
Kim Dotcom has a patent on 2-step authentication  - denzil_correa
https://www.google.com/patents/US6078908
======
jacques_chester
Well it appears on the surface to cover cases where an SMS message is sent to
a mobile phone. But it wouldn't cover stuff like having a swipe card +
password, or having two passwords etc etc.

Edit: OK, further reading reveals that it's about per-transaction
_authorisation_ (eg bank to bank transfers), not _authentication_. So actually
it's quite different from the SMS passcode usecase that Google, Facebook etc
are doing.

The equivalent would be getting an SMS with a passcode before sending an
email. Not getting it before you log in.

(IANAL, TINLA)

~~~
rdl
Plenty of prior art, though.

------
denzil_correa
For people to understand more on the context of this link posted, "Kim Dotcom
accuses Google, Facebook, and Twitter of violating his two-step security
patent" [0]. You may also find his Twitter feed interesting [1].

    
    
        I never sued them. I believe in sharing knowledge & ideas for the good of society. But I     
        might sue them now cause of what the U.S. did to me
    
    
        Google, Facebook, Twitter, I ask you for help. We are all in the same DMCA boat. Use my 
        patent for free. But please help funding my defense.
    
    
    

[0] [http://www.theverge.com/2013/5/22/4357500/kim-dotcom-
claims-...](http://www.theverge.com/2013/5/22/4357500/kim-dotcom-claims-he-
invented-two-step-verification)

[1] <https://twitter.com/KimDotcom>

~~~
bdcravens
Patent for free if they fund his defense? Pretty sure that's not my definition
of "free"

~~~
netshroud
One dose of extortion coming right up!

~~~
jacques_chester
I think he's about to learn that these companies have more and better patent
lawyers than god and more money than the devil to pay for an unending trial.

If a schmuck like me can pop that balloon, I hate to think what a half-
competent patent lawyer could do.

~~~
denzil_correa
The article on The Verge says

    
    
        While there are likely many who could lay claim to an innovation such as two-step, 
        Dotcom's patent — filed under his birth name, Kim Schmitz — appears to hold some water. 
        It claims priority back to 1997, which would make it difficult to invalidate, and has 
        wide coverage. Despite its age, it illustrates the current concept of two-step 
        authentication by detailing how a secondary access code could be sent via pager or SMS.
    

I'm not sure what to believe. A patent lawyer's opinion on HN would help
perhaps?

~~~
jacques_chester
My point, to summarise:

authentication != authorisation.

From which it follows:

Two-factor authentication != two-factor authorisation.

 _The patent does not cover authentication_ , on my reading.

------
__sam
His twitter account could be of some interest. He seems to primarily
considered with the whole MegaUpload thing and is using this patent as
evidence of his contributions to tech. (see
<https://twitter.com/KimDotcom/status/337358180914982912>)

His most recent tweet is him selling this patent:
<https://twitter.com/KimDotcom/status/337410056859566080>

~~~
jacques_chester
The problem is that he's spruiking it as two-factor _authentication_ , but the
patent itself talks about _authorisation_.

In the body of the patent itself, authentication is mentioned in passing only:

* That there's an authentication server which knows a password;

* That mobile phones are one channel mentioned in the patent and DES is used in the mobile phone system (at the time) for, among other things, authentication.

* That an authentication server could blacklist a lost identity card.

And that's it.

He's grandstanding.

(IANAL, TINLA)

~~~
revelation
He might have just bought it from someone. A modern L'Hopital, if you will.

(see:
[http://en.wikipedia.org/wiki/Johann_Bernoulli#L.27H.C3.B4pit...](http://en.wikipedia.org/wiki/Johann_Bernoulli#L.27H.C3.B4pital_controversy))

------
legalbeagle
He has effectively announced that he won't enforce the patent and he has
apparently not attempted to do so in all these years. The patent means nothing
(except that it could serve as prior art to defeat a subsequent patent claim).

------
fmax30
Hmm I am pretty sure that he can sell this patent to a patent troll , which
could in effect sue these companies.

------
zobzu
thanksfully there's some prior art to 1997, but still. patent system is such a
pile of crap :/

------
tracker1
Trigger cease and desist letters to banks, and online record/movie stores in
5...4...3...2..1 (payback is a bitch)

~~~
damncabbage
None of this would benefit anyone other than Mr Dotcom.

(Payback to who for what exactly?)

~~~
pyre
The implication is that the tactics used against Kim Dotcom were done so at
the behest of Hollywood pressuring the US government to 'do something,' who
then in turn leaned on the NZ government to 'do something.' That's the
Hollywood part of the comment.

I guess the 'banks' part is because Kim's assets were frozen, but that's not
the fault of the banks. There's no need for revenge against them.

~~~
tracker1
Kind of.. I actually spouted it off as a joke, but several people didn't like
it apparently, or didn't see it as so.

The Hollywood part is spot on... the bank part was me confusing some bits of
the actions against wikileaks with kimdotcom/megaupload.

~~~
damncabbage
Sorry. I think was Poe's Law[1] in action again.

1\. <http://en.wikipedia.org/wiki/Poes_law>

