Computer-implemented method for mobile authentication and corresponding computer system
First Claim
1. A non-transitory computer-readable medium storing a program executable by one or more processors of a first computing device, the program comprising sets of instructions for:
- receiving directly from a second computing device an authentication request to authenticate a user associated with a first account associated with a service hosted on the second computing device, wherein the authentication request is associated with a login request to log into the first account that the second computing device receives from a third computing device, wherein the authentication request includes a user identification associated with a second account managed by and stored on the first computing device;
sending to a fourth computing device a request for verification of the second account in order to authenticate the identity of the user;
receiving from the fourth computing device verification information for verifying the second account, wherein the verification information is based on information that the fourth computing device reads from a personal smart card that is separate from the fourth computing device, the information configured for authenticating the user associated with the account; and
sending directly to the second computing device authentication information based on the verification information in order for the second computing device to use the authentication information to log the user into the first account associated with the service.
0 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment of the present invention a computerized method includes receiving at a personal-mobile device a first communication, which includes information for requesting user verification for logging into an account of a user, via a computing device. The account is with a service provided by an application server. The method includes starting a personal-authentication application on the personal-mobile device in response to receiving the first communication, and receiving in the personal-authentication application a user verification for confirming logging into the account. The method includes logging into the account via the computing device based on receipt of the user verification. Embodiments of the present invention provide enhanced security for logging into an account that a user may have with a service by providing that a personal-mobile device, such as a mobile telephone, which is personal to a user, is configured as a security token for login to the account.
12 Citations
20 Claims
-
1. A non-transitory computer-readable medium storing a program executable by one or more processors of a first computing device, the program comprising sets of instructions for:
-
receiving directly from a second computing device an authentication request to authenticate a user associated with a first account associated with a service hosted on the second computing device, wherein the authentication request is associated with a login request to log into the first account that the second computing device receives from a third computing device, wherein the authentication request includes a user identification associated with a second account managed by and stored on the first computing device; sending to a fourth computing device a request for verification of the second account in order to authenticate the identity of the user; receiving from the fourth computing device verification information for verifying the second account, wherein the verification information is based on information that the fourth computing device reads from a personal smart card that is separate from the fourth computing device, the information configured for authenticating the user associated with the account; and sending directly to the second computing device authentication information based on the verification information in order for the second computing device to use the authentication information to log the user into the first account associated with the service. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
one or more processors of a first computing device; a non-transitory computer-readable medium storing a program executable by the one or more processors, the program comprising sets of instructions for; receiving directly from a second computing device an authentication request to authenticate a user associated with a first account associated with a service hosted on the second computing device, wherein the authentication request is associated with a login request to log into the first account that the second computing device receives from a third computing device, wherein the authentication request includes a user identification associated with a second account managed by and stored on the first computing device; sending to a fourth computing device a request for verification of the second account in order to authenticate the identity of the user; receiving from the fourth computing device verification information for verifying the second account, wherein the verification information is based on information that the fourth computing device reads from a personal smart card that is separate from the fourth computing device, the information configured for authenticating the user associated with the account; and sending directly to the second computing device authentication information based on the verification information in order for the second computing device to use the authentication information to log a user into the first account associated with the service. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. For a first computing device, a method comprising:
-
receiving directly from a second computing device an authentication request to authenticate a user associated with a first account associated with a service hosted on the second computing device, wherein the authentication request is associated with a login request to log into the first account that the second computing device receives from a third computing device, wherein the authentication request includes a user identification associated with a second account managed by and stored on the first computing device; sending to a fourth computing device a request for verification of the second account in order to authenticate the identity of the user; receiving from the fourth computing device verification information associated with the request, wherein the verification information is based on information that the fourth computing device reads from a personal smart card that is separate from the fourth computing device, the information configured for authenticating the user associated with the account; and sending directly to the second computing device authentication information associated with logging into the account associated with the service based on the verification information in order for the second computing device to use the authentication information to log a user of the third device into the account associated with the service. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification