Mobile authentication for web payments using single sign on credentials

US 10,181,122 B2
Filed: 10/31/2013
Issued: 01/15/2019
Est. Priority Date: 10/31/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving at a proxy server, from a server hosting a website, a request for authentication of a mobile device for payment, the request being sent via a computer device accessing the website, the request including a geographical location of the computer device;

identifying the mobile device based on a geographical proximity of the mobile device to the geographical location of the computer device and determining that the mobile device runs a mobile payment application;

identifying a mobile directory number (MDN) associated with the identified mobile device;

authenticating the mobile device associated with the MDN at the proxy server;

responsive to the request for authentication, sending from the proxy server to the website a challenge for authentication, for providing to the computer device accessing the website;

receiving at the proxy server, from the mobile device associated with the MDN, via a user interface of the mobile device, a response to the challenge for authentication, the mobile device being other than the computer device accessing the website;

verifying, at the proxy server, that the response to the challenge for authentication is a valid response; and

upon verifying the response is the valid response, transmitting from the proxy server to the web site a payment information associated with the MDN.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for mobile authentication for web payments are disclosed. In some implementations, a proxy server receives, from a computing device different from a mobile device, a request from a user to process a web payment via a payment account associated with the mobile device, the web payment being associated with an online merchant. The proxy server verifies that the mobile device is associated with the user. The proxy server transmits, to a commerce server of the online merchant, payment information for the web payment in response to verifying that the mobile device is associated with the user.

Citations

18 Claims

1. A method comprising:
- receiving at a proxy server, from a server hosting a website, a request for authentication of a mobile device for payment, the request being sent via a computer device accessing the website, the request including a geographical location of the computer device;
  
  identifying the mobile device based on a geographical proximity of the mobile device to the geographical location of the computer device and determining that the mobile device runs a mobile payment application;
  
  identifying a mobile directory number (MDN) associated with the identified mobile device;
  
  authenticating the mobile device associated with the MDN at the proxy server;
  
  responsive to the request for authentication, sending from the proxy server to the website a challenge for authentication, for providing to the computer device accessing the website;
  
  receiving at the proxy server, from the mobile device associated with the MDN, via a user interface of the mobile device, a response to the challenge for authentication, the mobile device being other than the computer device accessing the website;
  
  verifying, at the proxy server, that the response to the challenge for authentication is a valid response; and
  
  upon verifying the response is the valid response, transmitting from the proxy server to the web site a payment information associated with the MDN.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein:
    - the challenge for authentication includes a screen image for the website, for display as a displayed screen image on a screen of the computer device accessing the website, and the response to the challenge for authentication is verified as the valid response upon determining, at the proxy server, that the response includes a photograph of the displayed screen image taken via a camera of the mobile device.
  - 3. The method of claim 1, wherein:
    - the challenge for authentication includes an audio output for the website, for audio output from a speaker of the computer device accessing the website, and the response to the challenge for authentication is verified as the valid response upon determining, at the proxy server, that the response includes a recording of the audio output from the speaker taken via a microphone of the mobile device.
  - 4. The method of claim 1, wherein the payment information comprises a payment by a cellular carrier associated with the MDN and a charge billed to an account with the cellular carrier associated with the MDN.

5. A method comprising:
- receiving, at a website hosted by a server and integrated with a mobile communication network payment application interface, a checkout request from a user accessing the website with a computing device, having a mobile account with a mobile communication network;
  
  presenting on the website a user interface for a user of the computing device accessing the website to select the mobile communication network payment application interface for using the user'"'"'s mobile account with the mobile communication network for a payment;
  
  receiving a geographical location of the computing device to help identify a mobile directory number (MDN) associated with the user'"'"'s mobile account, where the MDN is identified based on a geographical proximity of a mobile device to the geographical location of the computing device and determining that the mobile device runs the mobile communication network payment application interface;
  
  upon the website receiving from the computing device, through the user interface, the user selection of the mobile communication network payment application interface, sending from the website to a server of the mobile communication network a challenge for authentication, for the server to communicate to and cause to be presented on a user interface of the mobile device associated with the MDN, the mobile device being different than the computing device accessing the website;
  
  receiving, at the website, from the server of the mobile communication network, an indication of a response to the challenge for authentication having been entered at of the user interface of the mobile device associated with the MDN in response to the presenting on the mobile device of the challenge for authentication; and
  
