User authentication systems and methods
First Claim
Patent Images
1. A method comprising:
- receiving, at a server, from a trusted client computer device, a request to authenticate a mobile device of a user, the mobile device bearing a mobile app, the user having login credentials stored at the server, the trusted client computer device being different from the mobile device;
storing, at the server, a list of Internet Protocol (IP) addresses of authorized client devices, wherein the trusted client computer device has an IP address included in the list or the trusted client device is coupled to the server using a Universal Second Factor (U2F) key;
requesting, by the server, from the trusted client computer device, a user-supplied memorable image file to be selected from a plurality of image files available to the user of the trusted client computer device including image files created by the user and image files not created by the user, and an International Mobile Equipment Identity (IMEI), and a phone number for a mobile device;
receiving, by the server, the user-supplied memorable image file, the IMEI, and the phone number of the mobile device;
storing, by the server, in a memory, the user-supplied memorable image file, the IMEI, and the phone number of the mobile device;
converting, by the server, the user-supplied memorable image file to a first byte array by renaming a file containing the user-supplied memorable image file to a .txt file;
associating, by the server, in the memory, the user-supplied memorable image file, the IMEI, and the phone number, with the login credentials of the user;
generating, by the server, a one time activation Personal Identification Number (PIN);
requesting, by the server, a mobile-supplied image file and login credentials from the mobile device of the user;
receiving, by the server, the mobile-supplied image file from the mobile device of the user and converting the mobile-supplied image file to a second byte array;
activating the mobile app in response to the user entering the PIN in the mobile app; and
authenticating, by the server, the mobile device of the user in response to the second byte array matching the first byte array and in response to the login credentials of the user from the mobile device of the user matching the stored login credentials of the user, without requiring the PIN after the mobile app has been activated.
3 Assignments
0 Petitions
Accused Products
Abstract
A method of authenticating a user of a multifunction device to a server, the method comprising associating a user-supplied image with user login credentials, using a server; receiving, at the server, an image uploaded from the multifunction device; and comparing the uploaded image to the user-supplied image, using the server, and, only if the uploaded image is identical to the user-supplied image, allowing the user of the multifunction device to authenticate to the server by providing additional login credentials to the server using the multifunction device.
89 Citations
18 Claims
-
1. A method comprising:
-
receiving, at a server, from a trusted client computer device, a request to authenticate a mobile device of a user, the mobile device bearing a mobile app, the user having login credentials stored at the server, the trusted client computer device being different from the mobile device; storing, at the server, a list of Internet Protocol (IP) addresses of authorized client devices, wherein the trusted client computer device has an IP address included in the list or the trusted client device is coupled to the server using a Universal Second Factor (U2F) key; requesting, by the server, from the trusted client computer device, a user-supplied memorable image file to be selected from a plurality of image files available to the user of the trusted client computer device including image files created by the user and image files not created by the user, and an International Mobile Equipment Identity (IMEI), and a phone number for a mobile device; receiving, by the server, the user-supplied memorable image file, the IMEI, and the phone number of the mobile device; storing, by the server, in a memory, the user-supplied memorable image file, the IMEI, and the phone number of the mobile device; converting, by the server, the user-supplied memorable image file to a first byte array by renaming a file containing the user-supplied memorable image file to a .txt file; associating, by the server, in the memory, the user-supplied memorable image file, the IMEI, and the phone number, with the login credentials of the user; generating, by the server, a one time activation Personal Identification Number (PIN); requesting, by the server, a mobile-supplied image file and login credentials from the mobile device of the user; receiving, by the server, the mobile-supplied image file from the mobile device of the user and converting the mobile-supplied image file to a second byte array; activating the mobile app in response to the user entering the PIN in the mobile app; and authenticating, by the server, the mobile device of the user in response to the second byte array matching the first byte array and in response to the login credentials of the user from the mobile device of the user matching the stored login credentials of the user, without requiring the PIN after the mobile app has been activated. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A server configured to receive, from a trusted client computer device, a request to authenticate a mobile device of a user, the mobile device bearing a mobile app, the user having login credentials stored at the server, the trusted client computer device being different from the mobile device, the server including a memory, and the server being configured to:
-
store a list of Internet Protocol (IP) addresses of authorized client devices, wherein the trusted client computer device has an IP address included in the list or the trusted client device is coupled to the server using a Universal Second Factor (U2F) key; request, from the trusted client computer device, a user-supplied memorable image file to be selected from a plurality of image files available to the user of the trusted client computer device including image files created by the user and image files not created by the user, and an International Mobile Equipment Identity (IMEI), and a phone number for a mobile device; receive the user-supplied memorable image file, the IMEI, and the phone number of the mobile device; store, in the memory, the user-supplied memorable image file, the IMEI, and the phone number of the mobile device; convert the user-supplied memorable image file to a first byte array by renaming a file containing the user-supplied memorable image file to a .txt file; associate, in the memory, the user-supplied memorable image file, the IMEI, and the phone number, with the login credentials of the user; generate a one time activation Personal Identification Number (PIN); request a mobile-supplied image file and login credentials from the mobile device of the user; receive the mobile-supplied image file from the mobile device of the user and converting the mobile-supplied image file to a second byte array; and activate the mobile app in response to the user entering the PIN in the mobile app; and authenticate the mobile device of the user in response to the second byte array matching the first byte array and in response to the login credentials of the user from the mobile device of the user matching the user'"'"'s stored login credentials, without requiring the PIN after the mobile app has been activated. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer program product comprising a non-transitory computer readable medium bearing computer program code which, when programmed into a server having a memory causes the server to:
-
receive, from a trusted client computer device, a request to authenticate a mobile device of a user, the mobile device bearing a mobile app, the user having login credentials stored at the server, the trusted client computer device being different from the mobile device; store a list of Internet Protocol (IP) addresses of authorized client devices, wherein the trusted client computer device has an IP address included in the list or the trusted client device is coupled to the server using a Universal Second Factor (U2F) key; request, from the trusted client computer device, a user-supplied memorable image file to be selected from a plurality of image files available to the user of the trusted client computer device including image files created by the user and image files not created by the user, and an International Mobile Equipment Identity (IMEI), and a phone number for a mobile device; receive the user-supplied memorable image file, the IMEI, and the phone number of the mobile device; store, in the memory, the user-supplied memorable image file, the IMEI, and the phone number of the mobile device; convert the user-supplied memorable image file to a first byte array by renaming a file containing the user-supplied memorable image file to a .txt file; associate, in the memory, the user-supplied memorable image file, the IMEI, and the phone number, with the login credentials of the user; generate a one time activation Personal Identification Number (PIN); request a mobile-supplied image file and login credentials from the mobile device of the user; receive the mobile-supplied image file from the mobile device of the user and convert the mobile-supplied image file to a second byte array; activate the mobile app in response to the user entering the PIN in the mobile app, and authenticate the mobile device of the user in response to the second byte array matching the first byte array and in response to the login credentials of the user from the mobile device of the user matching the user'"'"'s stored login credentials, without requiring the PIN after the mobile app has been activated. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification