Applications login using a mechanism relating sub-tokens to the quality of a master token

US 10,474,806 B2
Filed: 11/20/2018
Issued: 11/12/2019
Est. Priority Date: 12/29/2011
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a non-transitory memory; and

one or more hardware processors coupled with the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising;

in response to receiving authentication information from a user via a user device, causing a first application on the user device to generate a master token based on a determined quality score associated with the authentication information;

detecting a request to access a second application on the user device; and

in response to the detecting the request to access the second application, causing an authentication process of the user for the second application to be performed based on the master token and the determined quality score, without requiring any additional authentication information from the user.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems allow a user to log in to a device so that a number of apps become accessible on the device without the user repeatedly logging in to each different app as the user launches multiple apps. A mechanism of providing a master token with a quality score and providing sub-tokens for each app that can use the sub-token and the score quality to evaluate the level of security provided by the initial login allows each app to skip its own login process and provides a level of enhanced efficiency and convenience for the user. A method includes authenticating a user; creating a master token on the user device; creating a sub-token of the master token for an app launched on the device; the app skipping the login process of the app in response to the sub-token so that the app proceeds directly to validating a transaction.

Citations

20 Claims

1. A system, comprising:
- a non-transitory memory; and
  
  one or more hardware processors coupled with the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising;
  
  in response to receiving authentication information from a user via a user device, causing a first application on the user device to generate a master token based on a determined quality score associated with the authentication information;
  
  detecting a request to access a second application on the user device; and
  
  in response to the detecting the request to access the second application, causing an authentication process of the user for the second application to be performed based on the master token and the determined quality score, without requiring any additional authentication information from the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the causing the authentication process of the user for the second application to be performed based on the master token and the quality score includes:
    - causing the first application to generate a first sub-token based on the master token and the quality score, wherein the first sub-token is utilized to perform the authentication process of the user for the second application.
  - 3. The system of claim 2, wherein the first sub sub-token is valid for a period of time determined based on the quality score.
  - 4. The system of claim 1, wherein the causing the authentication process of the user for the second application to be performed based on the master token and the quality score includes based on determining that the quality score exceeds a threshold value associated with the second application, causing the second application to provide access to the user.
  - 5. The system of claim 1, wherein the causing the authentication process of the user for the second application to be performed based on the master token and the quality score includes based on determining that the quality score exceeds a threshold value associated with the second application, causing the second application to provide a limited access to the user.
  - 6. The system of claim 1, wherein the causing the authentication process of the user for the second application to be performed based on the master token and the quality score includes based on determining that the quality score does not exceed a threshold value associated with the second application, denying the user access to the second application.
  - 7. The system of claim 1, the operations further comprising:
    - detecting a request to access a third application on the user device; and
      
      in response to the detecting the request to access the third application, causing an authentication process of the user for the third application to be performed based on the master token and the determined quality score, without requiring any additional authentication information from the user.

8. A method comprising:
- in response to receiving authentication information from a user via a user device, causing, by one or more hardware processors, a first application on the user device to generate a master token based on a determined quality score associated with the authentication information;
  
  detecting, by the one or more hardware processors, a request to access a second application on the user device; and
  
  in response to the detecting the request to access the second application, causing, by the one or more hardware processors, an authentication process of the user for the second application to be performed based on the master token and the determined quality score, without requiring any additional authentication information from the user.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein the causing the authentication process of the user for the second application to be performed based on the master token and the quality score includes:
    - causing the first application to generate a first sub-token based on the master token and the quality score, wherein the first sub-token is utilized to perform the authentication process of the user for the second application.
  - 10. The method of claim 9, wherein the first sub-token is valid for a period of time determined based on the quality score.
  - 11. The method of claim 8, wherein the causing the authentication process of the user for the second application to be performed based on the master token and the quality score includes based on determining that the quality score exceeds a threshold value associated with the second application, causing the user to be authenticated for access to the second application.
  - 12. The method of claim 8, wherein the causing the authentication process of the user for the second application to be performed based on the master token and the quality score includes based on determining that the quality score exceeds a threshold value associated with the second application, causing the user to be authenticated for a limited access to the second application.
  - 13. The method of claim 8, wherein the causing the authentication process of the user for the second application to be performed based on the master token and the quality score includes based on determining that the quality score does not exceed a threshold value associated with the second application, causing the user to be denied access to the second application.
  - 14. The method of claim 8, further comprising:
    - detecting a request to access a third application on the user device; and
      
      in response to the detecting the request to access the third application, causing an authentication process of the user for the third application to be performed based on the master token and the determined quality score, without requiring any additional authentication information from the user.

15. A non-transitory machine-readable medium having stored thereon machine-readable instructions executable to cause a machine to perform operations comprising:
- in response to receiving authentication information from a user via a user device, causing a first application on the user device to generate a master token based on a determined quality score associated with the authentication information;
  
  detecting a request to access a second application on the user device; and
  
  in response to the detecting the request to access the second application, causing an authentication process of the user for the second application to be performed based on the master token and the determined quality score, without requiring any additional authentication information from the user.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory machine-readable medium of claim 15, wherein the causing the authentication process of the user for the second application to be performed based on the master token and the quality score includes:
    - causing the first application to generate a first sub-token based on the master token and the quality score, wherein the first sub-token is utilized to perform the authentication process of the user for the second application.
  - 17. The non-transitory machine-readable medium of claim 16, wherein the first sub-token is valid for a period of time determined based on the quality score.
  - 18. The non-transitory machine-readable medium of claim 15, wherein the causing the authentication process of the user for the second application to be performed based on the master token and the quality score includes based on determining that the quality score exceeds a threshold value associated with the second application, causing the user to be authenticated for access to the second application.
  - 19. The non-transitory machine-readable medium of claim 15, wherein the causing the authentication process of the user for the second application to be performed based on the master token and the quality score includes based on determining that the quality score exceeds a threshold value associated with the second application, causing the user to be authenticated for a limited access to the second application.
  - 20. The non-transitory machine-readable medium of claim 15, wherein the causing the authentication process of the user for the second application to be performed based on the master token and the quality score includes based on determining that the quality score does not exceed a threshold value associated with the second application, causing the user to be denied access to the second application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Original Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Inventors
Taveau, Sebastien Ludovic Jean, Mardikar, Upendra S.
Primary Examiner(s)
Shaifer Harriman, Dant B

Application Number

US16/196,847
Publication Number

US 20190087560A1
Time in Patent Office

357 Days
Field of Search

726 9
US Class Current
CPC Class Codes

G06F 21/30   Authentication, i.e. establ...

G06F 21/335   for accessing specific reso...

G06F 21/34   involving the use of extern...

G06F 21/41   where a single sign-on prov...

G06F 21/629   to features or functions of...

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2137   Time limited access, e.g. t...

G06Q 20/12   specially adapted for elect...

G06Q 20/127   Shopping or accessing servi...

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/382   insuring higher security of...

G06Q 20/38215   Use of certificates or encr...

G06Q 20/384   using social networks

G06Q 20/401   Transaction verification

G06Q 20/4014   Identity check for transact...

G06Q 20/40145   Biometric identity checks

G06Q 20/405   Establishing or using trans...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0815   providing single-sign-on or...

H04L 63/0861   using biometrical features,...

H04L 9/3226 : using a predetermined code,...

H04L 9/3228 : One-time or temporary data,...

H04L 9/3231 : Biological data, e.g. finge...

View All

Applications login using a mechanism relating sub-tokens to the quality of a master token

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Applications login using a mechanism relating sub-tokens to the quality of a master token

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links