  upon verifying at the website, from the indication of the response to the challenge for authentication received from the server of the mobile communication network server, that the response is correct, enabling the user to input information, through the website, to finalize the checkout and pay for purchased items using the user'"'"'s mobile account with the mobile communication network.
- View Dependent Claims (6, 7, 8, 9)
- - 6. The method of claim 5, further comprising finalizing checkout and paying for purchased items by actions including:
    - receiving at the website, from the server of the mobile communication network, a payment account number and a shipping address of the user.
  - 7. The method of claim 5, wherein:
    - the challenge for authentication includes a request for the user to enter, at the mobile device, a numeric or textual pin, andwherein the response to the challenge for authentication is verified correct upon verifying the response entered at the mobile device associated with the MDN includes a correct numeric or textual pin.
  - 8. The method of claim 5, wherein:
    - the challenge for authentication includes a request for a biometric scan at the mobile device associated with the MDN, andwherein the response to the challenge for authentication is verified correct upon verifying the response entered at the mobile device associated with the MDN includes a biometric scan that matches a stored biometric scan associated with the user.
  - 9. The method of claim 5, wherein the indication of the response reflects whether or not the response entered at the mobile device associated with the MDN is correct successful authentication.

10. A method comprising:
- receiving, at a proxy server, from a computing device different from a mobile device, a request from a user to process a web payment via a payment account associated with the mobile device, the web payment being associated with an online website and the request including a geographical location of computing device;
  
  identifying the mobile device based on a geographical proximity of the mobile device to the geographical location of the computer device and determining that the mobile device runs a mobile payment application;
  
  identifying a mobile directory number (MDN) associated with the identified mobile device;
  
  verifying, at the proxy server, that the mobile device associated with the MDN is associated with the user; and
  
  transmitting, from the proxy server to a server of the online website, payment information for the web payment in response to verifying that the mobile device is associated with the user;
  
  wherein the MDN is entered at a user interface of the computing device presented to the user.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The method of claim 10, wherein verifying that the mobile device associated with the MDN is associated with the user comprises:
    - transmitting, from the proxy server, a challenge to one of the mobile device or the computing device; and
      
      receiving, at the proxy server and from another one of the mobile phone or the computing device, an indication of a user input corresponding a valid response to the challenge at the other one of the mobile phone or the computing device.
  - 12. The method of claim 10, wherein receiving the request from the user to process the web payment and verifying that the mobile device is associated with the user comprises:
    - receiving, from the computing device, an indication of a button on the computing device being selected, the button corresponding to the request for processing the web payment via the payment account associated with the mobile device; and
      
      receiving, from the mobile device, an indication of an acceleration of the mobile device being within an acceleration range corresponding to selecting the button on the computing device with the mobile device.
  - 13. The method of claim 10, wherein the mobile device is a mobile phone, the method further comprising:
    - storing, in a data repository associated with the proxy server, the payment information in association with the MDN of the mobile device.
  - 14. The method of claim 10, further comprising:
    - receiving, at the server of the online website and from the computing device different from the mobile device, the request from the user to process the web payment via the payment account associated with the mobile device;
      
      requesting from the proxy server payment information associated with the mobile device; and
      
      receiving at the server, from the proxy server, the payment information for the web payment in response to verification that the mobile device is associated with the user; and
      
      processing, at the server, the web payment using the payment information.
  - 15. The method of claim 14, wherein the payment information comprises a payment account number and a shipping address.
  - 16. The method of claim 14, wherein the request from the user to process the web payment via the payment account associated with the mobile device comprises an indication of a button on the computing device being hit, the button corresponding to the request for processing the web payment via the payment account associated with the mobile device.
  - 17. The method of claim 16, wherein the button on the computing device is a spacebar on the keyboard of the computing device, and wherein the button on the computing device is hit with the mobile device.
  - 18. The method of claim 14, wherein receiving the request from the user to process the web payment via the payment account associated with the mobile device comprises:
    - transmitting to the computing device a challenge to be responded to by user entry into the mobile device having the MDN; and
      
      receiving an indication of a valid response to the challenge having been entered at the mobile device having the MDN.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cellco Partnership, Inc. (Verizon Communications Inc.)
Original Assignee
Cellco Partnership, Inc. (Verizon Communications Inc.)
Inventors
Khalid, Mohammad Raheel, Kim, Ji Hoon, Bruno, Cory Michael, Berman, Paul, Caldeira de Andrada, Mauricio Pati, Vaidya, Samir
Primary Examiner(s)
Trotter, Scott S

Application Number

US14/069,323
Publication Number

US 20150120549A1
Time in Patent Office

1,902 Days
Field of Search
US Class Current
CPC Class Codes

G06Q 20/16   Payments settled via teleco...

G06Q 20/3224   Transactions dependent on l...

G06Q 20/325   using wireless networks

G06Q 20/326   Payment applications instal...

G06Q 20/4014   Identity check for transact...

G06Q 20/40145   Biometric identity checks

G06Q 30/0222   During e-commerce, i.e. onl...

Mobile authentication for web payments using single sign on credentials

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Mobile authentication for web payments using single sign on credentials

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links