Device profile data usage for state management in mobile device authentication
First Claim
1. A method comprising:
- creating, by a processor, a user profile;
determining, by the processor, state information for a user device based on authentication process used to authenticate the user device, wherein the state information indicates whether the user device has one of a trusted state, a suspended state and an untrusted state;
creating, by the processor, a dynamic device profile associated with the user device, the dynamic device profile including the state information for the user device;
binding, by the processor, the user profile to the dynamic device profile, wherein the binding prepares the user device to conduct one or more transactions;
in response to a request to perform a transaction with the user device, checking, by the processor, the state information in the dynamic device profile;
preventing, by the processor, the transaction with the user device when the state information indicates the untrusted state;
unbinding, by the processor, the user profile from the dynamic device profile when the state information indicates the untrusted state, wherein the unbinding revokes authorization to conduct the one or more transactions using the user device;
wherein the user device transitions among the trusted state, the suspended state and the untrusted state when a predetermined set of actions associated with each respective transition are completed, wherein a first subset of actions are associated with a transition from the trusted state to the suspended state and a second subset of actions are associated with a transition from the untrusted state to the trusted state;
continuously performing the second subset of actions to determine whether the user device qualifies to transition to the trusted state; and
re-binding, by the processor, the user profile to the dynamic device profile when the second subset of actions are successfully completed, wherein the re-binding the user profile to the dynamic device profile transitions the user device from the untrusted state to the trusted state and reinstates the authorization to conduct the one or more transactions with the user device.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments create and manage a device profile on a mobile device for continued authentication of the mobile device. The device profile includes a state assigned to a mobile device. The state of the device can be managed through the device profile. The mobile device is allowed to conduct payments based on the current state assigned to the mobile device. In response to a request to conduct a payment transaction using the mobile device, the state information in the mobile device profile is checked. The payment transaction using the mobile device is allowed when the state information indicates a trusted state. The payment transaction using the mobile device is limited when the state information indicates a suspended state. The payment transaction using the mobile device is prevented when the state information indicates an untrusted state.
-
Citations
21 Claims
-
1. A method comprising:
-
creating, by a processor, a user profile; determining, by the processor, state information for a user device based on authentication process used to authenticate the user device, wherein the state information indicates whether the user device has one of a trusted state, a suspended state and an untrusted state; creating, by the processor, a dynamic device profile associated with the user device, the dynamic device profile including the state information for the user device; binding, by the processor, the user profile to the dynamic device profile, wherein the binding prepares the user device to conduct one or more transactions; in response to a request to perform a transaction with the user device, checking, by the processor, the state information in the dynamic device profile; preventing, by the processor, the transaction with the user device when the state information indicates the untrusted state; unbinding, by the processor, the user profile from the dynamic device profile when the state information indicates the untrusted state, wherein the unbinding revokes authorization to conduct the one or more transactions using the user device; wherein the user device transitions among the trusted state, the suspended state and the untrusted state when a predetermined set of actions associated with each respective transition are completed, wherein a first subset of actions are associated with a transition from the trusted state to the suspended state and a second subset of actions are associated with a transition from the untrusted state to the trusted state; continuously performing the second subset of actions to determine whether the user device qualifies to transition to the trusted state; and re-binding, by the processor, the user profile to the dynamic device profile when the second subset of actions are successfully completed, wherein the re-binding the user profile to the dynamic device profile transitions the user device from the untrusted state to the trusted state and reinstates the authorization to conduct the one or more transactions with the user device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 18, 19, 20, 21)
-
-
10. A method comprising:
-
determining, by a processor, state information for a user device based on authentication process used to authenticate a user device, wherein the state information indicates whether the user device has one of a trusted state, a suspended state and an untrusted state; creating, by the processor, a dynamic device profile including the state information for the user device; determining that the user device is in the trusted state, wherein the user device is authorized to conduct one or more transactions while in the trusted state; continuously performing, by the processor, actions on a list of actions one by one, wherein an action on the list is performed if a current action is completed; transitioning, by the processor, the user device to the suspended state if a first subset of actions of the list is completed, wherein the first subset of actions are associated with a transition from the trusted state to the suspended state, wherein transitioning into the suspended state restricts the one or more transactions conducted with the user device based on a predetermined criteria; transitioning, by the processor, the user device to the untrusted state if a second subset of actions of the list is completed, wherein the second subset of actions are associated with a transition from the trusted state to the untrusted state, wherein transitioning into the untrusted state revokes authorization to conduct the one or more transactions using the user device; and keeping the user device in the trusted state if a third subset of actions of the list is completed. - View Dependent Claims (11)
-
-
12. A server computer comprising:
-
a processor; and a computer readable medium coupled to the processor, the computer readable medium comprising code, executable by the processor, to implement a method comprising; creating a user profile; determining state information for a user device based on authentication process used to authenticate the user device, wherein the state information indicates whether the user device has one of a trusted state, a suspended state and an untrusted state; creating a dynamic device profile associated with the user device, the dynamic device profile including the state information for the user device; binding the user profile to the dynamic device profile, wherein the binding prepares the user device to conduct one or more transactions; in response to a request to perform a transaction with the user device, checking the state information in the dynamic device profile; preventing the transaction with the user device when the state information indicates the untrusted state; unbinding the user profile from the dynamic device profile when the state information indicates the untrusted state, wherein the unbinding revokes authorization to conduct the one or more transactions using the user device; wherein the user device transitions among the trusted state, the suspended state and the untrusted state when a predetermined set of actions associated with each respective transition are completed, wherein a first subset of actions are associated with a transition from the trusted state to the suspended state and a second subset of actions are associated with a transition from the untrusted state to the trusted state; continuously performing the second subset of actions to determine whether the user device qualifies to transition to the trusted state; and re-binding the user profile to the dynamic device profile when the second subset of actions are successfully completed, wherein the re-binding the user profile to the dynamic device profile transitions the user device from the untrusted state to the trusted state and reinstates the authorization to conduct the one or more transactions with the user device. - View Dependent Claims (13, 14, 15, 16, 17)
-
Specification