Method and system for controlling online user account using a mobile device

US 10,164,981 B2
Filed: 06/19/2017
Issued: 12/25/2018
Est. Priority Date: 09/27/2013
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

receiving, at a computing device associated with a service provider, from a user device over a network, information associated with an action requested to be performed on said user device in association with an account provided by the service provider;

in response to receiving the action information, automatically communicating, via the computing device, a request to said user device, said request comprising a message providing said user device functionality to authenticate said requested action;

receiving, at said computing device from said user device, data indicating a response to said request, said response data providing an indication of activity performed by a user of said user device upon viewing said request;

analyzing, via the computing device, said response data, said analysis comprising determining whether said response data represents activity that is performed by an account holder of said account or by a malicious user; and

communicating, via the computing device over the network, an instruction to lock said user device upon said analysis resulting in a determination said requested action was generated by said malicious user, said communication causing said user device to block access to programs installed on said user device while locked.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for controlling online user account using a mobile device. The method includes receiving an option to lock an online account of a user from a service provider. The computer-implemented method also includes locking the online user account by using a mobile device. Further, the computer-implemented method includes initiating a user action at a later point of time. Furthermore, the computer-implemented method includes receiving an alert to unlock the online user account in order to perform the user action and obtaining an unlock password from the service provider. Moreover, the computer-implemented method includes unlocking the online user account with the unlock password by using the mobile device and performing the user action subsequent to the unlocking, thereby controlling the online user account using the mobile device. The system includes a computing device, a web browser, a service provider and a mobile device.

Citations

20 Claims

1. A method comprising:
- receiving, at a computing device associated with a service provider, from a user device over a network, information associated with an action requested to be performed on said user device in association with an account provided by the service provider;
  
  in response to receiving the action information, automatically communicating, via the computing device, a request to said user device, said request comprising a message providing said user device functionality to authenticate said requested action;
  
  receiving, at said computing device from said user device, data indicating a response to said request, said response data providing an indication of activity performed by a user of said user device upon viewing said request;
  
  analyzing, via the computing device, said response data, said analysis comprising determining whether said response data represents activity that is performed by an account holder of said account or by a malicious user; and
  
  communicating, via the computing device over the network, an instruction to lock said user device upon said analysis resulting in a determination said requested action was generated by said malicious user, said communication causing said user device to block access to programs installed on said user device while locked.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising:
    - locking, over the network, the account upon said analysis resulting in a determination said requested action was generated by said malicious user, said locking comprising communicating a message to said user device preventing any user action to be performed from said account while locked.
  - 3. The method of claim 1, further comprising:
    - denying said requested action, wherein said denying comprising communicating a message to said user device indicating said denial.
  - 4. The method of claim 1, further comprising:
    - communicating, over the network, a message to an inbox of said account enabling the account holder to unlock said user device or account.
  - 5. The method of claim 1, wherein said received data provides a further indication regarding a time period for generation of said data, said time period associated with a time said response data is generated after said viewing said request.
  - 6. The method of claim 5, further comprising:
    - comparing said time period to a predetermined time threshold; and
      
      determining whether said response data is associated with malicious activity based on a result of said comparison.
  - 7. The method of claim 1, wherein said activity represented by the response data comprises a login attempt to the account.
  - 8. The method of claim 1, wherein said activity represented by the response data comprises a network activity via a platform provided by said service provider from the account.

