Online account access control by mobile device

US 10,275,582 B2
Filed: 03/02/2016
Issued: 04/30/2019
Est. Priority Date: 12/14/2011
Status: Active Grant

First Claim

Patent Images

1. A method for initiating an action for an online account, the method comprising:

receiving an access control message from a mobile device that includes at least a request to perform an action with respect to an online account, the access control message having been generated by a signed application on the mobile device and including a digital signature generated using a private key stored on the mobile device, wherein the action comprises preventing login access to the online account such that the account cannot be accessed even using the correct login information for the online account;

establishing, in response to receiving the access control message, a network connection by communicatively coupling the server with the mobile device;

receiving, via the network connection, identifying information associated with the mobile device;

identifying the online account based at least in part on the identifying information associated with the mobile device, wherein the identifying the online account includes comparing the identifier of the mobile device to a plurality of stored identifiers, wherein the online account is associated with an accessibility status indicating whether the account can or cannot be accessed via a login using correct login credentials, such that a “

locked”

accessibility status indicates that the account cannot be accessed using correct login credentials, wherein the action comprises a command to update the accessibility status in a specified manner;

verifying the authenticity of the digital signature using a public key associated with the mobile device;

upon verifying the authenticity of the digital signature using the public key, determining, based on the access control message, that the mobile device is authorized to initiate the action with respect to the account by comparing the identifying information associated with the mobile device to verification information stored in association with the online account; and

upon determining that the mobile device is authorized to initiate the action with respect to the online account, initiating the action such that the accessibility status of the account is updated based on the access control message without further interaction with the mobile device; and

providing, to the mobile device, a notification indicating that the action has been initiated;

receiving a second access control message from the mobile device including a request to reactivate login access to the online account;

determining that the mobile device is authorized to initiate reactivation of login access to the online account by comparing the identifying information associated with the mobile device to verification information stored in association with the online account; and

upon determining that the mobile device is authorized initiate reactivation of login access to the online account, reactivating login access to the online account.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for controlling access to an online account are described. An access control message including an action to be performed on an online account can be sent from a mobile device to a server. The server may identify the mobile device based on identifying information in the access control message. Upon identifying the mobile device, the server may determine whether the user has authority to initiate the action to be performed on the online account. Upon determining that a user of the mobile device does have authority to initiate the indicated action, the action indicated in the access control message may be taken with respect to the online account.

79 Citations

View as Search Results

15 Claims

1. A method for initiating an action for an online account, the method comprising:
- receiving an access control message from a mobile device that includes at least a request to perform an action with respect to an online account, the access control message having been generated by a signed application on the mobile device and including a digital signature generated using a private key stored on the mobile device, wherein the action comprises preventing login access to the online account such that the account cannot be accessed even using the correct login information for the online account;
  
  establishing, in response to receiving the access control message, a network connection by communicatively coupling the server with the mobile device;
  
  receiving, via the network connection, identifying information associated with the mobile device;
  
  identifying the online account based at least in part on the identifying information associated with the mobile device, wherein the identifying the online account includes comparing the identifier of the mobile device to a plurality of stored identifiers, wherein the online account is associated with an accessibility status indicating whether the account can or cannot be accessed via a login using correct login credentials, such that a “
  
  locked”
  
  accessibility status indicates that the account cannot be accessed using correct login credentials, wherein the action comprises a command to update the accessibility status in a specified manner;
  
  verifying the authenticity of the digital signature using a public key associated with the mobile device;
  
  upon verifying the authenticity of the digital signature using the public key, determining, based on the access control message, that the mobile device is authorized to initiate the action with respect to the account by comparing the identifying information associated with the mobile device to verification information stored in association with the online account; and
  
  upon determining that the mobile device is authorized to initiate the action with respect to the online account, initiating the action such that the accessibility status of the account is updated based on the access control message without further interaction with the mobile device; and
  
  providing, to the mobile device, a notification indicating that the action has been initiated;
  
  receiving a second access control message from the mobile device including a request to reactivate login access to the online account;
  
  determining that the mobile device is authorized to initiate reactivation of login access to the online account by comparing the identifying information associated with the mobile device to verification information stored in association with the online account; and
  
  upon determining that the mobile device is authorized initiate reactivation of login access to the online account, reactivating login access to the online account.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the access control message is a short message service (SMS) message, and the network connection is a short message service communication session.
  - 3. The method of claim 1, wherein the access control message includes a cryptographic hash value.
  - 4. The method of claim 1, further comprising:
    - enrolling the online account; and
      
      registering the mobile device in association with the online account.

