Using a mobile device number (MDN) service in multifactor authentication
First Claim
1. A method comprising:
- identifying, by a processor of a verification data generation system, an encryption key associated with a verification device, wherein the verification device is different from the verification data generation system;
determining, by the processor, attributes of a session between a source device and the verification device, wherein the source device is different from the verification data generation system, wherein first verification data is sent from the source device to the verification device via the session, wherein the first verification data identifies an account, wherein the account is associated with a user device, wherein the verification device generates user device data associated with a first identifier of the user device, and wherein the verification device sends the source device a request for additional verification data;
receiving, by the processor and from the source device, the request for additional verification data;
determining, by the processor and in response to receiving the request for additional verification data, a second identifier associated with the source device based on information in the request for additional verification data and information regarding sessions established between the source device and the verification device stored in a storage associated with the verification data generation system;
generating, by the processor, second verification data based on the second identifier associated with the source device;
encrypting, by the processor and based on the encryption key associated with the verification device, the second verification data; and
forwarding, by the processor, the encrypted second verification data toward the verification device, wherein the verification device decrypts the encrypted second verification data to recover the second verification data, wherein the verification device compares the second verification data to the user device data associated with the first identifier of the user device, and wherein the verification device determines that the source device corresponds to the user device when the user device data corresponds to the second verification data.
1 Assignment
0 Petitions
Accused Products
Abstract
Attributes of a session, between a source device and a verification device, for sending first verification data, such as a password and an account identifier, are determined. The verification device generates user device data based on an identifier, such as a mobile device number (MDN), for a user device associated with the account identifier. An identifier, such as an MDN, associated with the source device and an encryption key associated with the verification device are determined based on session attributes. Second verification data is generated based on the identifier associated with the source device. The second verification data is encrypted using the encryption key and forwarded to the verification device. The verification device decrypts the second verification data and compares the identifier for the user device to the identifier for the source device to determine whether the first verification data was sent from the user device.
116 Citations
20 Claims
-
1. A method comprising:
-
identifying, by a processor of a verification data generation system, an encryption key associated with a verification device, wherein the verification device is different from the verification data generation system; determining, by the processor, attributes of a session between a source device and the verification device, wherein the source device is different from the verification data generation system, wherein first verification data is sent from the source device to the verification device via the session, wherein the first verification data identifies an account, wherein the account is associated with a user device, wherein the verification device generates user device data associated with a first identifier of the user device, and wherein the verification device sends the source device a request for additional verification data; receiving, by the processor and from the source device, the request for additional verification data; determining, by the processor and in response to receiving the request for additional verification data, a second identifier associated with the source device based on information in the request for additional verification data and information regarding sessions established between the source device and the verification device stored in a storage associated with the verification data generation system; generating, by the processor, second verification data based on the second identifier associated with the source device; encrypting, by the processor and based on the encryption key associated with the verification device, the second verification data; and forwarding, by the processor, the encrypted second verification data toward the verification device, wherein the verification device decrypts the encrypted second verification data to recover the second verification data, wherein the verification device compares the second verification data to the user device data associated with the first identifier of the user device, and wherein the verification device determines that the source device corresponds to the user device when the user device data corresponds to the second verification data. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A device comprising:
-
a memory to store one or more instructions; and a processor configured to execute the one or more instructions to; identify an encryption key associated with a verification device, wherein the verification device determines whether a source device is eligible to access a service or data, wherein the verification device is different from the device; determine attributes of a session between the source device and the verification device, wherein the source device is different from the device, wherein first verification data is sent from the source device to the verification device via the session, wherein the first verification data identifies an account, wherein the account is associated with a user device, wherein the verification device generates user device data associated with a first identifier of the user device, and wherein the verification device sends the source device a request for additional verification data; receive, from the source device, the request for additional verification data; determine, in response to receiving the request for the additional verification data and based on information in the request for additional verification data and information regarding sessions established between the source device and the verification device stored in a storage associated with the device, a second identifier associated with the source device; generate second verification data based on the second identifier associated with the source device; encrypt, based on the encryption key associated with the verification device, the second verification data; and forward the encrypted second verification data toward the verification device, wherein the verification device decrypts the encrypted second verification data to recover the second verification data, wherein the verification device compares the second verification data to the user device data associated with the first identifier of the user device, and wherein the verification device determines that the source device corresponds to the user device when the user device data corresponds to the second verification data. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable medium to store instructions, the instructions comprising:
one or more instructions that when executed by a processor associated with a verification data generation system, cause the processor to; identify an encryption key associated with a verification device, wherein the verification device determines whether a source device is eligible to access a service or data, and wherein verification data generation system is different from the verification device and the source device; determine attributes of a session between the source device and the verification device, wherein first verification data is sent from the source device to the verification device via the session, wherein the first verification data identifies an account, wherein the account is associated with a user device, wherein the verification device generates user device data associated with a first identifier of the user device, and wherein the verification device sends the source device a request for additional verification data; receive, from the source device, the request for additional verification data; determine, in response to receiving the request for the additional verification data and based on information in the request for additional verification data and information regarding sessions established between the source device and the verification device stored in a storage associated with the verification data generation system, a second identifier associated with the source device; generate second verification data based on the second identifier associated with the source device; encrypt, based on the encryption key associated with the verification device, the second verification data; and forward the encrypted second verification data toward the verification device, wherein the verification device decrypts the encrypted second verification data to recover the second verification data, wherein the verification device compares the second verification data to the user device data associated with the first identifier of the user device, and wherein the verification device determines that the source device corresponds to the user device when the user device data corresponds to the second verification data. - View Dependent Claims (16, 17, 18, 19, 20)
Specification