SIMPLIFIED LOGIN FOR MOBILE DEVICES

US 20090271621A1
Filed: 04/25/2008
Published: 10/29/2009
Est. Priority Date: 04/25/2008
Status: Active Grant

First Claim

Patent Images

1. A method implemented at least in part by a computer, the method comprising:

in conjunction with a first logon activity, receiving a number from a user interface of a mobile device;

sending the number to an entity outside the mobile device;

receiving encrypted data that includes the number and evidence of authentication;

storing the encrypted data on the mobile device;

in conjunction with a second logon activity, receiving the number from the user interface; and

sending the number and the encrypted data to a server to use for gaining access to a resource.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Aspects of the subject matter described herein relate to a simplified login for mobile devices. In aspects, on a first logon, a mobile device asks a user to enter credentials and a PIN. The credentials and PIN are sent to a server which validates user credentials. If the user credentials are valid, the server encrypts data that includes at least the user credentials and the PIN and sends the encrypted data to the mobile device. In subsequent logons, the user may logon using only the PIN. During login, the mobile device sends the PIN in conjunction with the encrypted data. The server can then decrypt the data and compare the received PIN with the decrypted PIN. If the PINs are equal, the server may grant access to a resource according to the credentials.

Citations

20 Claims

1. A method implemented at least in part by a computer, the method comprising:
- in conjunction with a first logon activity, receiving a number from a user interface of a mobile device;
  
  sending the number to an entity outside the mobile device;
  
  receiving encrypted data that includes the number and evidence of authentication;
  
  storing the encrypted data on the mobile device;
  
  in conjunction with a second logon activity, receiving the number from the user interface; and
  
  sending the number and the encrypted data to a server to use for gaining access to a resource.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising:
    - in conjunction with the first logon activity, receiving a username and password; and
      
      together with sending the number to an entity outside the mobile device, sending the username and password to the entity.
  - 3. The method of claim 1, wherein the evidence of authentication comprises a username and password encrypted in the encrypted data.
  - 4. The method of claim 1, wherein the encrypted data is placed in a cookie to send with one or more subsequent resource requests.
  - 5. The method of claim 1, wherein sending the number and the encrypted data to a server to use for gaining access to a resource comprises sending the encrypted data as a parameter of a resource locator associated with the resource.
  - 6. The method of claim 1, wherein the encrypted data also includes a revalidation date after which a password is to be supplied to obtain access to the resource via the mobile device.
  - 7. The method of claim 6, further comprising determining whether the revalidation date has occurred, and if so, presenting a user interface that indicates a username and provides an area to receive the password.
  - 8. The method of claim 7, further comprising receiving input in the area and sending the input and username to the entity for use in validating that the input matches a password for the username.
  - 9. The method of claim 1, wherein the encrypted data is encrypted via a secret symmetrical key not available on the mobile device.
  - 10. The method of claim 1, further comprising prior to the first logon activity displaying an element that queries whether to logon with a number or to logon with a username and password for subsequent logons.

11. A computer storage medium having computer-executable instructions, which when executed perform actions, comprising:
- receiving credentials from a mobile device;
  
  authenticating using the credentials; and
  
  if a PIN is allowed, performing actions comprising;
  
  in conjunction with receiving the credentials, receiving a first number from the mobile device;
  
  encrypting, in data, the first number and evidence of authentication of the credentials;
  
  sending the data to the mobile device for use in subsequent logons.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The computer storage medium of claim 11, further comprising:
    - receiving a second number and the data from the mobile device;
      
      decrypting the data to obtain the credentials and first number;
      
      comparing the second number to the first number;
      
      if the first and second numbers are equal, granting access to a resource based on the credentials.
  - 13. The computer storage medium of claim 12, further comprising if the first and second numbers are not equal, generating a message to cause an invalid logon attempt to be recorded in a log.
  - 14. the computer storage medium of claim 13, wherein generating a message to cause an invalid logon attempt to be recorded in a log comprises generating a message that includes a username and a bogus password and sending the message to an authentication server which logs the invalid logon attempt.
  - 15. The computer storage medium of claim 11, wherein the PIN comprises a string of numeric digits, each digit enterable on the mobile device by pressing a single key.

16. In a mobile device having a display, a method comprising:
- receiving input for a first logon, comprising;
  
  displaying a first field for accepting a username,displaying a second field for accepting a password, anddisplaying a third field for accepting a PIN; and
  
  receiving second input for a second logon, the second input including the PIN and not including the username and password.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16, further comprising displaying a user interface element that when activated sets the PIN.
  - 18. The method of claim 16, further comprising before receiving the second input, displaying the username and an indication to enter the PIN to logon.
  - 19. The method of claim 16, further comprising displaying a revalidation screen, the revalidation screen including a the username and a field for receiving the password, the revalidation screen being displayed after a revalidation date occurs.
  - 20. The method of claim 16, further comprising displaying a user interface element that, when activated, causes subsequent logons to require a username and password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Gurman, Shay Yehuda, Mendelovich, Meir, Aoyama, Ken, Neystadt, John, Nice, Nir

Granted Patent

US 8,631,237 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/083   using passwords cryptograph...

H04L 63/10   for controlling access to d...

H04L 9/00   Cryptographic mechanisms or...

H04L 9/32   including means for verifyi...

H04L 9/321   involving a third party or ...

H04L 9/3226   using a predetermined code,...

H04W 12/02   Protecting privacy or anony...

H04W 12/033   of the user plane, e.g. use...

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

SIMPLIFIED LOGIN FOR MOBILE DEVICES

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SIMPLIFIED LOGIN FOR MOBILE DEVICES

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links