Automated authorization response techniques

US 10,225,242 B2
Filed: 09/09/2015
Issued: 03/05/2019
Est. Priority Date: 10/25/2011
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable medium having computer instructions stored thereon that are capable of causing a mobile device to perform operations comprising:

receiving a first permission request from an authorization system as a factor in a first multi-factor authentication process initiated by another device, wherein the first permission request is a request for authorization from the mobile device to perform an action, and wherein the first permission request specifies a first set of one or more automation criteria to be considered by the mobile device in determining whether to respond to the first permission request without prompting a user for input;

determining to automatically grant or deny the first permission request without prompting a user for input based on determining that the first set of one or more automation criteria specified in the first permission request are met;

receiving a second permission request from the authorization system as a factor in a second multi-factor authentication process initiated by another device, wherein the second permission request is a request for authorization to perform an action, and wherein the second permission request specifies a second set of one or more automation criteria to be considered by the mobile device in determining whether to respond to the second permission request without prompting a user for input; and

determining to prompt the user for input specifying whether to grant or deny the second permission request based on determining that the second set of one or more automation criteria specified in the second permission request are not met.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques are disclosed relating to automating permission requests, e.g., in the context of multi-factor authentication. In some embodiments a mobile device receives permission requests that specify sets of one or more automation criteria. In some embodiments, the mobile device prompts a user for a response to permission requests when the criteria are not met and automatically responds to permission requests (e.g., without requiring user input) when the criteria are met. Disclosed techniques may increase authorization security while reducing user interaction for multi-factor authentication, in some embodiments.

Citations

19 Claims

1. A non-transitory computer-readable medium having computer instructions stored thereon that are capable of causing a mobile device to perform operations comprising:
- receiving a first permission request from an authorization system as a factor in a first multi-factor authentication process initiated by another device, wherein the first permission request is a request for authorization from the mobile device to perform an action, and wherein the first permission request specifies a first set of one or more automation criteria to be considered by the mobile device in determining whether to respond to the first permission request without prompting a user for input;
  
  determining to automatically grant or deny the first permission request without prompting a user for input based on determining that the first set of one or more automation criteria specified in the first permission request are met;
  
  receiving a second permission request from the authorization system as a factor in a second multi-factor authentication process initiated by another device, wherein the second permission request is a request for authorization to perform an action, and wherein the second permission request specifies a second set of one or more automation criteria to be considered by the mobile device in determining whether to respond to the second permission request without prompting a user for input; and
  
  determining to prompt the user for input specifying whether to grant or deny the second permission request based on determining that the second set of one or more automation criteria specified in the second permission request are not met.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The non-transitory computer-readable medium of claim 1, wherein the first set of one or more automation criteria includes a criterion corresponding to a location of the mobile device.
  - 3. The non-transitory computer-readable medium of claim 2, wherein the criterion corresponding to the location of the mobile device indicates to automatically respond to permission requests that are received when the mobile device is in a particular geographic region.
  - 4. The non-transitory computer-readable medium of claim 1, wherein the operations further comprise:
    - receiving information specifying user selection of one or more automation criteria for future permission requests; and
      
      storing the information;
      
      wherein at least one of the first set of one or more automation criteria is based on the stored information.
  - 5. The non-transitory computer-readable medium of claim 1, wherein the first set of one or more automation criteria includes at least one criterion that corresponds to:
    - location, acceleration, velocity, wireless connectivity, proximity to another device, temperature, lighting, noise, time, biometrics, altitude, pressure, or image characteristics.
  - 6. The non-transitory computer-readable medium of claim 1, wherein the first permission request is initiated external to the mobile device.

7. A mobile device, comprising:
- at least one antenna;
  
  one or more processing elements coupled to the at least one antenna;
  
  one or more memories having program instructions stored thereon that are capable of causing the mobile device to;
  
  receive a first permission request from an authorization system as a factor in a first multi-factor authentication process initiated by another device, wherein the first permission request is a request for authorization from the mobile device to perform an action, and wherein the first permission request specifies a first set of one or more automation criteria to be considered by the mobile device in determining whether to respond to the first permission request without prompting a user for input;
  
  determine to automatically grant or deny the first permission request without prompting a user for input based on determining that the first set of one or more automation criteria specified in the first permission request are met;
  
