User-level token for user authentication via a user device

US 10,721,226 B1
Filed: 03/10/2017
Issued: 07/21/2020
Est. Priority Date: 03/10/2017
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method performed by an identity verification computing system, the method comprising:

generating a unique user-level token (ULT) associated with a user-level profile, the user-level profile associated with a user device, the user device associated with a user;

provisioning the user-level token to the user device;

receiving a request to provide an identity verification of the user via an entity computing system, the request including data associated with the user device;

accessing the user-level profile associated with the user device;

obtaining the user-level token from the user device, the user-level token being pulled from the user device, the user-level token associated with the user-level profile, wherein a request for the user-level token includes instructions to the user device to open an application associated with the user-level token and an address to transmit the user-level token to the identity verification computing system, and wherein the user-level token is received from the user device without requiring input to the user device by the user;

validating the user-level token; and

transmitting an identity verification approval to the entity computing system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer implemented method performed by an identity verification computing system includes receiving a request to provide an identity verification of a user via an entity computing system, the request including data associated with a user device associated with the user. A user-level profile associated with the user device is accessed. A user-level token is requested from the user device. The user-level token is associated with the user-level profile. The user-level token is received from the user device, and validated. An identity verification approval is transmitted to the entity computing system.

29 Citations

View as Search Results

26 Claims

1. A computer-implemented method performed by an identity verification computing system, the method comprising:
- generating a unique user-level token (ULT) associated with a user-level profile, the user-level profile associated with a user device, the user device associated with a user;
  
  provisioning the user-level token to the user device;
  
  receiving a request to provide an identity verification of the user via an entity computing system, the request including data associated with the user device;
  
  accessing the user-level profile associated with the user device;
  
  obtaining the user-level token from the user device, the user-level token being pulled from the user device, the user-level token associated with the user-level profile, wherein a request for the user-level token includes instructions to the user device to open an application associated with the user-level token and an address to transmit the user-level token to the identity verification computing system, and wherein the user-level token is received from the user device without requiring input to the user device by the user;
  
  validating the user-level token; and
  
  transmitting an identity verification approval to the entity computing system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising:
    - determining if sufficient data is available to verify the identity of the user device;
      
      sending a request for additional device information to the user device in response to determining that there is not sufficient data available to verify the identity of the user device; and
      
      receiving additional device information from the user device.
  - 3. The method of claim 2, wherein the additional device information includes at least one of a MAC address of the user device, a device serial number, an FCC ID number and an IP address.
  - 4. The method of claim 2, wherein the additional device information includes a list of non-ULT tokens provisioned to the user device.
  - 5. The method of claim 4, wherein the non-ULT tokens are tokens associated with the identity verification computing system.
  - 6. The method of claim 2, further comprising storing the additional device information in the user-level profile associated with the user device.
  - 7. The method of claim 1, further comprising:
    - determining if sufficient data is available to verify the identity of the user;
      
      sending a request for additional user information to the user device in response to determining that there is not sufficient data available to verify the identity of the user; and
      
      receiving additional user information from the user device.
  - 8. The method of claim 7, wherein the additional user information comprises biometric data provided by the user.
  - 9. The method of claim 7, further comprising evaluating a security setting of the device to determine if sufficient data is available to verify the identity of the user.
  - 10. The method of claim 1, wherein the request to provide the identity verification of the user is received in response to the user contacting the entity computing system via the user device.

11. A system, comprising:
- an entity computing device configured to interface with a user device associated with a user; and
  
  an identity verification computing system, comprising a processor and instructions stored in non-transitory machine-readable media, the instructions configured to cause the identity verification computing system to;
  
  generate a unique user-level token (ULT) associated with a user-level profile, the user-level profile associated with a user device, the user device associated with a user;
  
  provision the user-level token to the user device;
  
  receive an identity verification request for the user from the entity computing device, the request comprising data associated with the user device;
  
  access the user-level profile associated with the user device;
  
  obtain the user-level token from the user device, the user level token being pulled from the user device, the user-level token associated with the user-level profile, wherein a request for the user-level token includes instructions to the user device to open an application associated with the user-level token and an address to transmit the user-level token to the identity verification computing system, and wherein the user-level token is received from the user device without requiring input to the user device by the user;
  
