Dual Authentication using a Password Card

Abstract

A method and apparatus for providing and processing two-factor authentication using a Password Card. There is a need to increase security during the authentication process. There are many existing two-factor authentication that exist providing improvement in security during the authentication process. Most of those existing solutions required to use a mobile phone, an external web site or external electronic devices such as card ids. The need to reduce the cost of using other devices and the effectiveness to be able to create and/or renew such systems are the main reason for this invention. This invention outlines the use of a simple password card that the user can download or print at any time using the internet.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a division of application Ser. No. 15/207,960, filed 17 Jul. 2016.

FIELD OF THE INVENTION

The present invention relates to systems and methods for two-factor authentication method in information systems.

BACKGROUND OF THE INVENTION

There is a growing interest in the world of computerized systems to increase security related to authentication. A dual authentication system helps to provide enhance security. There are many dual authentication systems available today using devices and services such as mobile phones, SMS, card ids, etc . . . This invention provides a dual authentication system without the need for an extra electronic device such as a mobile phone or card ids and therefore helps reduce costs while increasing security. Using this invention, a user would save or print a password card which will then be available to confirm a series of character location during the authentication process.

This invention provides more security then other two-factor authentication requiring a PIN since the system inquiry is only the location of characters based on the printed or saved Password Card. If that information was captured by a hacker, it will not compromise the security of the system and the hacker won't be able to provide the answer to the system to complete the two-factor authentication.

This invention helps increase security since the password card can be renewed, or updated while minimizing cost and delays in order for the end user to start using such solution. If a user would use a SMS system for his two-factor authentication, an external service must be available through a mobile phone or a website accessing that SMS Pin information. In the case the user uses a card id, that card id must be issued by a provider and is in the form of an electronic device. A shipment of the device must occurred to the end user which is increasing delay and furthermore that device could be lost. This invention resolve those issues because the password card can be printed, renewed and/or updated, there is no delay or shipment necessary and no extra external devices is required. This invention can be use offline as well without the need of any electronic devices.

BRIEF SUMMARY OF THE INVENTION

In summary, the Dual Authentication using a password card solution of the present invention provides to the user a more secure and effective way to process two-factor authentication. The system allows the user to save, update and download a password card which is used in the two-factor authentication. The system provides an inquiry of plurality of position of characters and the user must provide the corresponding characters using those position on the Password Card.

BRIEF DESCRIPTION

The accompanying drawings, which are incorporated herein and form part of the specification, illustrate various embodiments of the present invention and, together with the description, further serve to explain the principles of the invention and to enable a person skilled in the pertinent art to make and use the invention. In the drawings, like reference numbers indicate identical or functionally similar elements.

FIG. 1 is an example of a password card of x width and y height and that contains a plurality of characters.

FIG. 2 is a flow diagram illustrating a general method for operation on how the user enables the two-factor authentication and generate the associated Password Card.

FIG. 3 is a flow diagram illustrating a general method for operation on how the user updates the two-factor authentication and generate the associated updated Password Card.

FIG. 4 is a flow diagram illustrating a general method for operation on how the user authenticate using the two-factor authentication and how the system and user interact with the Password Card.

DETAILED DESCRIPTION OF THE INVENTION

There are many computerized systems requiring two-factor authentication because of the demand for accessing more secure systems. There are solutions providing two-factor authentication available today but they required the user to use external third party devices or software. For example, in the case of SMS, a user will required to use a mobile phone or an external software to obtain the PIN to complete the process of the two-factor authentication. Another example, using a card id device provided by a bank, a user must turn it on and generate a PIN using that device in order to complete the two-factor authentication. That device is not easily replaceable and that they are substantial delays to receive it or to change it. That device can also be lost leaving the user without access.

This solution provide an effective way to obtain a password card that will be used during the two-factor authentication process and without much delay since it's available online on the internet. An example of a password card is shown in FIG. 1 which is a matrix x by y of plurality of characters, where x represent a plurality of columns and y represents a plurality of rows. The user will access the system in order to turn on the two-factor authentication as shown in FIG. 2 (100) if the two-factor authentication is optional. The user will then provide information on the format of the password card (110) consisting of a character sets and size of the matrix. The system will generate and preserve the password card (120) and the user can then print it or download it (130) at any time. The character sets represent a plurality of possible characters that the system will use to generate the plurality of random characters of the password card.

There is a need for a solution that is effective, minimizing delay for renewal if the system is lost. In the case of this invention, the password card is what the user needs and that password card can be replaced, re-printed or downloaded at any time using internet and as shown in FIG. 3. After the user is authenticated (200), that user updates the password card information to the system (210) and the system generates a new password card (220) to be printed or downloaded by the user (230).

There is a need for a solution that provides inquiries decreasing the possibilities to be hacked. For example, in the case of SMS, the PIN is sent to the user and could be intercepted by a hacker. In the case of this invention, the inquiry sent to the user is a plurality of position of characters and does not represent the answer to provide in order to complete the two-factor authentication process. This decrease the chance to be hacked and therefore improve security.

After the user enters successfully the login and password to access a system as shown in FIG. 3 (300), the system will verify is the two-factor authentication is enabled if it is optional (310) and then if it's enabled (320) and/or required, the system will generate a random plurality of position x and y using the location of plurality of characters on the password card (330) and then will provide this inquiry to the user. The user uses the plurality of positions and finds the corresponding characters on the password card (340) and provides those characters as the answer to complete the two-factor authentication process. The system validates the answer provided by the user (350) and if those plurality of characters provided matches, the authentication is completed successfully and the user can access the system. If the plurality of characters provided do not match, the authentication process failed and the user is not allowed to access the system.

Claims

1. A method for providing an apparatus to authenticate into a system securely with a two-factor authentication using a Password Card, the method comprising:

1.1. A computer processing system providing validation and generation

1.2. A user that desires and use two-factor authentication where a user can be a person or a separated system.

1.3. A password card comprising of a visual grid comprising; 1.3.1. plurality of columns and rows and where each cell of that grid contains one character or a plurality of characters

2. The method of claim 1, wherein the password card generated by the system is defined by a plurality of possible characters defined by the user.

3. The method of claim 2, wherein the password card size is defined by the user which is composed of a plurality of columns x and a plurality of rows y.

4. The method of claim 3, wherein the password card can be downloaded and/or printed.

5. The method of claim 3, wherein the system generates an inquiry composed of a plurality of coordinates representing locations of randomly selected characters on the password card.

6. The method of claim 5, wherein the user is presented by the inquiry generated by the system in order to provide to the system the corresponding characters located on the password card.

7. The method of claim 6, wherein the system validates the answer of the inquiry by the user to complete the two-factor authentication successfully or unsuccessfully.

8. The method of claim 3, wherein the user can modify the password card size and the possible characters to be used in the generation of the password card.