Multi-factor authentication system and method

US 10,061,912 B2
Filed: 07/07/2017
Issued: 08/28/2018
Est. Priority Date: 12/04/2013
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

providing, by a first device having a memory and at least one processor, an initial authentication data to a second device, the second device being different from the first device, the first device comprising a mobile device;

obtaining, by the first device, a first response data from the second device subsequent to providing the initial authentication data to the second device;

generating, by the first device, a first subsequent authentication data using the first response data in response to the obtaining of the first response data, the first subsequent authentication data being different from the initial authentication data, the generating the first subsequent authentication data comprising;

transmitting an authentication data request to a third device, the third device being different from the first device and the second device; and

receiving the first subsequent authentication data from the third device; and

providing, by the first device, the first subsequent authentication data to the second device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method of multi-factor authentication are described. In some embodiments, a first device provides an initial authentication data to a second device. The second device is different from the first device. The first device obtains a first response data from the second device. The first device generates a first subsequent authentication data using the first response data. The first subsequent authentication data is different from the initial authentication data. The first device provides the first subsequent authentication data to the second device. In some embodiments, obtaining the first response data comprises capturing the first response data from the second device using a camera on the mobile device, where the first response data is displayed on the second device.

Citations

18 Claims

1. A computer-implemented method comprising:
- providing, by a first device having a memory and at least one processor, an initial authentication data to a second device, the second device being different from the first device, the first device comprising a mobile device;
  
  obtaining, by the first device, a first response data from the second device subsequent to providing the initial authentication data to the second device;
  
  generating, by the first device, a first subsequent authentication data using the first response data in response to the obtaining of the first response data, the first subsequent authentication data being different from the initial authentication data, the generating the first subsequent authentication data comprising;
  
  transmitting an authentication data request to a third device, the third device being different from the first device and the second device; and
  
  receiving the first subsequent authentication data from the third device; and
  
  providing, by the first device, the first subsequent authentication data to the second device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The computer-implemented method of claim 1, wherein the providing the initial authentication data comprises displaying image-based data on a screen of the first device, and the image-based data comprises a bar code.
  - 3. The computer-implemented method of claim 1, wherein obtaining the first response data comprises capturing the first response data from the second device using a camera on the mobile device, the first response data being displayed on the second device.
  - 4. The computer-implemented method of claim 1, wherein the first subsequent authentication data comprises image-based data.
  - 5. The computer-implemented method of claim 4, wherein the image-based data of the first subsequent authentication data comprises a bar code.
  - 6. The computer-implemented method of claim 1, wherein the first subsequent authentication data comprises audio-based data.
  - 7. The computer-implemented method of claim 1, wherein the first subsequent authentication data is generated using at least one of facial recognition data, fingerprint recognition data, and voice recognition data.
  - 8. The computer-implemented method of claim 1, further comprising:
    - obtaining, by the first device, a second response data from the second device;
      
      generating, by the first device, a second subsequent authentication data using the second response data, the second subsequent authentication data being different from the initial authentication data and the first subsequent authentication data; and
      
      providing, by the first device, the second subsequent authentication data to the second device.
  - 9. The computer-implemented method of claim 1, wherein the first subsequent authentication data is generated by the first device using an algorithm stored on the first device.

10. A system comprising:
- a first device having at least one hardware processor and comprising a mobile device; and
  
  a non-transitory computer-readable medium storing executable instructions that, when executed, cause the at least one hardware processor of the first device to perform operations comprising;
  
  providing an initial authentication data to a second device, the second device being different from the first device;
  
  obtaining a first response data from the second device subsequent to providing the initial authentication data to the second device;
  
  generating a first subsequent authentication data using the first response data in response to the obtaining of the first response data, the first subsequent authentication data being different from the initial authentication data, the generating the first subsequent authentication data comprising;
  
  transmitting an authentication data request to a third device, the third device being different from the first device and the second device; and
  
  receiving the first subsequent authentication data from the third device; and
  
  providing the first subsequent authentication data to the second device.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The system of claim 10, wherein the providing the initial authentication data comprises displaying image-based data comprises a bar code on a screen of the first device.
  - 12. The system of claim 10, wherein obtaining the first response data comprises capturing the first response data from the second device using a camera on the mobile device, the first response data being displayed on the second device.
  - 13. The system of claim 10, wherein the first subsequent authentication data comprises image-based data.
  - 14. The system of claim 13, wherein the image-based data of the first subsequent authentication data comprises a bar code.
  - 15. The system of claim 10, wherein the first subsequent authentication data comprises audio-based data.
  - 16. The system of claim 10, wherein the operations further comprise:
    - obtaining a second response data from the second device;
      
      generating a second subsequent authentication data using the second response data, the second subsequent authentication data being different from the initial authentication data and the first subsequent authentication data; and
      
      providing the second subsequent authentication data to the second device.
  - 17. The system of claim 10, wherein the first subsequent authentication data is generated by the first device using an algorithm stored on the first device.

18. A non-transitory computer-readable medium storing executable instructions that, when executed, cause the at least one hardware processor of the first device to perform operations comprising:
- providing an initial authentication data to a second device, the second device being different from the first device;
  
  obtaining a first response data from the second device subsequent to providing the initial authentication data to the second device;
  
  generating a first subsequent authentication data using the first response data in response to the obtaining of the first response data, the first subsequent authentication data being different from the initial authentication data, the generating the first subsequent authentication data comprising;
  
  transmitting an authentication data request to a third device, the third device being different from the first device and the second device; and
  
  receiving the first subsequent authentication data from the third device; and
  
  providing the first subsequent authentication data to the second device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
eBay Inc.
Original Assignee
eBay Inc.
Inventors
Cockcroft, Oliver Nicholas
Primary Examiner(s)
Okeke, Izunna

Application Number

US15/644,116
Publication Number

US 20170308693A1
Time in Patent Office

417 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/36   by graphic or iconic repres...

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/327   Short range or proximity pa...

G06Q 20/3272   using an audio code

G06Q 20/3274   using a pictured code, e.g....

G06Q 20/3276   using a pictured code, e.g....

G06Q 20/40145   Biometric identity checks

H04L 2463/082   applying multi-factor authe...

H04L 63/0861   using biometrical features,...

H04W 12/06   Authentication

H04W 12/65   Environment-dependent, e.g....

H04W 12/77   Graphical identity

H04W 4/80   Services using short range ...

Multi-factor authentication system and method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Multi-factor authentication system and method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links