MOBILE AUTHENTICATION FRAMEWORK

US 20090113527A1
Filed: 10/29/2007
Published: 04/30/2009
Est. Priority Date: 10/29/2007
Status: Active Grant

First Claim

Patent Images

1. A method of associating a mobile device with a web service or a user account, comprising:

on a mobile device, displaying a unique code, that is associated with a user account or web service to be utilized with the mobile device, and displaying instructions for a user to enter the unique code in an authentication process via an authentication portal of a management device;

after it is determined that a user has performed the authentication process, obtaining from the management device any user identification which has been associated with the unique code and storing the obtained user identification for use by the mobile device; and

after user identification have been obtained and stored, using the stored user identification for the mobile device to participate in an authentication process for authorizing the mobile device to utilize a web service or user account associated with the user identification, wherein the authentication process is participated in by the mobile device without requiring input from the user during such authentication process.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are apparatus and methods for associating a mobile device with a web service or a user account. A unique code is displayed on the mobile device. The unique code is associated with a user account or web service to be utilized with the mobile device. Instructions for a user to enter the unique code in an authentication process via an authentication portal of a management device are also displayed. After it is determined that a user has performed the authentication process, any user identification, which has been associated with the unique code, is then obtained from the management device. The obtained user identification is then stored for use by the mobile device. After user identification has been obtained and stored, the stored user identification is used for the mobile device to participate in an authentication process for authorizing the mobile device to utilize a web service or user account associated with the user identification. The authentication process is participated in by the mobile device without requiring input from the user during such authentication process.

44 Citations

View as Search Results

25 Claims

1. A method of associating a mobile device with a web service or a user account, comprising:
- on a mobile device, displaying a unique code, that is associated with a user account or web service to be utilized with the mobile device, and displaying instructions for a user to enter the unique code in an authentication process via an authentication portal of a management device;
  
  after it is determined that a user has performed the authentication process, obtaining from the management device any user identification which has been associated with the unique code and storing the obtained user identification for use by the mobile device; and
  
  after user identification have been obtained and stored, using the stored user identification for the mobile device to participate in an authentication process for authorizing the mobile device to utilize a web service or user account associated with the user identification, wherein the authentication process is participated in by the mobile device without requiring input from the user during such authentication process.
- View Dependent Claims (2, 3, 4, 5)
- - 2. A method as recited in claim 1, further comprising generating the unique code based on an identity associated with the mobile device.
  - 3. A method as recited in claim 1, wherein the authentication process, in which the mobile device participates, results in the mobile device being authorized to access a session of a web service so that such session is displayed on the mobile device.
  - 4. A method as recited in claim 1, wherein the code is associated with a timestamp for the user identification to expire, the method further comprising:
    - after the user identification expires based on the timestamp, repeating the operations for displaying a unique code, obtaining and storing user identification, and using the stored user identification.
  - 5. A method as recited in claim 1, wherein the stored user identification include sone or more security settings, wherein the security settings indicate an access level or time to expire for the user identification or a web service or user account associated with such user identification.

6. A mobile device for associating a mobile device with a web service or a user account, comprising:
- at least one a processor; and
  
  at least one memory, the at least one processor and/or memory being configured for;
  
  displaying on the mobile device a unique code, that is associated with a user account or web service to be utilized with the mobile device, and displaying on the mobile device instructions for a user to enter the unique code in an authentication process via an authentication portal of a management device;
  
  after it is determined that a user has performed the authentication process, obtaining from the management device any user identification which has been associated with the unique code and storing the obtained user identification for use by the mobile device; and
  
  after user identification have been obtained and stored, using the stored user identification for the mobile device to participate in an authentication process for authorizing the mobile device to utilize a web service or user account associated with the user identification, wherein the authentication process is participated in by the mobile device without requiring input from the user during such authentication process.
- View Dependent Claims (7, 8, 9, 10)
- - 7. A mobile device as recited in claim 6, the at least one processor and/or memory being further configured for generating the unique code based on an identity associated with the mobile device.
  - 8. A mobile device as recited in claim 6, wherein the authentication process, in which the mobile device participates, results in the mobile device being authorized to access a session of a web service so that such session is displayed on the mobile device.
  - 9. A mobile device as recited in claim 6, wherein the code is associated with a timestamp for the user identification to expire, the at least one processor and/or memory being further configured for:
    - after the user identification expires based on the timestamp, repeating the operations for displaying a unique code, obtaining and storing user identification, and using the stored user identification.
  - 10. A mobile device as recited in claim 6, wherein the stored user identification includes one or more security settings, wherein the security settings indicate an access level or time to expire for the user identification or a web service or user account associated with such user identification.

