Trusted status transfer between associated devices
First Claim
1. A method for extending access to a secured user session for a service among portable electronic devices that are associated with a user account, the method comprising, at a computing device:
- receiving, from a portable electronic device that is associated with the user account, a first set of data items that includes at least (i) a first unique device identifier associated with the portable electronic device, and (ii) a first password reset key, wherein the first password key is stored at the portable electronic device subsequent to the computing device granting the portable electronic device a trusted device status to access the secured user session;
receiving, from an additional portable electronic device that is associated with the user account, a request to access the secured user session, wherein the request includes a second set of data items that includes at least a second unique device identifier associated with the additional portable electronic device;
determining whether to extend the trusted device status to the additional portable electronic device to access the secured user session by comparing the first set of data items to the second set of data items; and
in response to determining that the first set of data items satisfy a predetermined threshold of trust with the second set of data items;
generating an authentication token, andextending the secured user session to the additional portable electronic device by providing the authentication token to the portable electronic device.
0 Assignments
0 Petitions
Accused Products
Abstract
The embodiments set forth systems and techniques to authenticate a user device for device services, such as by transferring or extending a trusted device status from a separate and trusted associated user device, which can be paired with the user device. This can be done automatically without requiring the user to sign in at or on behalf of the user device, and the automated process can include verifying a trusted status for the associated user device, receiving data items from both devices, evaluating the data items, and facilitating an authentication of the user device when the evaluating returns a favorable result. Data items can include provisioned machine identifiers, temporally limited one-time user passwords, and a provisioned password reset key. Authentication or trusted device status transfer can be achieved by way of an authentication token that is given to the user device.
13 Citations
20 Claims
-
1. A method for extending access to a secured user session for a service among portable electronic devices that are associated with a user account, the method comprising, at a computing device:
-
receiving, from a portable electronic device that is associated with the user account, a first set of data items that includes at least (i) a first unique device identifier associated with the portable electronic device, and (ii) a first password reset key, wherein the first password key is stored at the portable electronic device subsequent to the computing device granting the portable electronic device a trusted device status to access the secured user session; receiving, from an additional portable electronic device that is associated with the user account, a request to access the secured user session, wherein the request includes a second set of data items that includes at least a second unique device identifier associated with the additional portable electronic device; determining whether to extend the trusted device status to the additional portable electronic device to access the secured user session by comparing the first set of data items to the second set of data items; and in response to determining that the first set of data items satisfy a predetermined threshold of trust with the second set of data items; generating an authentication token, and extending the secured user session to the additional portable electronic device by providing the authentication token to the portable electronic device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for extending access to a secured user session for a service among portable electronic devices that are associated with a user account, the system comprising:
-
at least one processor; and at least one memory storing instructions that, in response to being executed by the at least one processor, cause the system to; receive, from a portable electronic device that is associated with the user account, a first set of data items that includes at least (i) a first unique device identifier associated with the portable electronic device, and (ii) a first password reset key, wherein the first password key is stored at the portable electronic device subsequent to the system granting the portable electronic device a trusted device status to access the secured user session; receive, from an additional portable electronic device that is associated with the user account, a request to access the secured user session, wherein the request includes a second set of data items that includes at least a second unique device identifier associated with the additional portable electronic device; determine whether to extend the trusted device status to the additional portable electronic device to access the secured user session by comparing the first set of data items to the second set of data items; and in response to determining that the first set of data items satisfy a predetermined threshold of trust with the second set of data items; generate an authentication token, and extend the secured user session to the additional portable electronic device by providing the authentication token to the portable electronic device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. At least one non-transitory computer readable storage medium storing instructions that, when executed by at least one processor included in a computing device, cause the computing device to:
-
receive, from a portable electronic device that is associated with a user account, a first set of data items that includes at least (i) a first unique device identifier associated with the portable electronic device, and (ii) a first password reset key, wherein the first password key is stored at the portable electronic device subsequent to the computing device granting the portable electronic device a trusted device status to access a secured user session for a service; receive, from an additional portable electronic device that is associated with the user account, a request to access the secured user session, wherein the request includes a second set of data items that includes at least a second unique device identifier associated with the additional portable electronic device; determine whether to extend the trusted device status to the additional portable electronic device to access the secured user session by comparing the first set of data items to the second set of data items; and in response to determining that the first set of data items satisfy a predetermined threshold of trust with the second set of data items; generate an authentication token, and extend the secured user session to the additional portable electronic device by providing the authentication token to the portable electronic device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification