Browse Prior Art Database

METHOD AND SYSTEM FOR UNIVERSAL AUTHENTICATION OF INTUIT IDENTITY

IP.com Disclosure Number: IPCOM000241236D
Publication Date: 2015-Apr-07
Document File: 3 page(s) / 626K

Publishing Venue

The IP.com Prior Art Database

Related People

Ravi Iyer: AUTHOR

Related Documents

158939: IP.COM

Abstract

This document outlines a proposal for enhancing Intuit web application authentication and making it much easier such that verification of the user logging into the Intuit Web application is done to ensure it is actually the same person whose credentials are being used. It is proposed to do this without the need for a separate device (RSA SecurID) or application (RSA SoftToken) for 2-factor-authentication as well as without manual entry of username or password needed

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 01 of 3

METHOD AND SYSTEM FOR UNIVERSAL AUTHENTICATION OF INTUIT IDENTITY

Abstract:

This document outlines a proposal for enhancing Intuit web application authentication and making it much easier such that verification of the user logging into the Intuit Web application is done to ensure it is actually the same person whose credentials are being used. It is proposed to do this without the need for a separate device (RSA SecurID) or application (RSA SoftToken) for 2- factor-authentication as well as without manual entry of username or password needed

Details

Today, customers use one or more Intuit applications across multiple devices (web, iPhone, tablet, etc.). In each of these cases, the customer/user has to manually login to the application on that device.

In this scenario, there is no way for the application to verify that the user who is logging into the application is the actual user of the application (which is illegal in some cases). To enhance security, we could enforce 2-factor authentication (what I know and what I have) which is inconvenient involving additional hardware.

This idea proposes utilizing an existing device with the customer (the ubiquitous smartphone) to enable rock solid authentication - doing away with even username/password entry manually.

The target segment for this solution is any user of Intuit web and mobile applications.

Solution Overview:
 Any Intuit mobile app running on the user's mobile device (Mint, QBO, etc.). The app will enforce entry of a secure 4-6 digit PIN to enable access every time the user returns to use it.

 User opens www.intuit.com to access ANY Intuit application on the web. On the Intuit web page, user is shown a QR Code

 User opens mobile app (QBO/Mint/Check) which they want to access on the web

 The mobile app opens the camera and scans the QR Code
 Using the user details (Intuit Credentials) on the mobile device and the source of scanning (the mobile app), the user is verified and logged into the web applicaiton securely, automatically and seamlessly.


Page 02 of 3

Solut...