Quick payment using mobile device binding

US 10,152,705 B2
Filed: 10/26/2015
Issued: 12/11/2018
Est. Priority Date: 11/11/2010
Status: Active Grant

First Claim

Patent Images

1. A service provider system comprising:

a non-transitory memory; and

one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the service provider system to perform operations comprising;

in response to a user initiating a first transaction through the service provider system using a first application running on a user device;

performing a device interrogation to receive a device identifier unique to the user device;

determining that the user device is bound to a user account with the service provider system through an application level binding for a second application on the user device using the device identifier, wherein the application level binding associates the second application with the user device using the device identifier and first transaction information that identifies the second application;

determining a secure connection with the user device based on the application level binding and the first transaction information;

performing the application level binding for the first application and the user account using the device identifier and second transaction information that identifies the first application; and

processing the first transaction using the user account based on the application level binding and the secure connection without requiring login information for the user account from the user through the first application.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems are provided for secure device binding that provides user convenience through avoiding repetitive logging in when changing apps or moving from website to website. A mobile device undergoes binding to an account so that customers do not always have to enter their password when going through a financial transaction process, on a known (e.g., registered) mobile device. A device may be bound during an initial login, and once logged in, the user can select an option to be “remembered” so that the user need not re-login on the same device for future visits with an app or to a website that shares the service provider library.

Citations

20 Claims

1. A service provider system comprising:
- a non-transitory memory; and
  
  one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the service provider system to perform operations comprising;
  
  in response to a user initiating a first transaction through the service provider system using a first application running on a user device;
  
  performing a device interrogation to receive a device identifier unique to the user device;
  
  determining that the user device is bound to a user account with the service provider system through an application level binding for a second application on the user device using the device identifier, wherein the application level binding associates the second application with the user device using the device identifier and first transaction information that identifies the second application;
  
  determining a secure connection with the user device based on the application level binding and the first transaction information;
  
  performing the application level binding for the first application and the user account using the device identifier and second transaction information that identifies the first application; and
  
  processing the first transaction using the user account based on the application level binding and the secure connection without requiring login information for the user account from the user through the first application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The service provider system of claim 1, wherein the determining that the user device is bound to the user account is further based on an association between the device identifier and the user account.
  - 3. The service provider system of claim 2, wherein the association binds the user device to the user account using the device identifier based on the user previously providing the login information for the user account through the second application of the user device.
  - 4. The service provider system of claim 2, wherein the second application comprises a web browser application, and wherein the login information is entered to a website of the service provider system accessed using the web browser application.
  - 5. The service provider system of claim 2, wherein the second application is a dedicated application of the service provider system, and wherein the login information is received in an API call to an application server of the service provider system using an API flow for the dedicated application with the service provider system.
  - 6. The service provider system of claim 2, wherein the second application is a web browser application used to access a website of the service provider system and provide the login information and the device identifier, and wherein the first application is a dedicated application of a merchant using the service provider system.
  - 7. The service provider system of claim 1, wherein the device identifier is an encrypted device identifier, and wherein performing the device interrogation comprises:
    - requesting the encrypted device identifier stored on the user device; and
      
      receiving the encrypted device identifier from the user device.
  - 8. The service provider system of claim 1, wherein a token comprising the device identifier is passed to the service provider system during authentication of the login information for the user account during a previous login to the user account through the second application of the user device.
  - 9. The service provider system of claim 8, wherein the token further comprises additional parameters for the user device, and wherein the additional parameters comprises at least one of a device name, a device identifier type, a device category, an operating system, application information, an application identifier, or a payment provider application identifier.
  - 10. The service provider system of claim 8, wherein the token is passed in response to the user opting-in to binding the user device to the user account using the device identifier during the previous login through the second application.
  - 11. The service provider system of claim 1, wherein the operations further comprise:
    - receiving user preferences from the user when the user accesses the user account; and
      
      adjusting whether the user device is bound to the user account based on the user preferences for binding of the device identifier to the user account.
  - 12. The service provider system of claim 11, wherein the user preferences specify whether the user is adding a new device or deleting an old device from being bound to the user account.
  - 13. The service provider system of claim 11, wherein multiple devices are bound to the user account based on device identifiers stored for each of the multiple devices with the user account.
  - 14. The service provider system of claim 1, wherein prior to the processing the first transaction, the operations further comprise:
    - accessing transaction limitation preferences for the user account set by the user, wherein the transaction limitation preferences comprise transaction limits for processing the first transaction without requiring the login information for the user account from the user through the first application; and
      
      requesting additional authentication from the user when the first transaction does not satisfy the transaction limits.
  - 15. The service provider system of claim 14, wherein the transaction limits comprise a maximum amount for transactions, a number of transactions conducted within a time period, or authorized merchants for the transactions.
  - 16. The service provider system of claim 1, wherein the operations further comprise:
    - generating a transaction history for the first transaction after the processing the first transaction using the user account.
  - 17. The service provider system of claim 16, wherein transaction history is at least one of stored to the user account or communicated to the user in a message retrievable by the user device.

18. A method comprising:
- in response to a user initiating a transaction through a service provider using a first application running on a user device;
  
  performing a device interrogation to receive a device identifier unique to the user device;
  
  determining, based on the device identifier, whether the user device is bound to a user account with the service provider through an application level binding for a second application on the user device, wherein the application level binding associates the second application with the user device using the device identifier and first transaction information that identifies the second application, and wherein the application level binding occurs in response to login information for the user account entered to the second application;
  
  in response to determining that the user device is bound to a user account with the service provider, determining a secure connection with the user device based on the application level binding and the first transaction information;
  
  performing the application level binding for the first application to the user account using the device identifier and second transaction information that identifies the first application; and
  
  processing the transaction using the user account based on the application level binding.
- View Dependent Claims (19)
- - 19. The method of claim 18, wherein the user account is used for payment of the transaction without requiring the login information during the processing of the transaction.

20. A non-transitory machine-readable medium having stored thereon machine-readable instructions executable to cause a machine to perform operations comprising:
- in response to a user initiating a transaction through a service provider using a first application running on a user device;
  
  performing a device interrogation to receive a device identifier unique to the user device;
  
  determining that the user device is bound to a user account with the service provider through an application level binding for a second application on the user device using the device identifier based on a the user providing login information to access the user account during use of second application of the user device prior to the transaction, wherein the application level binding associates the second application with the user device using the device identifier and first transaction information that identifies the second application; and
  
  determining a secure connection with the user device based on the application level binding and the first transaction information;
  
  performing the application level binding for the first application and the user account using the device identifier and second transaction information that identifies the first application; and
  
  processing the transaction using the user account based on the application level binding and the secure connection without requiring the login information for the user account from the user through the first application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Original Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Inventors
Griffin, Kent, Zhu, Mingzhe, Susarla, Aruna, Gupta, Anshu
Primary Examiner(s)
Kim, Tae K

Application Number

US14/923,291
Publication Number

US 20160042341A1
Time in Patent Office

1,142 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/41   where a single sign-on prov...

G06F 21/44   Program or device authentic...

G06Q 20/12   specially adapted for elect...

G06Q 20/322   Aspects of commerce using m...

G06Q 20/3267   In-app payments

G06Q 20/36   using electronic wallets or...

G06Q 20/3674   involving authentication

G06Q 20/382   insuring higher security of...

H04L 63/0815   providing single-sign-on or...

H04L 67/02   based on web technology, e....

H04W 12/069   using certificates or pre-s...

Quick payment using mobile device binding

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Quick payment using mobile device binding

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links