Systems and methods for device to device authentication

US 10,091,007 B2
Filed: 04/04/2016
Issued: 10/02/2018
Est. Priority Date: 04/04/2016
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a user device by an authentication computing device, the method comprising:

generating, using the authentication computing device, a locked data file for use in authenticating a user device enrolled in an authentication service, the locked data file configured to process a challenge and generate a challenge response;

transmitting the locked data file from the authentication computing device to a first user device as part of the first user device enrolling in the authentication service, causing the locked data file to be installed on the first user device;

receiving, at the authentication computing device, an authentication request for a transaction initiated using the first user device;

generating, using the authentication computing device, the challenge based on the authentication request;

transmitting the challenge directly from the authentication computing device to the first user device, wherein the challenge requests a current activated lifetime of the locked data file, and wherein the current activated lifetime is a time difference between a first time when the first user device receives the locked data file and a second time when the first user device receives the challenge; and

receiving, at the authentication computing device, the challenge response directly from the first user device to authenticate the first user device, wherein the challenge response includes the current activated lifetime.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for authenticating a user device by an authentication computing device is provided. The method includes generating, using the authentication computing device, a locked data file for use in authenticating a user device enrolled in an authentication service, the locked data file is configured to process a challenge and generate a challenge response. The method further includes transmitting the locked data file from the authentication computing device to a first user device as part of the first device enrolling in the authentication service, receiving, at the authentication computing device, an authentication request, generating, using the authentication computing device, the challenge based on the authentication request, transmitting the challenge from the authentication computing device to the first user device, and receiving, at the authentication computing device, the challenge response from the first user device to authenticate the first user device.

Citations

11 Claims

1. A method for authenticating a user device by an authentication computing device, the method comprising:
- generating, using the authentication computing device, a locked data file for use in authenticating a user device enrolled in an authentication service, the locked data file configured to process a challenge and generate a challenge response;
  
  transmitting the locked data file from the authentication computing device to a first user device as part of the first user device enrolling in the authentication service, causing the locked data file to be installed on the first user device;
  
  receiving, at the authentication computing device, an authentication request for a transaction initiated using the first user device;
  
  generating, using the authentication computing device, the challenge based on the authentication request;
  
  transmitting the challenge directly from the authentication computing device to the first user device, wherein the challenge requests a current activated lifetime of the locked data file, and wherein the current activated lifetime is a time difference between a first time when the first user device receives the locked data file and a second time when the first user device receives the challenge; and
  
  receiving, at the authentication computing device, the challenge response directly from the first user device to authenticate the first user device, wherein the challenge response includes the current activated lifetime.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the locked data file is further configured to decrypt the challenge using an encryption key.
  - 3. The method of claim 1, wherein the locked data file is further configured to encrypt the challenge response using an encryption key.
  - 4. The method of claim 1, further comprising receiving, at the authentication computing device, as part of the first user device enrolling in the authentication service, device information for the first user device.

5. An authentication computing device for authenticating a user device, said authentication computing device comprising one or more processors in communication with one or more memory devices, said authentication computing device configured to:
- generate a locked data file for use in authenticating a user device enrolled in an authentication service, the locked data file configured to process a challenge and generate a challenge response;
  
  transmit the locked data file to a first user device as part of the first user device enrolling in the authentication service, causing the locked data file to be installed on the first user device;
  
  receive an authentication request for a transaction initiated using the first user device;
  
  generate the challenge based on the authentication request;
  
  transmit the challenge directly from said authentication computing device to the first user device, wherein the challenge requests a current activated lifetime of the locked data file, and wherein the current activated lifetime is a time difference between a first time when the first user device receives the locked data file and a second time when the first user device receives the challenge; and
  
  receive the challenge response directly from the first user device to authenticate the first user device, wherein the challenge response includes the current activated lifetime.
- View Dependent Claims (6, 7, 8)
- - 6. The authentication computing device of claim 5, wherein the locked data file is further configured to decrypt the challenge using an encryption key.
  - 7. The authentication computing device of claim 5, wherein the locked data file is further configured to encrypt the challenge response using an encryption key.
  - 8. The authentication computing device of claim 5, wherein said authentication computing device is further configured to receive, as part of the first user device enrolling in the authentication service, device information for the first user device.

9. A non-transitory computer-readable storage medium having computer-executable instructions embodied thereon, wherein when executed by an authentication computing device having one or more processors in communication with one or more memory devices, the computer-executable instructions cause the authentication computing device to:
- generate a locked data file for use in authenticating a user device enrolled in an authentication service, wherein the locked data file is configured to process a challenge and generate a challenge response;
  
  transmit the locked data file to a first user device as part of the first user device enrolling in the authentication service, causing the locked data file to be installed on the first user device;
  
  receive an authentication request for a transaction initiated using the first user device;
  
  generate the challenge based on the authentication request;
  
  transmit the challenge directly from the authentication computing device to the first user device, wherein the challenge requests a current activated lifetime of the locked data file, and wherein the current activated lifetime is a time difference between a first time when the first user device receives the locked data file and a second time when the first user device receives the challenge; and
  
  receive the challenge response directly from the first user device to authenticate the first user device, wherein the challenge response includes the current activated lifetime.
- View Dependent Claims (10, 11)
- - 10. The computer-readable storage medium of claim 9, wherein to transmit a locked data file, the computer-executable instructions cause the authentication computing device to transmit a locked data file configured to decrypt the challenge using an encryption key.
  - 11. The computer-readable storage medium of claim 9, wherein to transmit a locked data file, the computer-executable instructions cause the authentication computing device to transmit a locked data file configured to encrypt the challenge response using an encryption key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Original Assignee
Mastercard International Incorporated (MasterCard Incorporated)
Inventors
Kohli, Manoneet
Primary Examiner(s)
Mehedi, Morshed
Assistant Examiner(s)
Lakhia, Viral S

Application Number

US15/090,331
Publication Number

US 20170288884A1
Time in Patent Office

911 Days
Field of Search

713180-182, 726 5- 7, 280255-258
US Class Current
CPC Class Codes

G06F 21/34   involving the use of extern...

G06Q 20/34   using cards, e.g. integrate...

G06Q 20/382   insuring higher security of...

G06Q 20/401   Transaction verification

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0853   using an additional device,...

H04L 63/0876   based on the identity of th...

H04L 9/3271   using challenge-response

Systems and methods for device to device authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for device to device authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links