CREATING AND VERIFYING GLOBALLY UNIQUE DEVICE-SPECIFIC IDENTIFIERS

US 20080104684A1
Filed: 10/24/2007
Published: 05/01/2008
Est. Priority Date: 10/25/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by a server, a plurality of identifiers associated with a client device;

encrypting, by the server, a plurality of encoding values associated with the plurality of identifiers using a first key of a key pair of the server; and

generating, by the server, a token uniquely identifying the client device, a body of the token including the encrypted plurality of encoding values.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, apparatuses, and articles for receiving, by a server, a plurality of identifiers associated with a client device are described herein. The server may also encrypt a plurality of encoding values associated with the plurality of identifiers using a first key of a key pair of the server, and generate a token uniquely identifying the client device, a body of the token including the encrypted plurality of encoding values. In other embodiments, the server may receive a token along with the plurality of identifiers. In such embodiments, the server may further verify the validity of the received token, including attempting to decrypt a body of the received token with a key associated with a second server, the second server having generated the received token, and, if decryption succeeds, comparing ones of the plurality of identifiers with second identifiers found in the decrypted body to check for inconsistencies.

Citations

23 Claims

1. A method comprising:
- receiving, by a server, a plurality of identifiers associated with a client device;
  
  encrypting, by the server, a plurality of encoding values associated with the plurality of identifiers using a first key of a key pair of the server; and
  
  generating, by the server, a token uniquely identifying the client device, a body of the token including the encrypted plurality of encoding values.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the identifiers are received from a web server of a subscriber to services of the server, and the method further comprises transmitting, by the server, the token to the web server to facilitate the web server in providing the token to the client device.
  - 3. The method of claim 1, further comprising transmitting, by the server, the token to the client device.
  - 4. The method of claim 1, wherein the plurality of identifiers include at least one of a device serial number, a media access control (MAC) address, an operating system (OS) type, and OS version, a time code, a country code, or a region code.
  - 5. The method of claim 1, further comprising generating, by the server, the encoding values by performing a hash function on the plurality of identifiers.
  - 6. The method of claim 1, wherein the token further includes a server identifier to identify the server as a generator of the token.
  - 7. The method of claim 1, further comprising requesting of the client device, by the server, the plurality of identifiers.
  - 8. The method of claim 1, wherein the first key of the key pair is a private key of the server.

9. A method comprising:
- receiving, by a first server, a token associated with a client device, the token acting as a unique identifier of the client device, and a plurality of first identifiers; and
  
  verifying, by the first server, validity of the token, includingattempting to decrypt a body of the token with a key associated with a second server, the second server having generated the token, andif decryption succeeds, comparing ones of the plurality of first identifiers with second identifiers found in the decrypted body to check for inconsistencies.
- View Dependent Claims (10, 11, 12, 13, 14, 16)
- - 10. The method of claim 9, wherein the token and first identifiers are received from a web server of a subscriber to services of the first server.
  - 11. The method of claim 9, wherein the first or second plurality of identifiers include at least one of a device serial number, a media access control (MAC) address, an operating system (OS) type, and OS version, a time code, a country code, or a region code.
  - 12. The method of claim 9, wherein the key associated with the second server is the public key of the second server.
  - 13. The method of claim 9, wherein the second identifiers are identical to the first identifiers.
  - 14. The method of claim 9, further comprising, if token verification fails, determining, by the first server, whether to reissue the token based on one or more factors.
  - 16. The method of claim 9, further comprising periodically reissuing the token, by the first server, regardless of whether the verifying indicates that the token is valid.

15. The method of claim 15, wherein the one or more factors include at least one of success or failure of decryption, inconsistencies between ones of the first and second identifiers, presence of a device identifier of the client device on a list of suspect devices, a count of a number of times the token has been received, association of the client device to evidence of fraud, or a level of risk associated with the client device.

17. A first server comprising:
- a processor; and
  
  logic to be operated by the processor toreceive a token associated with a client device, the token acting as a unique identifier of the client device, and a plurality of first identifiers, andverify validity of the token, includingattempting to decrypt a body of the token with a key associated with a second server, the second server having generated the token, andif decryption succeeds, comparing ones of the plurality of first identifiers with second identifiers found in the decrypted body to check for inconsistencies.
- View Dependent Claims (18, 19)
- - 18. The first server of claim 17, wherein the logic is further to, if token verification fails, determine whether to reissue the token based on one or more rules or policies.
  - 19. The first server of claim 18, wherein the one or more rules or policies include at least one of success or failure of decryption, inconsistencies between ones of the first and second identifiers, presence of a device identifier of the client device on a list of suspect devices, a count of a number of times the token has been received, association of the client device to evidence of fraud, or a level of risk associated with the client device.

20. An article of manufacture comprising:
- a storage medium; and
  
  a plurality of programming instructions stored on the storage medium and configured to program a server toreceive a plurality of identifiers associated with a client device,encrypt a plurality of encoding values associated with the plurality of identifiers using a private key of the server, andgenerate a token uniquely identifying the client device, a body of the token including the encrypted plurality of encoding values.
- View Dependent Claims (21, 22, 23)
- - 21. The article of claim 20, wherein the programming instructions are further configured to program the server to provide client logic to the client device, directly or indirectly, to enable the client device to recognize and use the token.
  - 22. The article of claim 21, wherein the plurality of identifiers include at least one of a device serial number, a media access control (MAC) address, an operating system (OS) type, and OS version, a time code, a country code, or a region code.
  - 23. The article of claim 21, wherein the token further includes a server identifier to identify the server as a generator of the token.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
iovation Incorporated
Original Assignee
iovation Incorporated
Inventors
Lulich, Daniel P., Lunde, Ron, Pierson, Greg

Granted Patent

US 8,751,815 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/6
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0442   wherein the sending and rec...

H04L 63/0876   based on the identity of th...

H04L 63/126   the source of the received ...

H04L 9/3213   using tickets or tokens, e....

CREATING AND VERIFYING GLOBALLY UNIQUE DEVICE-SPECIFIC IDENTIFIERS

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

CREATING AND VERIFYING GLOBALLY UNIQUE DEVICE-SPECIFIC IDENTIFIERS

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links