USER AUTHENTICATION MANAGEMENT

US 20100100945A1
Filed: 10/20/2008
Published: 04/22/2010
Est. Priority Date: 10/20/2008
Status: Active Grant

First Claim

Patent Images

1. A method for providing authentication service account management to a user of a multi-factor authentication service on third-party websites, comprising:

registering a user with the multi-factor authentication service comprising;

providing an availability of multi-factor authentication service notice to the user based on the user'"'"'s locality;

providing a location-specific authentication service mobile access code to the user based on the user'"'"'s locality; and

registering a user'"'"'s desired mobile device with the multi-factor authentication service for use in multi-factor user authentication;

providing an Internet-based user account revocation service comprising a user interface (UI) that allows the user to revoke user designation of a mobile device for multi-factor authentication; and

providing an Internet-based user account reporting service comprising a UI that reports one or more transactions to the user, the transactions comprising user account activity.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

End users of a multi-factor authentication service can utilize an account management service, and third-party website can register to utilize the multi-factor authentication service. Registering a third-party website can comprise the multi-factor authentication service receiving a valid digital identity certificate for the third-party website, and receiving an agreement to terms of use of the multi-factor authentication service for the third-party website. Once received, the multi-factor authentication service can enable the third-party website to utilize the service (e.g., switch the service on, or send an authorization key to the third-party website). Further, registering a user to the multi-factor authentication service can comprise determining availability of service, and providing a location-specific access code. Additionally, registering the user can comprise registering the user'"'"'s mobile device, for example, to provide multi-factor authentication. Also, an Internet-based user account management user interface can be provided that allows a user to view transactions on their account, and an ability to shut off a designated mobile device'"'"'s ability to authenticate.

269 Citations

20 Claims

1. A method for providing authentication service account management to a user of a multi-factor authentication service on third-party websites, comprising:
- registering a user with the multi-factor authentication service comprising;
  
  providing an availability of multi-factor authentication service notice to the user based on the user'"'"'s locality;
  
  providing a location-specific authentication service mobile access code to the user based on the user'"'"'s locality; and
  
  registering a user'"'"'s desired mobile device with the multi-factor authentication service for use in multi-factor user authentication;
  
  providing an Internet-based user account revocation service comprising a user interface (UI) that allows the user to revoke user designation of a mobile device for multi-factor authentication; and
  
  providing an Internet-based user account reporting service comprising a UI that reports one or more transactions to the user, the transactions comprising user account activity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, registering a user with the multi-factor authentication service comprising:
    - the user receiving a test message on their registered mobile device from the multi-factor authentication service after registering the mobile device; and
      
      the user replying to the test message from the multi-factor authentication service, using the user'"'"'s registered mobile device, to confirm receipt of the test message.
  - 3. The method of claim 1, comprising providing an Internet-based user account revocation service comprising a UI that allows the user to revoke user designation of a mobile devices for multi-factor authentication.
  - 4. The method of claim 1, the Internet-based user account revocation service UI providing a user with an ability to allow authentication without using the user'"'"'s designated mobile device.
  - 5. The method of claim 1, comprising providing a mobile device-based user account revocation service comprising a user sending a message to the multi-factor authentication service that directs the multi-factor authentication service to request multi-factor authentication for respective user transactions on third-party web-sites that utilize the multi-factor authentication service.
  - 6. The method of claim 1, providing mobile device-based user account reporting service comprising a user sending a query to the multi-factor authentication service that returns a report comprising one or more transactions of the users account activity.
  - 7. The method of claim 1, comprising providing an email-based user account reporting service comprising one or more email messages sent to a user'"'"'s email account, the messages comprising a report of one or more transactions of the user'"'"'s account activity.
  - 8. The method of claim 1, the availability of service notice comprising a notice informing the user of an availability of the multi-factor authentication service for the user based on a locality of the user, the locality determined by a reverse IP lookup.
  - 9. The method of claim 1, the reports of the one or more authentication transactions comprising one or more of:
    - transaction date;
      
      transaction time;
      
      IP address of user initiating authentication transaction;
      
      location of user initiating authentication transaction; and
      
      domain of third-party website where authentication transaction was initiated.
  - 10. The method of claim 1, comprising providing an Internet-based UI that allows a registered multi-factor authentication service user to change their multi-factor authentication service account information.
  - 11. The method of claim 1, registering a user with the multi-factor authentication service comprising performing a test multi-factor user authentication using a UI on a multi-factor authentication service website and the user'"'"'s designated mobile device.

