kept unchanged unless it is renewed by a System
`passwordis kept unchanged unless it is renewed by a system
`Side or the registered user. On the other hand, in the one-time
`side or the registered user. On the other hand,in the one-time
`password System, a new password is used every time when
`password system, a new password is used every time when
`the authentication is performed. Therefore, even if the
`the authentication is performed. Therefore, even if the
`password is leaked to the third perSon, it is possible to
`password is leaked to the third person,
`it
`is possible to
`minimize a damage. As a conventional technique utilizing
`minimize a damage. As a conventional technique utilizing
`the one-time password System, the following techniques are
`the one-time password system, the following techniques are
`known.
`known.
`In the technique disclosed in JP-A H11-178022, use is
`In the technique disclosed in JP-A H11-178022, use is
`made of a password generator which changes a generated
`made of a password generator which changes a generated
`password upon every authentication in Synchronism with an
`password uponevery authentication in synchronism with an
`authentication Server. Upon requesting the authentication to
`authentication server. Upon requesting the authentication to
`the authentication Server, the registered user transmits to the
`the authentication server, the registered user transmits to the
`authentication Server the password generated by the pass
`authentication server the password generated by the pass-
`word generator together with an ID of the registered user
`word generator together with an ID of the registered user
`himself/herself. AS the authentication Server is Synchronized
`himself/herself. As the authentication server is synchronized
`with the password generator, it is possible to generate a
`with the password generator, it is possible to generate a
`password corresponding to the ID at the time instant when
`password corresponding to the ID at the time instant when
`the authentication is requested. Thus, the authentication
`the authentication is requested. Thus,
`the authentication
`Server can authenticate the user by comparing the password
`server can authenticate the user by comparing the password
`received from the user and the password generated by the
`received from the user and the password generated by the
`authentication server itself.
`authentication Server itself.
`In the technique disclosed in JP-A H8-227397 or JP-A
`In the technique disclosed in JP-A H8-227397 or JP-A
`H11-161618, each individual registered user is assigned
`H11-161618, each individual registered user is assigned
`with a different coding rule. Each registered user is given a
`with a different coding rule. Each registered user is given a
`decoder which is operable in accordance with the coding
`decoder which is operable in accordance with the coding
`rule assigned to him/her. When the ID is transmitted from
`rule assigned to him/her. When the ID is transmitted from
`the user, the authentication Server randomly generates a
`the user,
`the authentication server randomly generates a
`password, encodes the password in accordance with the
`password, encodes the password in accordance with the
`coding rule assigned to the user of the ID, and thereafter
`coding rule assigned to the user of the ID, and thereafter
`Sends the encoded result to the user. Upon reception of the
`sends the encoded result to the user. Upon reception of the
`encoded result, the user decodes the password by the use of
`encoded result, the user decodes the passwordby the use of
`his/her decoder and sends the decoded result back to the
`his/her decoder and sends the decoded result back to the
`authentication server. The authentication server authenti-
`authentication Server. The authentication Server authenti
`cates the uSerby comparing the password generated by itself
`cates the user by comparing the password generatedbyitself
`and the data sent back from the user.
`and the data Sent back from the user.
`In the above-mentioned conventional techniques utilizing
`In the above-mentioned conventional techniquesutilizing
`the one-time password System, it is necessary to prepare for
`the one-time password system, it is necessary to prepare for
`every registered user private hardware or a set of private
`every registered user private hardware or a set of private
`software and hardware which can execute the software. The
`Software and hardware which can execute the Software. The
`private hardware or the private Software is often expensive.
`private hardware or the private software is often expensive.
`AS the hardware necessary to execute the private Software,
`As the hardware necessary to execute the private software,
`a mobile information apparatus or a notebook type personal
`a mobile information apparatus or a notebook type personal
`computer can be used. However, these apparatuses are not
`computer can be used. However, these apparatuses are not
`low in price and not available to everybody, although they
`low in price and not available to everybody, although they
`are increasingly and widely spread. Therefore, the cost
`are increasingly and widely spread. Therefore,
`the cost
`
`
`
`3
`3
`problem arises also in this case. Moreover, the use of the
`problem arises also in this case. Moreover, the use of the
`private hardware urges the user to carry the apparatus which
`private hardware urgesthe userto carry the apparatus which
`is required only for the authentication. This will spoil the
`is required only for the authentication. This will spoil the
`convenience.
`convenience.
`The object of the present invention is to provide an
`The object of the present
`invention is to provide an
`authentication technique using a new one-time password
`authentication technique using a new one-time password
`system which solves the problems in the fixed password
`system which solves the problems in the fixed password
`system and the technique disclosed in JP-AH11-336345 as
`system and the technique disclosed in JP-A H11-336345 as
`well as the problems in the conventional one-time password
`well as the problems in the conventional one-time password
`system disclosed in JP-A H11-178022, JP-A H8-227397,
`system disclosed in JP-A H11-178022, JP-A H8-227397,
`and H11-161618. More particularly, the present invention
`and H11-161618. More particularly, the present invention
`has the following objects to be solved:
`has the following objects to be solved:
`Private hardware or software exclusively for authentica
`Private hardware or software exclusively for authentica-
`tion and liable to be expensive is not necessary.
`tion and liable to be expensive is not necessary.
`A terminal for authentication and a terminal used for
`A terminal for authentication and a terminal used for
`reception of Service need not be the Same.
`reception of service need not be the same.
