USER-FRIENDLY MULTIFACTOR MOBILE AUTHENTICATION

US 20080289030A1
Filed: 05/17/2007
Published: 11/20/2008
Est. Priority Date: 05/17/2007
Status: Active Grant

First Claim

Patent Images

1. A method for gaining access to an external resource from a mobile communications device, wherein the access to the external resource requires a plurality of authenticating factors, the method comprising:

detecting a request to access the external resource requiring authentication via electronic authenticating material stored in the mobile communications device;

detecting presence of an external authenticating module in proximity to the mobile communications device;

allowing access to the electronic authenticating material in response to validating a unique identifier received from the external authenticating module as one of the plurality of authenticating factors; and

communicating information associated with the electronic authenticating material to the external resource as another one of the plurality of authenticating factors.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for performing multifactor mobile authentication are described whereby a mobile communications device includes a contactless reader for receiving and validating a unique identifier stored in an external authenticating module prior to granting access to locally stored electronic authenticating material required to access an external resource. In one embodiment, the mobile communications device is a mobile telephone having an RFID reader for receiving the unique identifier from an RFID tag incorporated into the external authenticating module. Preferably, the external authenticating module is associated with a user, such as by being part of the user'"'"'s jewelry or clothing. The mobile authentication device includes an RFID authenticator module that detects external resource access requests and checks whether the requested resource is on a list of resources that require additional user authentication prior to granting access to locally stored authenticating material.

155 Citations

22 Claims

1. A method for gaining access to an external resource from a mobile communications device, wherein the access to the external resource requires a plurality of authenticating factors, the method comprising:
- detecting a request to access the external resource requiring authentication via electronic authenticating material stored in the mobile communications device;
  
  detecting presence of an external authenticating module in proximity to the mobile communications device;
  
  allowing access to the electronic authenticating material in response to validating a unique identifier received from the external authenticating module as one of the plurality of authenticating factors; and
  
  communicating information associated with the electronic authenticating material to the external resource as another one of the plurality of authenticating factors.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 wherein the external authenticating module comprises an RFID tag associated with a user of the mobile communications device.
  - 3. The method of claim 1 wherein the mobile communications device is a mobile telephone comprising an RFID reader and an RFID authenticator module for validating the unique identifier received from the external authenticating module.
  - 4. The method of claim 1 wherein the mobile communications device is one of a personal digital assistant and a portable computer, the mobile communications device further comprising an RFID reader and an RFID authenticator module for validating the unique identifier received from the external authenticating module.
  - 5. The method of claim 1 wherein the electronic authenticating material comprises at least one of a digital certificate, an NFC identifier, a username and password, and a personal identification number.
  - 6. The method of claim 1 wherein the external resource comprises at least one of a secure web application, a VPN server, and an NFC device.
  - 7. The method of claim 1 further comprising communicating the information associated with the electronic authenticating material via a communications protocol selected from the group consisting of an SSL protocol, a TLS protocol, an NFC protocol, an HTTP Digest protocol, and a TCP protocol.

8. A mobile communications device for providing access to an external resource via a plurality of authenticating factors, the mobile communications device comprising:
- a processor;
  
  memory for storing electronic authenticating material;
  
  at least one contactless reader capable of receiving a unique identifier to provide access to the electronic authenticating material as one of the plurality of authenticating factors; and
  
  a communications interface for sending the information associated with the electronic authenticating material to the external resource as another one of the authenticating factors.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The mobile communications device of claim 8 wherein the mobile communications device is a mobile telephone comprising an RFID reader and an RFID authenticator module for validating the unique identifier.
  - 10. The mobile communications device of claim 8 wherein the mobile communications device is one of a personal digital assistant and a portable computer, the mobile communications device further comprising an RFID reader and an RFID authenticator module for validating the unique identifier.
  - 11. The mobile communications device of claim 8 wherein the electronic authenticating material comprises at least one of a digital certificate, an NFC identifier, a username and password, and a personal identification number.
  - 12. The mobile communications device of claim 8 wherein the external resource comprises at least one of a secure web application, a VPN server, and an NFC device.
  - 13. The mobile communications device of claim 8 wherein the communications interface connects to the external resource via a communications protocol selected from the group consisting of an SSL protocol, a TLS protocol, an NFC protocol, an HTTP Digest protocol, and a TCP protocol.
  - 14. The mobile communications device of claim 8 wherein the memory comprises a computer readable medium having thereon instructions for:
    - detecting an authentication attempt requiring access to the electronic authenticating material stored in the memory;
      
      detecting presence of an external authenticating module in proximity to the mobile communications device; and
      
      allowing access to the electronic authenticating material in response to validating a unique identifier received from the external authenticating module.
  - 15. The mobile communications device of claim 14 wherein the external authenticating module is an RFID tag associated with a user of the mobile communications device.

16. A system for providing access to an external resource from a mobile communications device via a plurality of authenticating factors, the system comprising:
- the mobile communications device having stored thereon electronic authenticating material, the electronic authenticating material comprising one of the plurality of authenticating factors for accessing the external resource;
  
  an external authenticating module having stored thereon a unique identifier for providing access to the electronic authenticating material in the mobile communications device as another one of the plurality of authenticating factors; and
  
  wherein the mobile communications device comprises at least one contactless reader for receiving the unique identifier from the external authenticating module when the mobile communications device detects an authentication attempt requiring access to the electronic authenticating material and the external authenticating module is in proximity to the mobile communications device.
- View Dependent Claims (17, 18, 19, 20, 21, 22)
- - 17. The system of claim 16 wherein the external authenticating module is an RFID tag.
  - 18. The system of claim 16 wherein the mobile communications device is a mobile telephone comprising an RFID reader and an RFID authenticator module for validating the unique identifier received from the external authenticating module.
  - 19. The system of claim 16 wherein the mobile communications device is one of a personal digital assistant and a portable computer, the mobile communications device further comprising an RFID reader and an RFID authenticator module for validating the unique identifier received from the external authenticating module.
  - 20. The system of claim 16 wherein the electronic authenticating material comprises at least one of a digital certificate, an NFC identifier, a username and password, and a personal identification number.
  - 21. The system of claim 16 wherein the external resource comprises at least one of a secure web application, a VPN server, and an NFC device.
  - 22. The system of claim 16 wherein the mobile communications device sends information associated with the electronic authenticating material to the external resource via a communications protocol selected from the group consisting of an SSL protocol, a TLS protocol, an NFC protocol, an HTTP Digest protocol, and a TCP protocol.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
United States Cellular Corporation (Telephone & Data Systems, Inc.)
Original Assignee
United States Cellular Corporation (Telephone & Data Systems, Inc.)
Inventors
Poplett, John

Granted Patent

US 8,646,056 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/15
CPC Class Codes

G06F 21/31   User authentication

G06F 21/32   using biometric data, e.g. ...

G06F 2221/2115   Third party

USER-FRIENDLY MULTIFACTOR MOBILE AUTHENTICATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

155 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

USER-FRIENDLY MULTIFACTOR MOBILE AUTHENTICATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

155 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links