11. At least one computer readable storage medium having computer program instructions stored thereon that are arranged to perform the following operations:
- on a mobile device, displaying a unique code, that is associated with a user account or web service to be utilized with the mobile device, and displaying instructions for a user to enter the unique code in an authentication process via an authentication portal of a management device;
  
  after it is determined that a user has performed the authentication process, obtaining from the management device any user identification which has been associated with the unique code and storing the obtained user identification for use by the mobile device; and
  
  after user identification have been obtained and stored, using the stored user identification for the mobile device to participate in an authentication process for authorizing the mobile device to utilize a web service or user account associated with the user identification, wherein the authentication process is participated in by the mobile device without requiring input from the user during such authentication process.
- View Dependent Claims (12, 13, 14, 15)
- - 12. At least one computer readable storage medium as recited in claim 11, wherein the computer program instructions are arranged to generate the unique code based on an identity associated with the mobile device.
  - 13. At least one computer readable storage medium as recited in claim 11, wherein the authentication process, in which the mobile device participates, results in the mobile device being authorized to access a session of a web service so that such session is displayed on the mobile device.
  - 14. At least one computer readable storage medium as recited in claim 11, wherein the code is associated with a timestamp for the user identification to expire, wherein the computer program instructions are arranged to:
    - after the user identification expires based on the timestamp, repeating the operations for displaying a unique code, obtaining and storing user identification, and using the stored user identification.
  - 15. At least one computer readable storage medium as recited in claim 11, wherein the stored user identification includes one or more security settings, wherein the security settings indicate an access level or time to expire for the user identification or a web service or user account associated with such user identification.

16. A method of performing an authentication process for a mobile device, comprising:
- during an authentication process for one or more applications, receiving user identification that authorize a particular user to access the one or more applications;
  
  receiving a first unique code associated with the user identification;
  
  mapping the first unique code and the user identification and storing such mapping; and
  
  when a request for user identification based on a second unique code is received from a mobile device, sending the user identification that have been mapped to the first unique code to the mobile device if the first unique code matches the second unique code.
- View Dependent Claims (17, 18, 19, 20)
- - 17. A method as recited in claim 16, further comprising:
    - during the authentication process, presenting selectable options that correspond to specific applications;
      
      receiving selections of one or more options, wherein the user identification are only received for the selected specific applications; and
      
      requesting user identification only for the selected specific applications
  - 18. A method as recited in claims 16, further comprising:
    - receiving one or more security setting selections during the authentication process; and
      
      sending the one or more security setting selections with the user identification to the requester.
  - 19. A method as recited in claim 18, wherein the security setting selections include a user selected PIN that is required to be entered by the user prior to performance of the authentication process on the mobile device.
  - 20. A method as recited in claim 16, further comprising:
    - receiving the code from the mobile device and wherein the code includes one or more application identities for one or more specific applications; and
      
      wherein the user identification is only received for the one or more specific applications.

21. A device for performing an authentication process for a mobile device, comprising:
- at least one a processor; and
  
  at least one memory, the at least one processor and/or memory being configured for;
  
  during an authentication process for one or more applications, receiving user identification that authorize a particular user to access the one or more applications;
  
  receiving a first unique code associated with the user identification;
  
  mapping the first unique code and the user identification and storing such mapping; and
  
  when a request for user identification based on a second unique code is received from a mobile device, sending the user identification that have been mapped to the first unique code to the mobile device if the first unique code matches the second unique code.
- View Dependent Claims (22, 23, 24, 25)
- - 22. A device as recited in claim 21, further comprising:
    - during the authentication process, presenting selectable options that correspond to specific applications;
      
      receiving selections of one or more options, wherein the user identification are only received for the selected specific applications; and
      
      requesting user identification only for the selected specific applications
  - 23. A device as recited in claims 21, further comprising:
    - receiving one or more security setting selections during the authentication process; and
      
      sending the one or more security setting selections with the user identification to the requester.
  - 24. A device as recited in claim 23, wherein the security setting selections include a user selected PIN that is required to be entered by the user prior to performance of the authentication process on the mobile device.
  - 25. A device as recited in claim 21, further comprising:
    - receiving the code from the mobile device and wherein the code includes one or more application identities for one or more specific applications; and
      
      wherein the user identification is only received for the one or more specific applications.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Yahoo! Inc. (Apollo Global Management, Inc.)
Inventors
King, Simon P., Naaman, Mor

Granted Patent

US 7,992,197 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

G06F 21/41   where a single sign-on prov...

G06F 21/42   using separate channels for...

H04L 63/0815   providing single-sign-on or...

H04L 63/0838   using one-time-passwords

H04W 12/068   using credential vaults, e....

MOBILE AUTHENTICATION FRAMEWORK

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

44 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

MOBILE AUTHENTICATION FRAMEWORK

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

44 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links