`Use is also possible in authentication at an information
`Use is also possible in authentication at an information
`processing device, Such as an electronic lock for lock
`processing device, such as an electronic lock for lock-
`ing a building and an automatic cash dispenser, which
`ing a building and an automatic cash dispenser, which
`can not be accessed from a user’s terminal.
`can not be accessed from a user's terminal.
`Individual users can be separately authenticated even if
`Individual users can be separately authenticated even if
`the same terminal is used by a plurality of users.
`the same terminal is used by a plurality of users.
`DISCLOSURE OF THE INVENTION
`DISCLOSURE OF THE INVENTION
`In order to solve the above-mentioned problems, the
`In order to solve the above-mentioned problems,
`the
`present invention provides a user authentication method, a
`present invention provides a user authentication method, a
`user authentication System, and a recording medium with a
`user authentication system, and a recording medium with a
`user authentication program recorded therein.
`user authentication program recorded therein.
`(1) User Authentication Method
`(1) User Authentication Method
`A user authentication method provided by the present
`A user authentication method provided by the present
`invention is a method of authenticating a preliminarily
`invention is a method of authenticating a preliminarily
`registered user by a device for providing Service (hereinafter
`registered user by a device for providing service (hereinafter
`referred to as a service provider) and is characterized by the
`referred to as a service provider) and is characterized by the
`Steps: (1) a telephone number of a telephone of the user is
`steps: (1) a telephone numberofa telephone of the useris
`registered prior to the authentication, (2) the user calls a CTI
`registered priorto the authentication,(2) the user calls a CTI
`(computer telephony integration) server by using the tele
`(computer telephony integration) server by using the tele-
`phone thus registered, (3) the CTI server authenticates the
`phone thus registered, (3) the CTI server authenticates the
`user with reference to the telephone number received, (4) the
`user with reference to the telephone numberreceived,(4) the
`CTI Server or another information processing device oper
`CTI server or another information processing device oper-
`able in cooperation with the CTI Server generates a
`able in cooperation with the CTI server generates a
`password, (5) the password thus generated is transmitted to
`password,(5) the password thus generated is transmitted to
`both the user and the Service provider, (6) the user inputs the
`both the user and the service provider, (6) the user inputs the
`password which he/she has received by a device (hereinafter
`password which he/she has received by a device (hereinafter
`referred to as a service access authentication device) for
`referred to as a service access authentication device) for
`authenticating the access to the Service provider, (7) the
`authenticating the access to the service provider, (7) the
`Service acceSS authentication device compares the password
`service access authentication device compares the password
`received in the Step (5) and the password inputted in the Step
`received in the step (5) and the password inputtedin the step
`(6) and, upon coincidence between both passwords, allows
`(6) and, upon coincidence between both passwords, allows
`the user to access to the Service provider, and (8) the
`the user to access to the service provider, and (8)
`the
`password which has been used for the authentication is
`password which has been used for the authentication is
`invalidated. It is noted that the service provider mentioned
`invalidated. It is noted that the service provider mentioned
`herein is a device for directly providing Service to the user,
`herein is a device for directly providing service to the user,
`for example, a WEB server, an electronic lock, an automatic
`for example, a WEBserver, an electronic lock, an automatic
`financing device Such as an automatic cash dispenser, and
`financing device such as an automatic cash dispenser, and
`the like. The service access authentication device is a device
`the like. The Service access authentication device is a device
`for authenticating the user who desires to be given the
`for authenticating the user who desires to be given the
`Service, for example, an authentication Server and the like.
`service, for example, an authentication server and the like.
`In the above-mentioned user authentication method, the
`In the above-mentioned user authentication method, the
`password may be invalidated, even if the user has not yet
`password may be invalidated, even if the user has not yet
`been authenticated by the use of the password, in case where
`been authenticated by the use of the password, in case where
`a predetermined time period has lapsed after the password is
`a predetermined timeperiod has lapsed after the password is
`generated. In this manner, the Safety of the authentication
`generated. In this manner, the safety of the authentication
`can be guaranteed even in case where the user for Some
`can be guaranteed even in case where the user for some
`reasons has lost or forgotten the password and left the
`reasons has lost or forgotten the password andleft the
`password untouched without being authenticated.
`password untouched without being authenticated.
`It is especially preferable that the telephone whose tele
`It is especially preferable that the telephone whosetele-
`phone number is registered in the Step (1) is a portable
`phone numberis registered in the step (1) is a portable
`
`10
`
`15
`15
`
`25
`25
`
`30
`
`35
`35
`
`40
`40
`
`45
`45
`
`50
`50
`
`55
`55
`
`60
`60
`
`65
`65
`
`US 6,731,731 B1
`US 6,731,731 B1
`
`4
`4
`mobile communication terminal. Herein, the portable
`mobile communication terminal. Herein,
`the portable
`mobile communication terminal means a portable telephone
`mobile communication terminal meansa portable telephone
`Such as a so-called cellular phone or a PHS (personal handy
`such as a so-called cellular phone or a PHS (personal handy
`phone System) terminal. In the present invention, the por
`phone system) terminal. In the present invention, the por-
`table mobile communication terminal is used as a device
`table mobile communication terminal is used as a device
`which is analogous to the conventional password generator.
`which is analogous to the conventional password generator.
`Since the portable mobile communication terminal has
`Since the portable mobile communication terminal has
`already been wide spread, this inventio
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
