In the modern world it is often necessary or desirable to restrict access to a resource to one or more authorized users. For example access to resources such as physical facilities, information databases and accounts is typically restricted to specific users. Authorization of users is most often accomplished by use of access codes such as a personal identification number (PIN), a user name or passwords or a combinations thereof, or tangible media such as a key, a credit card, a debit card or an ID card.

Access codes are prone to theft and/or fraudulent use because they are easily transferred or intercepted. In many cases, an authorized user may be unaware that their PIN code has been intercepted by another and is being used for unauthorized access.

Tangible media is slightly better than access codes because a user is more likely to notice the absence of tangible media if it is lost or stolen. However, tangible media is susceptible to unauthorized duplication and forgery. Typically, a bearer of tangible media is not challenged when requesting access to a resource, this

means that possession grants full access.

Further, in the case of credit/debit cards, information imprinted on the media such as account number and expiration date may suffice for purposes of a telephone or internet transaction.

Known in the art are several location based user authentication systems.

US Patent No. 6,097, 938, for example, discloses a system and a method for determine whether the mobile unit is a fraudulent user of the cellular communication network. Every time the cellular terminal is used, the system receives an identification number for a mobile unit as well as a location code. The system then compares the current location code with a previously received location code. Given that there are natural physical constraints on how quickly a mobile unit can move from one location to another, the system can thereby determine if there are two mobile units using the same identification number. This system may only prevent the duplication of cellular terminals, based on location information, and the authentication process may only occur when the user initiates a call.

PCT Patent Application No. 9641488 describes a system for detecting fraud on electronic networks. This system records the geographical location of the network terminal every time it is used. A single user may have several network terminals, all carrying the same identification code (SIN number). The system then checks if by dividing the geographic distance between every two sequential uses of the terminal of a single user, by the time elapsed between them, exceeds a reasonable ground speed limitation predetermined by the system administrators.

As with the patent described above, this invention performs passive location verifications and depends on two sequential logins of the user to validate the user identification.

There is thus a need for systems and methods for actively verifying user identity while approving a transaction, in real time, devoid of the above limitation.

SUMMARY OF THE INVENTION The system and method verifies user identity by verifying the user presence at the place of transaction. The verification is carried out by locating his or her associated traceable device. A system for authenticating a user request for processing secure procedure, said system comprised of means for receiving user request for secure procedure including a tentative identification of a specific user; means for detecting a first location from which the request originates; means for active detection of a second location at which at least one wireless device associated with said specific user is located. Said first location and said second iocation are compared in order to produce a proximity indicator. The system also includes logic means for evaluating authentication level of the request for the secure procedure in accordance with said proximity indicator and at least one predetermined rule. The said first location is detected by evaluation of at least one identifying information detail and the wireless device is selected from the group consisting of cellular telephones an alpha numeric pager and a dedicated user tracking device.

The proximity indicator is determined as the distance between said first location

and said second location. Either of the locations may be defined as an exact point or as an area. The secure procedure may be, for example, a credit card payment transaction or an accessing an electronic information resource request.

The request is originated by a designated terminal and the detection of the first location is based on defined lookup table including information of different designated terminals locations. The system also includes means for creating and editing said lookup table, wherein the designated terminal location are determined according to prior secure procedures activities associated with said terminal wherein said activities location are identified according to associated wireless devices. The wireless devices are associated with identified users according to updated look up table correlating between users ID and their wireless devices, which are designated for the authentication process.

A method for authenticating a user request for processing a secure procedure is comprised of the following steps : receiving user request for secure procedure including a tentative identification of a specific user ; detecting a first location from which the request originates; actively detecting of a second location at which at least one wireless device associated with said specific user is located; and comparing said first location and said second location to produce a proximity indicator.

BRIEF DESCRIPTION OF THE DRAWINGS The invention is herein described, by way of example only, with

reference to the accompanying drawings. With specific reference now to the drawings in detail, it is stressed that the particulars shown are by way of example and for purposes of illustrative discussion of the preferred embodiments of the present invention only, and are presented in the cause of providing what is believed to be the most useful and readily understood description of the principles and conceptual aspects of the invention. In this regard, no attempt is made to show structural details of the invention in more detail than is necessary for a fundamental understanding of the invention, the description taken with the drawings making apparent to those skilled in the art how the several forms of the invention may be embodied in practice.

