Controlling access to online resources using device validations

US 10,044,725 B2
Filed: 12/18/2015
Issued: 08/07/2018
Est. Priority Date: 12/18/2015
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

receiving, by one or more computing devices, a request to engage in a verification process for a first user device to gain access to an online resource during a web session;

responsive to receiving the request to engage in the verification process, providing, by the one or more computing devices and to the first user device, a challenge token comprising data identifying a communication session between the one or more computing devices and the first user device;

receiving, by the one or more computing devices and from a second user device to which the web session has been connected;

a copy of the challenge token forwarded by the first user device to the second user device using a short-range communication technique and in response to a determination that the first user device is a non-mobile user device, anda validation request comprising a device profile associated with the second user device;

determining, by the one or more computing devices, whether to validate the second user device based at least in part on;

the validation request, anda determination of whether the device profile associated with the second user device aligns with or otherwise matches one or more acceptable device configurations indicating that the first user device is being operated by a human; and

responsive to successfully validating the second user device, granting, by the one or more computing devices, the first user device access to the online resource.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods of verifying a user are provided. In particular, a request to engage in a verification process to gain access to an online resource can be received. The request can be provided by a first user device associated with a user. A validation request associated with a second user device associated with the user can be received. The validation request can include a device profile associated with the second user device. It can then be determined whether to validate the second user device based at least in part on the device profile. When it is determined to validate the second user device, the first user device can be granted access to the online resource.

13 Citations

View as Search Results

20 Claims

1. A computer-implemented method comprising:
- receiving, by one or more computing devices, a request to engage in a verification process for a first user device to gain access to an online resource during a web session;
  
  responsive to receiving the request to engage in the verification process, providing, by the one or more computing devices and to the first user device, a challenge token comprising data identifying a communication session between the one or more computing devices and the first user device;
  
  receiving, by the one or more computing devices and from a second user device to which the web session has been connected;
  
  a copy of the challenge token forwarded by the first user device to the second user device using a short-range communication technique and in response to a determination that the first user device is a non-mobile user device, anda validation request comprising a device profile associated with the second user device;
  
  determining, by the one or more computing devices, whether to validate the second user device based at least in part on;
  
  the validation request, anda determination of whether the device profile associated with the second user device aligns with or otherwise matches one or more acceptable device configurations indicating that the first user device is being operated by a human; and
  
  responsive to successfully validating the second user device, granting, by the one or more computing devices, the first user device access to the online resource.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The computer-implemented method of claim 1, wherein:
    - the first user device comprises one or more of a desktop computing device or a laptop computing device; and
      
      the second computing device comprises one or more of a smartphone computing device, a tablet computing device, or a wearable computing device.
  - 3. The computer-implemented method of claim 1, wherein the device profile associated with the second user device is generated by an application associated with the second user device and configured to determine the device profile in response to being forwarded one or more of data indicative of the web session or the request to engage in the verification process.
  - 4. The computer-implemented method of claim 1, wherein determining whether to validate the second user device comprises determining whether to validate the second user device based at least in part on one or more of:
    - a phone number associated with the second user device;
      
      one or more wireless comedians associated with the second user device;
      
      ora number of completely automated public Turing test to tell computers and humans apart (CAPTCHA) challenges previously solved in association with the second user device.
  - 5. The computer-implemented method of claim 1, wherein granting the first user device access to the online resource comprises adjusting, based at least in part on the determination to validate the second user device, a difficulty of a verification challenge provided by the one or more computing devices to the first user device.
  - 6. The computer-implemented method of claim 1, wherein granting the first user device access to the online resource comprises providing, to the first user device, one or more of a verification token or certificate for provision by the first user device to a resource provider associated with the online resource.
  - 7. The computer-implemented method of claim 1, wherein granting the first user device access to the online resource comprises providing, to the second user device, a verification token for input by the user into the first user device.
  - 8. The computer-implemented method of claim 1, wherein the request is formatted in accordance with an application programming interface (API) associated with the one or more computing devices.
  - 9. The computer-implemented method of claim 1, wherein:
    - the online resource is associated with a resource provider; and
      
      the request comprises a public key associated with the resource provider.
  - 10. The computer-implemented method of claim 9, wherein:
    - granting the first user device access to the online resource comprises providing, to the first user device, a verification token for provision by the first user device to the resource provider; and
      
      the verification token comprises the public key associated with the resource provider.
  - 11. The computer-implemented method of claim 10, wherein the verification token comprises a hash of a user device identifier.
  - 12. The computer-implemented method of claim 10, wherein granting the first user device access to the online resource comprises receiving, by the one or more computing devices and from the resource provider, the verification token and a private key associated with the resource provider.