  validate the user-level token; and
  
  transmit an identity verification approval to the entity computing system.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The system of claim 11, wherein the instructions are further configured to cause the identity verification computing system to:
    - determine if sufficient data is available to verify the identity of the user device;
      
      send a request for additional device information to the user device in response to determining that there is not sufficient data available to verify the identity of the user device; and
      
      receive additional device information from the user device.
  - 13. The system of claim 12, wherein the additional device information includes at least one of a MAC address of the user device, a device serial number, an FCC ID number and an IP address.
  - 14. The system of claim 12, wherein the additional device information includes a list of non-ULT tokens provisioned to the user device.
  - 15. The system of claim 14, wherein the non-ULT tokens are tokens associated with the identity verification computing system.
  - 16. The system of claim 11, wherein the instructions are further configured to cause the identity verification computing system to store the additional device information in a user-level profile database associated with the user.
  - 17. The system of claim 11, wherein the instructions are further configured to cause the identity verification computing system to:
    - determine if sufficient data is available to verify the identity of the user;
      
      send a request for additional user information to the user device in response to determining that there is not sufficient data available to verify the identity of the user; and
      
      receive additional user information from the user device.
  - 18. The system of claim 17, wherein the instructions are further configured to cause the identity verification computing system to evaluate a security setting of the device to determine if sufficient data is available to verify the identity of the user.

19. An identity verification computing system, comprising:
- a network interface configured to communicate with an entity computing system via a network;
  
  an identity database configured to store a plurality of user-level profiles;
  
  a memory configured to store instructions; and
  
  at least one processor configured to execute the instructions stored on the memory to;
  
  generate a unique user-level token (ULT) associated with a user-level profile, the user-level profile associated with a user device, the user device associated with a user;
  
  provision the user-level token to the user device;
  
  receive an identity request for the user from the entity computing device, the request comprising data associated with the user device;
  
  access the user-level profile associated with the user device;
  
  request the user-level token from the user device, the user-level token associated with the user-level profile, wherein the request for the user-level token includes instructions to the user device to open an application associated with the user-level token and an address to transmit the user-level token to the identity verification computing system, and wherein the user-level token is received from the user device without requiring input to the user device by the user;
  
  receive the user-level token from the user device;
  
  validate the user-level token; and
  
  transmit an identity verification approval to the entity computing system.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
- - 20. The system of claim 19, wherein the processor is further configured to:
    - determine if sufficient data is available to verify the identity of the user device;
      
      send a request for additional device information to the user device in response to determining that there is not sufficient data available to verify the identity of the user device; and
      
      receive additional device information from the user device.
  - 21. The system of claim 20, wherein the additional device information includes at least one of a MAC address of the user device, a device serial number, an FCC ID number and an IP address.
  - 22. The system of claim 20, wherein the additional device information includes a list of non-ULT tokens provisioned to the user device.
  - 23. The system of claim 22, wherein the non-ULT tokens are tokens associated with the identity verification computing system.
  - 24. The system of claim 20, wherein the processor is further configured to cause the identity verification computing system to store the additional device information in a user-level profile database associated with the user.
  - 25. The system of claim 20, wherein the processor is further configured to:
    - determine if sufficient data is available to verify the identity of the user;
      
      send a request for additional user information to the user device in response to determining that there is not sufficient data available to verify the identity of the user; and
      
      receive additional user information from the user device.
  - 26. The system of claim 25, wherein the processor is further configured to cause the identity verification computing system to evaluate a security setting of the device to determine if sufficient data is available to verify the identity of the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wells Fargo Bank NA (Wells Fargo & Company)
Original Assignee
Wells Fargo Bank NA (Wells Fargo & Company)
Inventors
Kurani, Ashish B., Kushner, Kristine Ing, Pearce, Brian M., Puffer, Steven E., Stroke, Nikolai, Vittimberga, Paul, Yang, Young M.
Primary Examiner(s)
Dolly, Kendall

Application Number

US15/456,080
Time in Patent Office

1,229 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04L 63/0876   based on the identity of th...

User-level token for user authentication via a user device

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

29 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

User-level token for user authentication via a user device

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

29 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links