12. A method for registering a third-party website to utilize a multi-factor authentication service, comprising:
- receiving of a valid digital identity certificate for the third-party website by the multi-factor authentication service;
  
  receiving of an acquiescence to terms of use of the multi-factor authentication service for the third-party website by the multi-factor authentication service; and
  
  enabling, through the multi-factor authentication service, the third-party website to utilize the multi-factor authentication service on the registered website, in the absence of additional human intervention between the third-party website and the multi-factor authentication service before the third-party website initiates utilizing the multi-factor authentication service.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The method of claim 12, comprising utilizing a developer portal, to which a third-party website developer has access, to:
    - provide an application programming interface (API) key to the third-party website developer that allows the third-party website to utilize the multi-factor authentication service;
      
      provide a shared secret key to the third-party website developer that can be used by the third-party website to authenticate a request to utilize the multi-factor authentication service;
      
      provide terms of use of the multi-factor authentication service to the third-party website;
  - 14. The method of claim 13, the third party website registering with the developer portal comprising providing verified identification information for the third-party website.
  - 15. The method of claim 14, the third party website registering with the developer portal comprising providing verified billing information for the third-party website.
  - 16. The method of claim 13, utilizing the developer portal to provide management of account details for the multi-factor authentication service to the third-party website developer, the account details comprising one or more of:
    - API keys;
      
      shared secret keys;
      
      application tokens;
      
      billing information; and
      
      website identification certification information.
  - 17. The method of claim 12, the acquiescence to terms of use of the multi-factor authentication service for the third-party website comprising a notice of acceptance of the terms of use from an individual responsible for the third-party website.
  - 18. The method of claim 12, the terms of use comprising a notice to an individual responsible for the third-party website that use of the multi-factor authentication services comprises acquiescence to the terms of use for the third-party website.
  - 19. The method of claim 12, enabling the third-party website to utilize the multi-factor authentication service on the registered website comprising one or more of:
    - activating an ability for the third-party website to utilize the multi-factor authentication service;
      
      providing code that allows the third-party website to activate the multi-factor authentication service; and
      
      providing one or more keys to the third-party website that allows the third-party website to activate the multi-factor authentication service.

20. A method for providing registration and account management of a multi-factor authentication service to Internet users and third-party websites, comprising:
- receiving of a valid digital identity certificate for the third-party website by the multi-factor authentication service;
  
  receiving of an acquiescence to terms of use of the multi-factor authentication service for the third-party website by the multi-factor authentication service; and
  
  enabling, through the multi-factor authentication service, the third-party website to utilize the multi-factor authentication service on the registered website,registering a user with the multi-factor authentication service comprising;
  
  providing an availability of multi-factor authentication service notice to the user based on the user'"'"'s locality;
  
  providing a country-specific short-code to the user based on the user'"'"'s locality; and
  
  registering a user'"'"'s desired mobile device with the multi-factor authentication service for use in multi-factor user authentication;
  
  providing an Internet-based user account revocation service comprising a user interface (UI) that allows the user to revoke user designation of a mobile device for multi-factor authentication; and
  
  providing an Internet-based user account reporting service comprising a UI that reports one or more transactions to the user, the transactions comprising user account activity;

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Ozzie, Jack E., Ozzie, Raymond E., Patey, Eric M., Galvin, Thomas A.

Granted Patent

US 8,307,412 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 21/88   Detecting or preventing the...

G06Q 20/02   involving a neutral party, ...

G06Q 20/38215   Use of certificates or encr...

G06Q 20/3829   involving key management

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/4014   Identity check for transact...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless network architectu...

H04L 63/0853   using an additional device,...

H04L 63/18   using different networks or...

H04L 63/205   involving negotiation or de...

H04L 9/321   involving a third party or ...

H04L 9/3263   involving certificates, e.g...

USER AUTHENTICATION MANAGEMENT

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

269 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

USER AUTHENTICATION MANAGEMENT

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

269 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links