SYSTEM AND METHODS FOR CUSTOMER-MANAGED DEVICE-BASED AUTHENTICATION

US 20080226142A1
Filed: 03/16/2007
Published: 09/18/2008
Est. Priority Date: 03/16/2007
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method of providing customer-managed, device-based authentication of access to an on-line service, the method comprising:

storing, based on customer input, device preferences related to specified devices selectably accessing an account connected with the on-line service; and

assaying a device fingerprint for a device to authenticate access by the device to the account based at least in part on the device preferences.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and methods for customer-managed device-based authentication are disclosed. Embodiments of the invention provide a user interface that allows a customer with an on-line account to access and manage device fingerprint information that can be used to control or regulate the customer'"'"'s access. Such a system can collect user input regarding device preferences related to specified devices to be used to access or to be prohibited or restricted from accessing an account. Information regarding these devices is stored in a database. The system can then assay a device fingerprint for a device to authenticate access by the device to the account based on the device preferences. In some embodiments, input can also be collected regarding alert preferences related to alerts connected with accessing the account from specified devices.

67 Citations

View as Search Results

34 Claims

1. A computer-implemented method of providing customer-managed, device-based authentication of access to an on-line service, the method comprising:
- storing, based on customer input, device preferences related to specified devices selectably accessing an account connected with the on-line service; and
  
  assaying a device fingerprint for a device to authenticate access by the device to the account based at least in part on the device preferences.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 2. The method of claim 1 further comprising:
    - storing, based on the customer input, alert preferences related to alerts connected with accessing the account from specified devices;
      
      assaying the device fingerprint to determine when to send at least one alert based on the alert preferences.
  - 3. The method of claim 1 wherein the assaying of the device fingerprint to authenticate access further comprises accessing a forensic database of device information.
  - 4. The method of claim 1 further comprising presenting an access history for the account, wherein the access history includes at least some device fingerprint information.
  - 5. The method of claim 2 wherein at least one of the assaying of the device fingerprint to authenticate access and the assaying of the device fingerprint to determine when to send at least one alert further comprises accessing a forensic database of device information.
  - 6. The method of claim 2 further comprising presenting an access history for the on-line account, wherein the access history includes at least some device fingerprint information.
  - 7. The method of claim 3 further comprising presenting an access history for the on-line account, wherein the access history includes at least some device fingerprint information.
  - 8. The method of claim 5 further comprising presenting an access history for the on-line account, wherein the access history includes at least some device fingerprint information.
  - 9. The method of claim 1 wherein the device preferences can include at least one of geographic restrictions, time restrictions, a unique name, and activity restrictions.
  - 10. The method of claim 2 wherein the device preferences can include at least one of geographic restrictions, time restrictions and activity restrictions.
  - 11. The method of claim 3 wherein the device preferences can include at least one of geographic restrictions, time restrictions and activity restrictions.
  - 12. The method of claim 4 wherein the device preferences can include at least one of geographic restrictions, time restrictions, a unique name, and activity restrictions.
  - 13. The method of claim 5 wherein the device preferences can include at least one of geographic restrictions, time restrictions and activity restrictions.
  - 14. A computer program product comprising a medium including computer program instructions for performing the method of claim 1.
  - 15. A computer program product comprising a medium including computer program instructions for performing the method of claim 2.
  - 16. A computer program product comprising a medium including computer program instructions for performing the method of claim 3.
  - 17. A computer program product comprising a medium including computer program instructions for performing the method of claim 4.
  - 18. A computer program product comprising a medium including computer program instructions for performing the method of claim 5.
  - 19. A computer program product comprising a medium including computer program instructions for performing the method of claim 10.

20. Apparatus for providing customer-managed, device-based authentication of access to an on-line service, the apparatus comprising:
- means for receiving customer input;
  
  means for storing, based on the customer input, device preferences related to specified devices selectably accessing an account connected with the on-line service; and
  
  means for assaying a device fingerprint for a device to authenticate access by the device to the account based at least in part on the device preferences.
- View Dependent Claims (21, 22, 23)
- - 21. The apparatus of claim 20 further comprising:
    - means for storing alert preferences related to alerts connected with accessing the account from specified devices; and
      
      means for assaying the device fingerprint to determine when to send at least one alert based on the alert preferences.
  - 22. The apparatus of claim 20 further comprising means for presenting an access history for the on-line account, wherein the access history includes at least some device fingerprint information.
  - 23. The apparatus of claim 21 further comprising means for presenting an access history for the on-line account, wherein the access history includes at least some device fingerprint information.

24. A system for providing customer-managed, device-based authenticated access to an on-line service, the system comprising:
- an on-line account server to provide access to an account connected with the on-line service;
  
  a device management server to receive customer input related to device preferences for specified devices selectably accessing the account and to assay a device fingerprint for a device to authenticate access by the device to the account based at least in part on the device preferences, the device management server functionally connected to the on-line account server; and
  
  a forensic database connected to the device management server to store the device fingerprint.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 25. The system of claim 24 further comprising an alerts database connected to the device management server to store alert preferences related to alerts connected with accessing the account from specified devices.
  - 26. The system of claim 24 wherein the device management server is further operable to present an access history for the account, wherein the access history includes at least some device fingerprint information.
  - 27. The system of claim 25 wherein the device management server is further operable to present an access history for the account, wherein the access history includes at least some device fingerprint information.
  - 28. The system of claim 24 wherein the device preferences can include at least one of geographic restrictions, time restrictions and activity restrictions.
  - 29. The system of claim 25 wherein the device preferences can include at least one of geographic restrictions, time restrictions and activity restrictions.
  - 30. The system of claim 26 wherein the device preferences can include at least one of geographic restrictions, time restrictions and activity restrictions.
  - 31. The system of claim 27 wherein the device preferences can include at least one of geographic restrictions, time restrictions and activity restrictions.
  - 32. The system of claim 24 wherein the device management system can store a unique name assigned to each device, the unique name received as part of the customer input.
  - 33. The system of claim 27 wherein the device management system can store a unique name assigned to each device, the unique name received as part of the customer input.
  - 34. The system of claim 28 wherein the device management system can store a unique name assigned to each device, the unique name received as part of the customer input.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Shroyer, David C., Pennella, Michael M.

Granted Patent

US 8,205,790 B2
Time in Patent Office

Days
Field of Search
US Class Current

382/124
CPC Class Codes

G06F 21/31 User authentication

G06F 2221/2129 Authenticate client device ...

SYSTEM AND METHODS FOR CUSTOMER-MANAGED DEVICE-BASED AUTHENTICATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

67 Citations

34 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHODS FOR CUSTOMER-MANAGED DEVICE-BASED AUTHENTICATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

67 Citations

34 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links