5. A system for controlling access to an online account, comprising:
- a processor; and
  
  a non-transitory computer readable medium coupled to the processor, wherein the computer readable medium includes code executable by the processor, the code operative to;
  
  receive an access control message from a mobile device, the access control message including an action to be performed on an online account, wherein the online account is associated with an accessibility status indicating whether the account can or cannot be accessed via a login using correct login credentials, such that a “
  
  locked”
  
  accessibility status indicates that the account cannot be accessed using correct login credentials for the online account, the access control message having been generated by a signed application on the mobile device and including a digital signature generated using a private key stored on the mobile device, wherein the action comprises preventing login access to the online account by updating the accessibility status to the “
  
  locked”
  
  accessibility status;
  
  establish, in response to receiving the access control message, a short message service communication session with the mobile device;
  
  receive, via the short message service communication session, identifying information associated with the mobile device;
  
  identify the online account based at least in part on the identifying information associated with the mobile device wherein identifying the online account comprises comparing the identifying information associated with the mobile device to stored mobile device identifiers;
  
  verify the authenticity of the digital signature using a public key associated with the mobile device;
  
  upon verifying the authenticity of the digital signature using the public key, determine, based at least in part on information associated with the identified online account, that the mobile device is authorized to initiate the action to be performed on the online account by comparing the identifying information associated with the mobile device to verification information stored in association with the online account;
  
  cause the action to be performed on the online account to be initiated such that the accessibility status of the account is updated based on the access control message without further interaction with the mobile device; and
  
  cause a notification to be provided to the mobile device indicating that the action has been performed;
  
  receive a second access control message from the mobile device including a request to reactivate login access to the online account;
  
  determine that the mobile device is authorized to initiate reactivation of login access to the online account by comparing the identifying information associated with the mobile device to verification information stored in association with the online account; and
  
  upon determining that the mobile device is authorized initiate reactivation of login access to the online account, reactivate login access to the online account.
- View Dependent Claims (6, 7, 8, 9, 10)
- - 6. The system of claim 5, wherein the action is enabling access to the online account using the login information for the online account.
  - 7. The system of claim 5, wherein the action is disabling editing of information associated with the online account.
  - 8. The system of claim 5, wherein the action is disabling transmitting e-mail from the account.
  - 9. The system of claim 5, wherein the identifying information associated with the mobile device includes at least one of a Mobile Subscriber Integrated Services Digital Network (MSISDN) number, an International Mobile Subscriber Identity (IMSI), or an International Mobile Station Equipment Identifier (IMEI).
  - 10. The system of claim 5, wherein the identifying information associated with the mobile device is a phone number.

11. A mobile device, comprising:
- a processor; and
  
  a non-transitory computer readable medium coupled to the processor, wherein the computer readable medium includes code executable by the processor, the code operative to;
  
  receive, from a user of the mobile device, an indication of an action to be performed with respect to an online account associated with the user, wherein the action effects a change to an accessibility status of the online account, the indication of the action having been generated by a signed application on the mobile device and including a digital signature generated using a private key stored on the mobile device;
  
  verify the authenticity of the digital signature using a public key associated with the mobile device;
  
  upon verifying the authenticity of the digital signature using the public key, determine that the user has authority to initiate the action to be performed with respect to the online account;
  
  establish, by transmitting an access control message to a server, a short message service communication session with the server, the access control message including;
  
  the action to be performed with respect to an online account, anda device identifier used by the server to identify the online account;
  
  wherein the online account is identified based at least in part on the device identifier and the action to be performed with respect to an online account is initiated by the server such that the accessibility status of the online account is updated based on the action without further interaction with the mobile device, wherein the action to be performed with respect to the online account is an action to “
  
  lock”
  
  the online account, and wherein the action to “
  
  lock”
  
  the online account prevents login access to the online account even upon entering a correct username and password combination; and
  
  receive, in response to the access control message, a notification indicating that the action has been performed;
  
  receive, from the user of the mobile device, an indication of a second action to be performed with respect to the online account, wherein the second action to be performed with respect to the online account is an action to “
  
  unlock”
  
  the online account, and wherein the action to “
  
  unlock”
  
  the online account enables login access to the online account upon entering a correct username and password combination; and
  
  transmit a second access control message to the server that includes a request to complete the second action.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The mobile device of claim 11, wherein the action to “
    - unlock”
      
      the online account restores login access to the online account, such that upon initiation of the action, the online account may be accessed upon entering a correct username and password combination.
  - 13. The mobile device of claim 11, wherein the device identifier is associated with the server upon creation of the online account.
  - 14. The mobile device of claim 11, wherein the code executable by the processor is a software application installed on the mobile device.
  - 15. The mobile device of claim 11, wherein the code is further operative to generate an access code, the access code being provided to the server in the access control message, and the action to be performed with respect to an online account is initiated by the server upon validating the access code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Carlson, Mark
Primary Examiner(s)
Brown, Christopher J
Assistant Examiner(s)
Mohammadi, Fahimeh

Application Number

US15/059,191
Publication Number

US 20160183092A1
Time in Patent Office

1,154 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

H04L 63/08   for authentication of entit...

H04L 63/0892   by using authentication-aut...

H04W 12/069   using certificates or pre-s...

Online account access control by mobile device

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

79 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

Online account access control by mobile device

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

79 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others