In the drawings: FIG. 1 is a diagram illustrating the system's principal components according to the preferred embodiment of the present invention; FIG. 2 is a flow diagram of the authorization algorithm according to the preferred embodiment of the present invention; FIG. 3 is a flow diagram of the managing vendors'location lookup table algorithm according to the preferred embodiment of the present invention.

DESCRIPTION OF THE PREFERRED EMBODIMENTS The present invention is decision supporting systems and methods for authenticating users'requests which may be used to prevent the processing of fraudulent secure procedures. Specifically, the present invention may help evaluate the authenticity of users'requests at the time of a transaction approval by

comparing the location of the transaction request with the location of a wireless network entity associated with an authorized user. Comparison between locations may also be subsequent thereto. The principles of operation of systems and methods according to the present invention may be better understood with reference to the drawings and accompanying descriptions.

Before explaining at least one embodiment of the invention in detail, it is to be understood that the invention is not limited in its application to the details of construction and the arrangement of the components set forth in the following description or illustrated in the drawings. The invention may include other embodiments and may be practiced or carried out in various ways. Also, it is to be understood that the phraseology and terminology employed herein is for the purpose of description and should not be regarded as limiting.

The term"user"as employed in this specification and the accompanying claims may refer to an individual or to a group of individuals. For purposes of this specification and the accompanying claims the term"account"refers to any calculation of monetary indebtedness. This definition specifically includes, but is not limited to, a credit card account, a bank account and a customer account with a commercial entity (e. g. line of credit).

For purposes of this specification and the accompanying claims, the term processing secure procedure should be construed in its broadest possible sense.

Secure procedures may include the authorizing of physical access such as, for example, opening of a gate, door, or lock, or electronic procedures such as, for example, and access to stored data and/or an account belonging to specific user.

Electronic secure procedure specifically includes, but is not limited to, electronic funds transfers.

According to the preferred embodiments of the invention the user uses at least one locatable device, which may be, for example, a cellular telephone, an alpha numeric pager or a dedicated user tracking device. For purposes of this specification and the accompanying claims, the term"cellular telephone" includes devices which have cellular telephone capabilities such as, personal digital assistants (PDAs) and portable computers as well as devices which have cellular telephonic communication as their primary function. Further included in this definition are satellite mobile phones which perform a similar function. A dedicated user tracking device might work, for example by GPS or GSM technology and could be assigned to a user for purposes of function of system by, for example, a financial institution or an employer. Such a dedicated device would preferably be small and unobtrusive so that the user would habitually carry it. A dedicated user tracking device might be incorporated into a functional and necessary item such as, for example a wrist-watch or a key.

Figure 1 is an illustration of the main components of a decision supporting system for authenticating a user request before processing secure procedure in accordance with the preferred embodiment of the present invention. In order to perform the authentication of the user holding the credit card 102 (person A) before processing a secure procedure, such as approving a credit card payment, the system locates the position of a wireless network means, such as a mobile phone 101, which is associated with the user (person B). The system then compares the

position of person A and the location of person B to produce a proximity indicator.

According to the analysis of this proximity indicator the system decides whether to produce an approval or a rejection recommendation of the user authentication procedure.

Once the user initiates a payment approval procedure the system's user authentication process commences. As with standard purchases via a credit card, the user 102 may communicate with the vendor 130 directly, provided that the purchase is carried out in person, or via other communication medium such as the phone or the Internet, and the vendor 130 communicates with the credit transaction server 150 via an authentication layer 140. In cases when the purchase is performed in person the location of person A is identical to the location of the vendor 130. For purchases done via remote communication means the location of person A is automatically acquired by the vendor terminal 130. The system holds and constantly updates the location of all relevant vendors 130 in any given area. The process of acquiring and updating the lists of vendors'locations is described below.

The credit card terminal 150 then communicates with the authentication server 160. The Server 160 is designed and configured to receive an authentication request including the identification of person A. Server 160 is further designed and configured to ascertain a location for person A from which the request originates. Acquiring this location may be accomplished, for example, by comparing data contained in a request (e. g. unique identification number, phone number or IP address) with a data directory. Thus, the system, as detailed hereinabove preferably further includes stored data 165 of the server 160

to facilitate ascertaining the location of person A from whom the request originates. This directory may include data correlating locations to, for example, unique identification numbers (e. g. vendor numbers), phone numbers or portions thereof (e. g. area codes) or IP addresses or portions thereof.

