Automated authorization response techniques
First Claim
1. A non-transitory computer-readable medium having computer instructions stored thereon that are capable of causing a mobile device to perform operations comprising:
- receiving a first permission request from an authorization system as a factor in a first multi-factor authentication process initiated by another device, wherein the first permission request is a request for authorization from the mobile device to perform an action, and wherein the first permission request specifies a first set of one or more automation criteria to be considered by the mobile device in determining whether to respond to the first permission request without prompting a user for input;
determining to automatically grant or deny the first permission request without prompting a user for input based on determining that the first set of one or more automation criteria specified in the first permission request are met;
receiving a second permission request from the authorization system as a factor in a second multi-factor authentication process initiated by another device, wherein the second permission request is a request for authorization to perform an action, and wherein the second permission request specifies a second set of one or more automation criteria to be considered by the mobile device in determining whether to respond to the second permission request without prompting a user for input; and
determining to prompt the user for input specifying whether to grant or deny the second permission request based on determining that the second set of one or more automation criteria specified in the second permission request are not met.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques are disclosed relating to automating permission requests, e.g., in the context of multi-factor authentication. In some embodiments a mobile device receives permission requests that specify sets of one or more automation criteria. In some embodiments, the mobile device prompts a user for a response to permission requests when the criteria are not met and automatically responds to permission requests (e.g., without requiring user input) when the criteria are met. Disclosed techniques may increase authorization security while reducing user interaction for multi-factor authentication, in some embodiments.
-
Citations
19 Claims
-
1. A non-transitory computer-readable medium having computer instructions stored thereon that are capable of causing a mobile device to perform operations comprising:
-
receiving a first permission request from an authorization system as a factor in a first multi-factor authentication process initiated by another device, wherein the first permission request is a request for authorization from the mobile device to perform an action, and wherein the first permission request specifies a first set of one or more automation criteria to be considered by the mobile device in determining whether to respond to the first permission request without prompting a user for input; determining to automatically grant or deny the first permission request without prompting a user for input based on determining that the first set of one or more automation criteria specified in the first permission request are met; receiving a second permission request from the authorization system as a factor in a second multi-factor authentication process initiated by another device, wherein the second permission request is a request for authorization to perform an action, and wherein the second permission request specifies a second set of one or more automation criteria to be considered by the mobile device in determining whether to respond to the second permission request without prompting a user for input; and determining to prompt the user for input specifying whether to grant or deny the second permission request based on determining that the second set of one or more automation criteria specified in the second permission request are not met. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A mobile device, comprising:
-
at least one antenna; one or more processing elements coupled to the at least one antenna; one or more memories having program instructions stored thereon that are capable of causing the mobile device to; receive a first permission request from an authorization system as a factor in a first multi-factor authentication process initiated by another device, wherein the first permission request is a request for authorization from the mobile device to perform an action, and wherein the first permission request specifies a first set of one or more automation criteria to be considered by the mobile device in determining whether to respond to the first permission request without prompting a user for input; determine to automatically grant or deny the first permission request without prompting a user for input based on determining that the first set of one or more automation criteria specified in the first permission request are met; receive a second permission request from the authorization system as a factor in a second multi-factor authentication process initiated by another device, wherein the second permission request is a request for authorization to perform an action, and wherein the second permission request specifies a second set of one or more automation criteria to be considered by the mobile device in determining whether to respond to the second permission request without prompting a user for input; and determine to prompt the user for input specifying whether to grant or deny the second permission request based on determining that the second set of one or more automation criteria specified in the second permission request are not met. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A method, comprising:
-
receiving, by a computing system, information indicating a request by a user to perform an action; determining, by the computing system, a set of one or more automation criteria under which a mobile device associated with the user should respond to a permission request for authorization from the mobile device to perform the action; transmitting, by the computing system, a first permission request to the mobile device associated with the user as a factor in a first multi-factor authentication process initiated by another device, wherein the first permission request specifies the set of one or more automation criteria to be considered by the mobile device in determining whether to respond to the first permission request without prompting a user for input; receiving, by the computing system, a response granting or denying the first permission request, wherein the response is automatically generated by the mobile device based on the set of one or more automation criteria without prompting the user for input to accept or deny the first permission request; receiving, by a computing system, information indicating a second request by a user to perform an action; determining, by the computing system, a second set of one or more automation criteria under which a mobile device associated with the user should respond to a second permission request for authorization from the mobile device to perform the action; transmitting, by the computing system, a second permission request to the mobile device associated with the user as a factor in a second multi-factor authentication process initiated by another device, wherein the second permission request specifies the second set of one or more automation criteria to be considered by the mobile device in determining whether to respond to the second permission request without prompting a user for input; and receiving, by the computing system, a response from the mobile device granting or denying the second permission request based on input received from the user at the mobile device in response to a prompt. - View Dependent Claims (15, 16, 17, 18, 19)
-
Specification