Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Internet third-party authentication using electronic tickets

a technology of electronic tickets and third-party authentication, applied in the field of computer information security and the internet, can solve the problems of affecting the security of the password, the difficulty of taking advantage of the system, and the difficulty of obtaining a consolidated view of the internet or on-line account of the customer, so as to reduce the likelihood of password theft, prevent password theft, and reduce the security and safety of the password

Inactive Publication Date: 2007-11-15
WELLS FARGO BANK NA
View PDF27 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0007] When a customer visits the aggregator's web site, the aggregator will typically display a list of bank, credit card, brokerage, shopping and other financial accounts, along with associated balances, in a concise, consistent and consolidated fashion. The aggregator's site usually also has features to “drill down” into details about any account, showing transactions, history and trends. If the aggregator offers bill payment features, customers can also view on-line versions of bills and statements, including transaction details. Many aggregators also allow customers to schedule bill payments—where the aggregator moves money from customers' bank accounts to vendors or other accounts either electronically or by mailing actual checks. Since an aggregator may track uncleared transactions, the financial information kept by an aggregator may be more up to date than customer's account data at each bank, brokerage or vendor. An aggregator makes customers' on-line financial life much easier to manage. The aggregator is, in effect, a personal financial agent on the Internet. How Do Aggregators Work?
[0012] When banks and other commercial web sites created their username / password schemes, they intended that only the consumer associated with each username know the secret password. In many cases, banks don't even store actual passwords. Instead, they store only a mathematically hashed value based on the password, which is enough information necessary to detect a valid password. In other words, many banks don't actually know a password, but they can determine if the customer really knows it. Storing password information in this manner reduces the likelihood of password theft by bank employees. This method also helps prevent password theft by Internet hackers.
[0013] When consumers provide passwords to an aggregator, they reduce the security and safety of their passwords because they are stored at an aggregator's computing facility in a reproducible form. Even if the aggregator stores encrypted passwords, this is less secure than a mathematical hash, because, unlike a bank, the aggregator can reproduce the original passwords. An aggregator's unscrupulous employee or an Internet hacker could exploit this risk and steal passwords.
[0017] Much of public key cryptography relies on unique properties of extremely large prime numbers (hundreds or more digits long) and a technique patented in 1983 by R. L. Rivest, A. Shamir, and L. M. Adleman. This technique, commonly known as RSA encryption (named for its inventors), allows any general-purpose computer to generate a pair of mathematically related numbers, known as encryption keys (or just “keys”), within a few seconds. Typically, one of the keys is called the private or secret key because the key owner must protect and secretly store the only copy of the private or secret key. The other number is called the public key because it can safely be shared with anyone.
[0033] (e) to create an electronic document (ticket), for example, that eliminates, or least substantially minimizes, damaging security consequences if it is lost or stolen;

Problems solved by technology

These factors may be confusing and frustrating for consumers.
So, while the Internet revolutionized the way consumers access information, taking advantage of it is often difficult and cumbersome.
Obtaining a consolidated view of a customer's Internet or on-line accounts could easily require hours of manual effort, working at a computer, visiting many web sites.
Screen scraping is not a perfect technology, however.
If a web site changes its appearance or process flow, the aggregator may not be able to accurately obtain (or scrape) the information from the web site.
However, these techniques have not yet been widely adopted.
Many consumers recognize the benefits provided by aggregators, but feel uncomfortable providing aggregators unlimited access to passwords and other private information.
If the security at an aggregator's web site is compromised, unscrupulous parties could steal customers' private and confidential information and passwords.
In many cases, banks don't even store actual passwords.
Storing password information in this manner reduces the likelihood of password theft by bank employees.
When consumers provide passwords to an aggregator, they reduce the security and safety of their passwords because they are stored at an aggregator's computing facility in a reproducible form.
Even if the aggregator stores encrypted passwords, this is less secure than a mathematical hash, because, unlike a bank, the aggregator can reproduce the original passwords.
An aggregator's unscrupulous employee or an Internet hacker could exploit this risk and steal passwords.
However, this does not guarantee that the customer's confidential information has been removed.
The customer has no method to detect when an aggregator accesses his accounts, so they cannot easily feel confident that all access has been terminated.
The risks described here, plus financial liability and other regulatory risks, are roadblocks to widespread acceptance of aggregators by consumers, commercial web sites and government regulators.
Although the RSA methods can easily generate a key pair within a few seconds, the process to reconstruct a key pair is extremely difficult.
If one key in a pair is lost, it could take the world's fastest computers many years to decompose the known key and recalculate the lost key.
If someone has your public key, it is very difficult (almost impossible) for him or her to determine your private or secret key.
Although the technology exists, and the software is readily available, the use of digital certificates has not yet been widely adopted by consumers.
Once an SSL session is established, it is very difficult (almost impossible) for a third party to eavesdrop and examine the data flowing between the end computers.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Internet third-party authentication using electronic tickets
  • Internet third-party authentication using electronic tickets
  • Internet third-party authentication using electronic tickets

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] For purposes of illustration, FIGS. 1 through 4 (taken in conjunction with the following description) illustrate merely exemplary embodiments of the invention, shown in the context of a commonly-encountered customer, aggregator and bank relationship for securely communicating a customer's personal and private banking, commerce-related information or other confidential information over the Internet. One skilled in the art will readily recognize that the present invention is equally applicable to other contexts in which confidential information is securely communicated among three or more parties, and even those using communication media other than the Internet.

[0047] As illustrated in FIG. 1A, commerce web sites 103, 104 provide customers 101 access to customer private or confidential data 105 using the Internet 102, standard operating software 107, 112 and computers 103, 110. Although FIG. 1A only shows one instance of customer private data 105, it is not uncommon for a cust...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A method, software and apparatus facilitates one or more third-party agents to securely access a customer's or other first party's private personal and financial data or other such confidential information from a second party, preferably on the Internet. A security document or ticket is presented to the second party for verifying the customer's consent to grant such access to the third party. The second party only communicates such confidential information to the third party if the security document is found to be valid. The security document, which can be at least partially encrypted, can also include a preselected expiration time, beyond which it is not valid.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS [0001] This application is entitled to the benefit of, and claims priority to, U.S. Provisional Patent Application Ser. No. 60 / 223,825, filed Aug. 8, 2000 entitled “INTERNET THIRD-PARTY AUTHENTICATION USING ELECTRONIC TICKETS.”BACKGROUND AND SUMMARY OF THE INVENTION [0002] The invention relates generally to computer information security and the Internet, and more specifically to methods that permit one or more third-party agents to access customers' private personal and financial data or other confidential information on the world-wide-web. The invention was originally designed as a method for banks and bank customers to mutually approve one or more third party agents (such as aggregators, for example) to access customer confidential data via the Internet. It is also applicable, however, in any situation involving computers where an agent's computer or computers act as an intermediary between computers of two other parties and where access to ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(United States)
IPC IPC(8): H04L9/32G06F21/00G06Q30/00H04L29/06
CPCG06F21/33G06F21/6209G06Q20/3821H04L63/126G06Q30/06G06Q50/188H04L63/0807G06Q20/401
Inventor JANCULA, JEFFREY JOHN
Owner WELLS FARGO BANK NA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products