In order to ascertain the location of person B the server commences a locating process in order to find the position of the locatable device 101 which is associated with the identity of person A as registered in database 165. The system therefore farther includes identifying at least one locatable device 101 associated with specific user (person A) by means of a look-up table stored in memory 165 of server 160. Preferably location of person A is provided as a location at the time of the request, although a location of device 101 from shortly before or shortly after the time of the request can be also used. Method 80 further includes comparing 32 first location 36 and second location 37 to produce a proximity indicator.

In order to acquire the location of person B the authenticating sever 160 sends a locating query to the cellular network 190. Preferably, the proximity indicator produced by the comparison of locations of person A and person B is expressed as a distance. In some cases, it may be advantageous to define these locations as an area if the ascertaining of either of those locations is characterized by a low degree of accuracy. According to the preferred embodiments of the invention, a decision about whether to authorize a request is made by the server 160 by evaluating the proximity indicator according to a predetermined rule.

Once the server 160 analyses the proximity of the two locations and reaches an authorization conclusion the authorizing server 160 informs the credit transaction server 150, which in turn informs the vender 130.

Following is a description of the authorization algorithm, which is illustrated in figure 2, as it is conducted by the server 160. The server 160 receives the authorization request 210 which include the identity of the card holder, the details of his or her locatable mobile device and the identity of the vendor. The server then proceeds with locating the position of the user's mobile device 220 and searching the vendors'lookup table for the details of the vendor 225. The status of a vendors'location may be verified or unverified. Verified vendors are vendors which are well known to the system and their details have been checked. The procedure of handling new and unverified vendors is described below. Assuming that the vendor's details are verified its location is retrieved from the list. Having obtained the two locations the system compares them and the proximity indicator is calculated 240. The proximity indicator is then examined to determine the validity of the request 245, and having determined, an approval 260 or denial 250 recommendation of the transaction is sent back 270.

If the proximity indicator is expressed as a distance d, the rule may take the form of"Approve request if d < a predetermined distance."If, for instance location 102 is defined as an area A and location 101 is defined as a point P the rule may be formulated as"Approve request if P is in A."In case both locations 101, 102 are defined as areas A and A'respectively the rule may be phrased as"Approve request if A and A'overlap."

As mentioned above, the authentication server 160 holds and constantly updates a lookup table of the location of all possible vendors in a specific area in database 165. Following is a description of the method for managing this lookup table for unverified vendors as, illustrated in figure 3. As a new authentication request is received by the server 310 the unique vendor fD is searched for in the lists of existing vendors 320. If the vendor is found in the list and its location is verified the authentication procedure proceeds as described above. If the vendor is not found in the list, the location of the cellular device is registered as the location of the new vendor in the vendors'lookup list 340, and the authentication process terminates with no approval or denial results 380.

In case the vendor exists in the lookup table of known vendors, the system compares the registered location of the vendor and the location of the cellular device 335. If the locations match authentication is approved 370 and the approval recommendation is sent back to the credit transaction server 150. In case the locations do not match the system checks the distance between them 355. If they are found to be in close proximity the definition of the location of the vendor may be updated to include the new location 365 and the authentication is approved 370. If the distance between vendor's location and the location of the cellular device is found to be substantial the authentication is denied and the denial is sent back to the credit transaction server 150.

It is appreciated that certain features of the invention, which are, for the purpose of clarity, described in the context of separate embodiments, may also be provided in combination in a single embodiment. Conversely, various features of

the invention, which are, for brevity, described in the context of a single embodiment, may also be provided separately or in any suitable combination.

Although the invention has been described in conjunction with specific embodiments thereof, it is evident that many alternatives, modifications and variations will be apparent to those skilled in the art. Accordingly, it is intended to embrace all such alternatives, modifications and variations that fall within the spirit and broad scope of the appended claims. All publications, patents and patent applications mentioned in this specification are herein incorporated in their entirety by reference into the specification, to the same extent as if each individual publication, patent or patent application was specifically and individually indicated to be incorporated herein by reference. In addition, citation or identification of any reference in this application shall not be construed as an admission that such reference is available as prior art to the present invention.