Patent application number | Description | Published |
20080318548 | METHOD OF AND SYSTEM FOR STRONG AUTHENTICATION AND DEFENSE AGAINST MAN-IN-THE-MIDDLE ATTACKS - A man-in-the-middle attack resistant method of and system for controlling access of a user to a restricted item receives a request from a user of a first device for access to a restricted item. The system determines the physical location of the first device. The system provides a token to the user and prompts the user to send the token to a recipient using a second device. The system denies the user access to the restricted item if the token is sent from a physical location not matching the physical location of the first device. | 12-25-2008 |
20100269151 | MIGRATION ACROSS AUTHENTICATION SYSTEMS - A system, method, program product and a method for deploying a system for providing migration across authentication systems are disclosed. A system is provided that includes a login system that collects information from a user during a login process, a migration list check system that compares the information to a migration list to determine if the user is selected for migration, and a migration logic system that migrates the user from the existing authentication system to the new authentication system during the login process if the user is selected. | 10-21-2010 |
20100269162 | WEBSITE AUTHENTICATION - Embodiments of website authentication including receiving a request from a user to view a website within a graphical user interface (GUI); generating a one time password (OTP); storing the generated OTP in a database; displaying the generated OTP on the GUI; verifying an identity of the user by receiving an identification datum from a communication device; receiving an entered OTP from the user; comparing the entered OTP with the generated OTP; and communicating whether the website is authenticated. | 10-21-2010 |
20110138483 | MOBILE PHONE AND IP ADDRESS CORRELATION SERVICE - A system, method and program product for controlling access to a restricted item. A method is provided that includes: receiving a request for access to a restricted item at a computer system associated with a provider, said request originating from a client system; determining an IP address of the client system; determining a mobile phone number of a mobile phone associated with the requester; transmitting to a third party service provider the IP address and mobile phone number; and receiving back from the third party service provider a confirmation message indicating whether or not the IP address and mobile phone are located within an acceptable range of each other. | 06-09-2011 |
20120185938 | DETECTING AND DEFENDING AGAINST MAN-IN-THE-MIDDLE ATTACKS - A system, method and program product for defending against man in the middle (MITM) attacks directed at a target server. A system is provided that includes an activity recording system that records an incoming IP address, userid, and time of each session occurring with the target server; an activity analysis system that identifies suspect IP addresses by determining if an unacceptable number of sessions are occurring from a single incoming IP address during a predefined time period; and a countermeasure system for taking action against suspect IP addresses. | 07-19-2012 |
20120264405 | VERIFICATION OF TRANSACTIONAL INTEGRITY - Aspects of the present invention provide a solution for verifying the integrity of a transaction. In response to receipt of a confirmed electronic transaction from a user, a one time password is forwarded to the user. The user then initiates a telephonic communication with a verifier on the user's wireless device and provides the one time password to the verifier. The verifier authenticates the mobile telephonic device based on the device's caller identification number and determines whether the one time password provided by the user matches the one forwarded to the user. After the user is authenticated, the verifier communicates the details of the transaction that were received and the user confirms whether the details match those originally entered. | 10-18-2012 |
20130007866 | MIGRATION ACROSS AUTHENTICATION SYSTEMS - A system, method, program product and a method for deploying a system for providing migration across authentication systems are disclosed. A system is provided that includes a login system that collects information from a user during a login process, a migration list check system that compares the information to a migration list to determine if the user is selected for migration, and a migration logic system that migrates the user from the existing authentication system to the new authentication system during the login process if the user is selected. | 01-03-2013 |
20130318170 | SYSTEM FOR DETECTING THE PRESENCE OF ROGUE DOMAIN NAME SERVICE PROVIDERS THROUGH PASSIVE MONITORING - A method, system, and computer program product embodied in a computer readable storage medium are disclosed for identifying a rogue domain name service (DNS) server. Embodiments include passively monitoring traffic on a target network; and identifying a DNS resolution response in the traffic on the network. The DNS resolution response includes a mapping of a domain to an internet protocol (IP) address. The DNS resolution response is compared with a preconfigured list of known mappings of domains to IP addresses. Based on the results of the comparison, it can be determined whether the DNS resolution response is correct. In cases where the DNS resolution response is incorrect, the provider of the DNS resolution response is a rogue DNS server. | 11-28-2013 |
20130318605 | SYSTEM FOR DETECTING ROGUE NETWORK PROTOCOL SERVICE PROVIDERS - A method, system, and computer program product embodied in a computer readable storage medium are disclosed for identifying a rogue network protocol service provider. Embodiments include passively monitoring traffic on a target network, and identifying a response to a network protocol request in the traffic on the network. The source of the response to a network protocol request is compared with a preconfigured list of authorized servers. Based on the results of the comparison, it can be determined whether the source of the response is an authorized server. In cases in which the source is a server on the preconfigured list of authorized servers, the source is deemed an authorized server. In cases in which the source is not a server on the preconfigured list of authorized servers, the source is deemed to be an unauthorized, or rogue, network protocol service provider. | 11-28-2013 |
20140037074 | DETECTING MAN-IN-THE-MIDDLE ATTACKS IN ELECTRONIC TRANSACTIONS USING PROMPTS - Aspects of the invention provide a solution for detecting man-in-the-middle attacks in electronic transactions using prompts. One embodiment includes a method for authenticating an electronic transaction. The method includes: receiving an electronic transaction request from a user, determining an IP address associated with a client system from which the electronic transaction request originates, providing the user with a password associated with the electronic transaction request, receiving a telephonic communication from a telephonic device associated with the user, prompting the user, via a voice response unit, to input the password using the telephonic device, authenticating the user by comparing the inputted password and the provided password, determining a probable location of the user based on the determined IP address of the client system, communicating to the user the probable location of the user based on the determined IP address, and prompting the user to confirm the probable location of the user. | 02-06-2014 |
20150072646 | MOBILE DEVICE PASSWORD RESET - The disclosure is directed to a mobile device password reset. A method in accordance with an embodiment includes: receiving a phone call at a locked mobile device from a phone having a privileged phone number; initiating a password reset in response to the receipt of the phone call from the privileged phone number and the phone call exceeding a predetermined time duration threshold by: terminating, by the locked mobile device, the phone call from the phone having the privileged phone number; generating, by the locked mobile device, a temporary password; establishing, by the locked mobile device, a connection to the phone having the privileged phone number; displaying, by the locked mobile device, a password entry field; communicating, by the locked mobile device, the temporary password via the connection to the phone having the privileged phone number; and unlocking the locked mobile device upon successful entry of the temporary password in the password entry field displayed by the locked mobile device. | 03-12-2015 |
20150072648 | MOBILE DEVICE PASSWORD RESET - The disclosure is directed to a device password reset. A method in accordance with an embodiment includes: receiving a phone call at a locked mobile device from a phone having a privileged phone number; initiating a password reset in response to the receipt of the phone call from the privileged phone number and the phone call exceeding a predetermined time duration threshold by: terminating, by the locked mobile device, the phone call from the phone having the privileged phone number; generating, by the locked mobile device, a temporary password; establishing, by the locked mobile device, a connection to the phone having the privileged phone number; displaying, by the locked mobile device, a password entry field; communicating, by the locked mobile device, the temporary password via the connection to the phone having the privileged phone number; and unlocking the locked mobile device upon successful entry of the temporary password in the password entry field displayed by the locked mobile device. | 03-12-2015 |