System and method for integrating two-factor authentication in a device
First Claim
1. An online method that enables multi-factor authentication with a third-party application, the online method comprising:
- enrolling a first inactivated device application instance associated with a first account into a multi-factor authentication service, the enrolling comprising;
receiving, at a multi-factor authentication service, a first enrollment request from a first service provider that provides the first account, wherein the multi-factor authentication service and the first service provider are distinct entities,in response to receiving the first enrollment request, generating at the multi-factor authentication service a first activation code and, separately, a unique device identifier, wherein the first activation code enables a multi-factor authentication pairing between the inactivated device application instance and the multi-factor authentication service;
receiving, via one or more networks, the first activation code at the first inactivated device application instance operating on a remote user device,processing the first activation code by the first inactivated device application instance, wherein processing the first activation code includes;
implementing an application programming interface (API) call from the inactivated device application instance operating on the remote user device to the multi-factor authentication service;
1) registering the first inactivated device application instance at the multi-factor authentication service and
2) at the multi-factor authentication service, mapping a communication address of the first inactivated device application instance to the unique device identifier and storing the mapping at the multi-factor authentication service;
in response to successfully
1) registering and
2) mapping the communication address of the first inactivated device application instance, identifying the first inactivated device application instance to a first activated device application instance at the multi-factor authentication service, wherein in an activated state the first activated device application receives one or more secondary authentication requests from the multi-factor authentication service in response to authenticating the first user with the first service provider; and
authenticating the first user with the first service provider, the authenticating comprising;
receiving from the first service provider a first authentication request to authenticate the first user, the first authentication request comprising an identification of the first user account,identifying the unique device identifier based on the identification of the first user account;
identifying the communication address of the first activated device application instance based on the mapping of the unique device identifier to the communication address of the first activated device application instance;
using the communication address of the first activated application instance to present by the multi-factor authentication service, at the first activated device application instance, first authentication information associated with the first authentication request,receiving, at the multi-factor authentication service, a user response to the first authentication information,generating, at the multi-factor authentication service, an authentication assessment based on the user response, andtransmitting, from the multi-factor authentication service, the authentication assessment to the first service provider.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method for providing secondary-factor authentication with a third party application that can include enrolling a device application instance of an account into a secondary-factor authentication service on behalf of a service provider that includes at the secondary-factor authentication service, receiving a secondary factor of authentication enrollment request of an account, the request received from the service provider, transmitting an activation code, and pairing the device application instance with the account through the activation code; receiving an authentication request identifying the account; transmitting an authentication request to the device application instance paired with the account; validating a response to the application request; and transmitting an assessment to the service provider.
172 Citations
14 Claims
-
1. An online method that enables multi-factor authentication with a third-party application, the online method comprising:
enrolling a first inactivated device application instance associated with a first account into a multi-factor authentication service, the enrolling comprising; receiving, at a multi-factor authentication service, a first enrollment request from a first service provider that provides the first account, wherein the multi-factor authentication service and the first service provider are distinct entities, in response to receiving the first enrollment request, generating at the multi-factor authentication service a first activation code and, separately, a unique device identifier, wherein the first activation code enables a multi-factor authentication pairing between the inactivated device application instance and the multi-factor authentication service; receiving, via one or more networks, the first activation code at the first inactivated device application instance operating on a remote user device, processing the first activation code by the first inactivated device application instance, wherein processing the first activation code includes; implementing an application programming interface (API) call from the inactivated device application instance operating on the remote user device to the multi-factor authentication service; 1) registering the first inactivated device application instance at the multi-factor authentication service and
2) at the multi-factor authentication service, mapping a communication address of the first inactivated device application instance to the unique device identifier and storing the mapping at the multi-factor authentication service;in response to successfully
1) registering and
2) mapping the communication address of the first inactivated device application instance, identifying the first inactivated device application instance to a first activated device application instance at the multi-factor authentication service, wherein in an activated state the first activated device application receives one or more secondary authentication requests from the multi-factor authentication service in response to authenticating the first user with the first service provider; andauthenticating the first user with the first service provider, the authenticating comprising; receiving from the first service provider a first authentication request to authenticate the first user, the first authentication request comprising an identification of the first user account, identifying the unique device identifier based on the identification of the first user account; identifying the communication address of the first activated device application instance based on the mapping of the unique device identifier to the communication address of the first activated device application instance; using the communication address of the first activated application instance to present by the multi-factor authentication service, at the first activated device application instance, first authentication information associated with the first authentication request, receiving, at the multi-factor authentication service, a user response to the first authentication information, generating, at the multi-factor authentication service, an authentication assessment based on the user response, and transmitting, from the multi-factor authentication service, the authentication assessment to the first service provider. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
Specification