As the amount of online presence of individuals continues to increase, identity theft is rapidly becoming a major problem. Most user have difficulty maintaining a strict regimen of regularly changed strong passwords, leading to a situation where an easily guessed, or misappropriated, password may be utilized to gain access to another users private information.
Furthermore, software arranged to steal passwords, has been developed, with a sole intent of misappropriating passwords. Such fraudster software has become quite sophisticated in its approach, with multiple angles of attack.
Mobile devices (MDs) are increasingly being used for more than voice communication due to their ubiquity, available screen and input devices. An MD as used herein includes any electronic MD used for personal functionalities such as multimedia playing, data communication over a network or voice communication. One embodiment of an MD is a mobile station, also known as a mobile communication device, mobile phone, mobile telephone, hand phone, wireless phone, cell phone, cellular phone, cellular telephone, mobile handset or cell telephone.
With the development of IEEE 802.11, and the broad establishment of the resultant wireless networks, various MDs have been developed which communicate over available wireless networks in addition to cellular telephone capabilities. Furthermore, various MDs have been developed with the ability to access the Internet both over a wireless network and/or over a cellular network.
The location of an MD in real time is rapidly become a standard feature in MD technology. In certain embodiments, the location of an MD is identified responsive to real time positioning equipment within the MD, or in communication therewith, such as a global positioning system (GPS) peripheral. In other embodiments, the location of an MD is identified responsive to multilateration from a number of antennas, or by determination of network connection information.
The incidence of identity theft has rapidly become a source of major concern. The increase sophistication of fraudulent software, and the increased prevalence of electronic identification, has combined to make this a major threat to the increased use of electronic transactions.
What is needed, and is not provided by the prior art, is a system and method for providing security for transactions, preferably without requiring a strict password regimen. Furthermore, such a system and method is preferably hardened against fraudster software, and preferably executes on line without excessive delay. Preferably, such a system provides for positive identification of a user.