13. A system comprising:
- one or more processors; and
  
  a memory storing instructions that when executed by the one or more processors cause the system to perform operations comprising;
  
  receiving a request to engage in a verification process for a first user device to gain access to an online resource during a web session;
  
  responsive to receiving the request to engage in the verification process, providing, to the first user device, a challenge token comprising data identifying a communication session between the system and the first user device;
  
  receiving, from a second user device to which the web session has been connected;
  
  a copy of the challenge token forwarded by the first user device to the second user device using a short-range communication technique and in response to a determination that the first user device is a non-mobile user device, anda validation request comprising a device profile associated with the second user device;
  
  determining whether to validate the second user device based at least in part on;
  
  the validation request, anda determination of whether the device profile associated with the second user device aligns with or otherwise matches one or more acceptable device configurations indicating that the first user device is being operated by a human; and
  
  responsive to successfully validating the second user device, granting the first user device access to the online resource.
- View Dependent Claims (14, 15, 16)
- - 14. The system of claim 13, wherein the device profile associated with the second user device is generated by an application associated with the second user device and configured to determine the device profile in response to being forwarded one or more of data indicative of the web session or the request to engage in the verification process.
  - 15. The system of claim 13, wherein determining whether to validate the second user device comprises determining whether to validate the second user device based at least in part on one or more of:
    - a phone number associated with the second user device;
      
      one or more wireless connections associated with the second user device;
      
      ora number of completely automated public Turing test to tell computers and humans apart (CAPTCHA) challenges previously solved in association with the second user device.
  - 16. The system of claim 13, wherein granting the first user device access to the online resource comprises adjusting, based at least in part on the determination to validate the second user device, a difficulty of a verification challenge provided by the one or more computing devices to the first user device.

17. One or more non-transitory computer-readable media comprising instructions that when executed by one or more computers cause the one or more computers to perform operations comprising:
- receiving a request to engage in a verification process for a first user device to gain access to an online resource during a web session;
  
  responsive to receiving the request to engage in the verification process, providing, to the first user device, a challenge token comprising data identifying a communication session between the one or more computers and the first user device;
  
  receiving, from a second user device to which the web session has been connected;
  
  a copy of the challenge token forwarded by the first user device to the second user device using a short-range communication technique and in response to a determination that the first user device is a non-mobile user device, anda validation request comprising a device profile associated with the second user device;
  
  determining whether to validate the second user device based at least in part on;
  
  the validation request, anda determination of whether the device profile associated with the second user device aligns with or otherwise matches one or more acceptable device configurations indicating that the first user device is being operated by a human; and
  
  responsive to successfully validating the second user device, granting the first user device access to the online resource.
- View Dependent Claims (18, 19, 20)
- - 18. The one or more non-transitory computer-readable media of claim 17, wherein the device profile associated with the second user device is generated by an application associated with the second user device and configured to determine the device profile in response to being forwarded one or more of data indicative of the web session or the request to engage in the verification process.
  - 19. The one or more non-transitory computer-readable media of claim 17, wherein determining whether to validate the second user device comprises determining whether to validate the second user device based at least in part on one or more of:
    - a phone number associated with the second user device;
      
      one or more wireless connections associated with the second user device;
      
      ora number of completely automated public Turing test to tell computers and humans apart (CAPTCHA) challenges previously solved in association with the second user device.
  - 20. The one or more non-transitory computer-readable media of claim 17, wherein granting the first user device access to the online resource comprises adjusting, based at least in part on the determination to validate the second user device, a difficulty of a verification challenge provided by the one or more computing devices to the first user device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google LLC (Alphabet Inc.)
Inventors
Malenfant, Aaron, Shao, Haidong, Fedor, Jason, Gu, Jiexing, Liu, Wei, Liao, Hongshu, Liu, Ying
Primary Examiner(s)
Kabir, Jahangir

Application Number

US14/973,842
Publication Number

US 20170180384A1
Time in Patent Office

963 Days
Field of Search

726 4, 726 5, 726 7
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 2221/2133   Verifying human interaction...

H04L 63/0853   using an additional device,...

H04L 63/0876   based on the identity of th...

H04L 63/102   Entity profiles

H04L 63/12   Applying verification of th...

Controlling access to online resources using device validations

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

13 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Controlling access to online resources using device validations

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links