9. A non-transitory computer-readable storage medium tangibly encoded with computer-executable instructions, that when executed by a computing device, perform a method comprising:
- receiving, at the computing device associated with a service provider, from a user device over a network, information associated with an action requested to be performed on said user device in association with an account provided by the service provider;
  
  in response to receiving the action information, automatically communicating, via the computing device, a request to said user device, said request comprising a message providing said user device functionality to authenticate said requested action;
  
  receiving, at said computing device from said user device, data indicating a response to said request, said response data providing an indication of activity performed by a user of said user device upon viewing said request;
  
  analyzing, via the computing device, said response data, said analysis comprising determining whether said response data represents activity is performed by an account holder of said account or a malicious user; and
  
  communicating, via the computing device over the network, an instruction to lock said user device upon said analysis resulting in a determination said requested action was generated by said malicious user, said communication causing said user device to block access to programs installed on said user device while locked.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The non-transitory computer-readable storage medium of claim 9, further comprising:
    - locking, over the network, the account upon said analysis resulting in a determination said requested action was generated by said malicious user, said locking comprising communicating a message to said user device preventing any user action to be performed from said account while locked.
  - 11. The non-transitory computer-readable storage medium of claim 9, further comprising:
    - denying said requested action, wherein said denying comprising communicating a message to said user device indicating said denial.
  - 12. The non-transitory computer-readable storage medium of claim 9, further comprising:
    - communicating, over the network, a message to an inbox of said account enabling the account holder to unlock said user device or account.
  - 13. The non-transitory computer-readable storage medium of claim 9, wherein said received data provides a further indication regarding a time period for generation of said data, said time period associated with a time said response data is generated after said viewing said request.
  - 14. The non-transitory computer-readable storage medium of claim 13, further comprising:
    - comparing said time period to a predetermined time threshold; and
      
      determining whether said response data is associated with malicious activity based on a result of said comparison.
  - 15. The non-transitory computer-readable storage medium of claim 9, wherein said activity represented by the response data comprises a login attempt to the account.
  - 16. The non-transitory computer-readable storage medium of claim 9, wherein said activity represented by the response data comprises a network activity via a platform provided by said service provider from the account.

17. A computing device comprising:
- a processor;
  
  a non-transitory computer-readable storage medium for tangibly storing thereon program logic for execution by the processor, the program logic comprising;
  
  logic executed by the processor for receiving, at the computing device associated with a service provider, from a user device over a network, information associated with an action requested to be performed on said user device in association with an account provided by the service provider;
  
  logic executed by the processor for automatically communicating, via the computing device in response to receiving the action information, a request to said user device, said request comprising a message providing said user device functionality to authenticate said requested action;
  
  logic executed by the processor for receiving, at said computing device from said user device, data indicating a response to said request, said response data providing an indication of activity performed by a user of said user device upon viewing said request;
  
  logic executed by the processor for analyzing, via the computing device, said response data, said analysis comprising determining whether said response data represents activity is performed by an account holder of said account or a malicious user; and
  
  logic executed by the processor for communicating, via the computing device over the network, an instruction to lock said user device upon said analysis resulting in a determination said requested action was generated by said malicious user, said communication causing said user device to block access to programs installed on said user device while locked.
- View Dependent Claims (18, 19, 20)
- - 18. The computing device of claim 17, further comprising:
    - logic executed by the processor for locking, over the network, the account upon said analysis resulting in a determination said requested action was generated by said malicious user, said locking comprising communicating a message to said user device preventing any user action to be performed from said account while locked.
  - 19. The computing device of claim 17, further comprising:
    - logic executed by the processor for denying said requested action, wherein said denying comprising communicating a message to said user device indicating said denial.
  - 20. computing device of claim 17, further comprising:
    - logic executed by the processor for communicating, over the network, a message to an inbox of said account enabling the account holder to unlock said user device or account.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
R2 Solutions LLC (Acacia Research Corporation)
Original Assignee
Excalibur IP, LLC (Acacia Research Corporation)
Inventors
Adsule, Dharmendra Prakash
Primary Examiner(s)
Goodchild, William J.

Application Number

US15/626,277
Publication Number

US 20170289163A1
Time in Patent Office

554 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 2221/2131   Lost password, e.g. recover...

H04L 51/212   using filtering or selectiv...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/10   for controlling access to d...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1466   Active attacks involving in...

H04L 63/18   using different networks or...

Method and system for controlling online user account using a mobile device

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for controlling online user account using a mobile device

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links