  receive a second permission request from the authorization system as a factor in a second multi-factor authentication process initiated by another device, wherein the second permission request is a request for authorization to perform an action, and wherein the second permission request specifies a second set of one or more automation criteria to be considered by the mobile device in determining whether to respond to the second permission request without prompting a user for input; and
  
  determine to prompt the user for input specifying whether to grant or deny the second permission request based on determining that the second set of one or more automation criteria specified in the second permission request are not met.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The mobile device of claim 7, wherein the action associated with the first permission request and the action associated with the second permission request are the same type of action.
  - 9. The mobile device of claim 7, wherein the first and second sets of one or more automation criteria each include a criterion corresponding to a location of the mobile device.
  - 10. The mobile device of claim 9, wherein the criterion corresponding to the location of the mobile device indicates automatically responding to permission requests that are received when the mobile device is in a particular geographic region.
  - 11. The mobile device of claim 7, wherein the first and second sets of automation criteria are the same.
  - 12. The mobile device of claim 7, wherein the first set of one or more automation criteria includes two or more criteria that correspond to two or more of:
    - location, acceleration, velocity, wireless connectivity, proximity to another device, temperature, lighting, noise, time, biometrics, altitude, pressure, or image characteristics.
  - 13. The mobile device of claim 7, wherein the action associated with the first permission request is a login.

14. A method, comprising:
- receiving, by a computing system, information indicating a request by a user to perform an action;
  
  determining, by the computing system, a set of one or more automation criteria under which a mobile device associated with the user should respond to a permission request for authorization from the mobile device to perform the action;
  
  transmitting, by the computing system, a first permission request to the mobile device associated with the user as a factor in a first multi-factor authentication process initiated by another device, wherein the first permission request specifies the set of one or more automation criteria to be considered by the mobile device in determining whether to respond to the first permission request without prompting a user for input;
  
  receiving, by the computing system, a response granting or denying the first permission request, wherein the response is automatically generated by the mobile device based on the set of one or more automation criteria without prompting the user for input to accept or deny the first permission request;
  
  receiving, by a computing system, information indicating a second request by a user to perform an action;
  
  determining, by the computing system, a second set of one or more automation criteria under which a mobile device associated with the user should respond to a second permission request for authorization from the mobile device to perform the action;
  
  transmitting, by the computing system, a second permission request to the mobile device associated with the user as a factor in a second multi-factor authentication process initiated by another device, wherein the second permission request specifies the second set of one or more automation criteria to be considered by the mobile device in determining whether to respond to the second permission request without prompting a user for input; and
  
  receiving, by the computing system, a response from the mobile device granting or denying the second permission request based on input received from the user at the mobile device in response to a prompt.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The method of claim 14, wherein the action associated with the first permission request and the action associated with the second permission request are the same type of action.
  - 16. The method of claim 14, wherein the determining the set of one or more automation criteria is based on past input from the user.
  - 17. The method of claim 14, wherein the set of one or more automation criteria includes a criterion that the mobile device is within a particular geographic region.
  - 18. The method of claim 14, wherein the set of one or more automation criteria includes a criterion that the mobile device is in communication with another computing device via a short-range wireless connection.
  - 19. The method of claim 14, wherein the set of one or more automation criteria includes a criterion that an image captured by the mobile device includes one or more visual characteristics associated with a user interface via which the user initiated the request.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Salesforce.com, Inc.
Original Assignee
Salesforce.com, Inc.
Inventors
Grim, Evan Tyler, Alexander, Josh
Primary Examiner(s)
Hirl, Joseph P
Assistant Examiner(s)
Gyorfi, Thomas A

Application Number

US14/849,312
Publication Number

US 20150381602A1
Time in Patent Office

1,273 Days
Field of Search
US Class Current
CPC Class Codes

H04L 2463/082   applying multi-factor authe...

H04L 63/08   for authentication of entit...

H04L 63/0861   using biometrical features,...

H04L 63/107   wherein the security polici...

H04W 12/06   Authentication

H04W 12/30   Security of mobile devices;...

H04W 12/63   Location-dependent; Proximi...

H04W 12/64   using geofenced areas

H04W 12/68   Gesture-dependent or behavi...

Automated authorization response techniques

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Automated authorization response techniques

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links