No-Click Log-In Access to User's Web Account Using a Mobile Device

US 20140007205A1
Filed: 06/28/2012
Published: 01/02/2014
Est. Priority Date: 06/28/2012
Status: Abandoned Application

First Claim

Patent Images

1. A method for authenticating a user using a mobile device, the method comprising:

acquiring a web session identifier from a code provided on an entry webpage that is displayed on a computing device;

generating an authorized token having information corresponding to the web session identifier and a mobile session identifier that corresponds to either an authenticated session with a service provider of the webpage or credentials to authenticate a session with the service provider; and

providing the authorized token to a server, which receives the information corresponding to at least the web session identifier and the mobile session identifier from the authorized token, and uses at least the web session identifier and the mobile session identifier to authenticate the user with the service provider for providing access to a user-specific webpage that replaces the entry webpage on the computing device.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A no-click log-in system and method allowing users to access their personal web accounts using a mobile device. The method comprises acquiring a web session identifier from a code provided on an entry webpage that is displayed on a computing device; generating an authorized token having information corresponding to at least the web session identifier and a mobile session identifier that corresponds to either an authenticated session with a service provider of the webpage or credentials to authenticate a session with the service provider; and providing the authorized token to a server, which receives the information corresponding to at least the web session identifier and the mobile session identifier from the authorized token, and uses at least the web session identifier and the mobile session identifier to authenticate the user with the service provider for providing access to a user-specific webpage that replaces the entry webpage on the computing device.

211 Citations

19 Claims

1. A method for authenticating a user using a mobile device, the method comprising:
- acquiring a web session identifier from a code provided on an entry webpage that is displayed on a computing device;
  
  generating an authorized token having information corresponding to the web session identifier and a mobile session identifier that corresponds to either an authenticated session with a service provider of the webpage or credentials to authenticate a session with the service provider; and
  
  providing the authorized token to a server, which receives the information corresponding to at least the web session identifier and the mobile session identifier from the authorized token, and uses at least the web session identifier and the mobile session identifier to authenticate the user with the service provider for providing access to a user-specific webpage that replaces the entry webpage on the computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising initiating an application associated with the service provider.
  - 3. The method of claim 2, wherein acquiring a web session identifier from a code provided on the entry webpage that is displayed on a computing device comprises:
    - scanning the code using the application and a camera on the mobile device to acquire the web session identifier.
  - 4. The method of claim 2, wherein acquiring a web session identifier from a code provided on the entry webpage that is displayed on a computing device comprises:
    - using the application on the mobile device to acquire the web session identifier over a Near Field Communication link.
  - 5. The method of claim 2, wherein the application includes a Visual Code Detection Screen.
  - 6. The method of claim 1, wherein the credentials to authenticate a session with the service provider include the user'"'"'s log-in credentials for accessing the user-specific webpage.
  - 7. The method of claim 1, wherein the code can be a one-dimensional barcode, a two-dimensional barcode, or a sequence of alphanumeric characters.
  - 8. The method of claim 1, wherein the authorized token is generated by binding the web session identifier and the mobile session identifier.
  - 9. The method of claim 8, wherein the server obtains the information by unbinding the web session identifier and the mobile session identifier from the authorized token.
  - 10. The method of claim 1, further comprising:
    - receiving a download uniform resource locator for a webpage that has been populated with the user'"'"'s credential information;
      
      accessing the download uniform resource locator; and
      
      install a mobile application on the mobile device.

11. A method for authenticating a user using one or more servers, the method comprising:
- generating an entry webpage that includes a code having a web session identifier, wherein the entry webpage is configured to be displayed on a computing device;
  
  receiving at least the web session identifier and a mobile session identifier that corresponds to either an authenticated session with a service provider of the webpage or credentials to authenticate a session with the service provider;
  
  authenticating the user using the web session identifier and the mobile session identifier; and
  
  providing a user-specific webpage that replaces the entry webpage on the computing device.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The method of claim 11, wherein the web session identifier can be acquired using an application and a camera on a mobile device to scan the code.
  - 13. The method of claim 11, wherein the web session identifier can be acquired using an application on a mobile device over a Near Field Communication link.
  - 14. The method of claim 11, wherein the credentials to authenticate a session with the service provider include the user'"'"'s log-in credentials for accessing the user-specific webpage.
  - 15. The method of claim 11, wherein the code can be a one-dimensional barcode, a two-dimensional barcode, or a sequence of alphanumeric characters.
  - 16. The method of claim 11, wherein at least the web session identifier and the mobile session identifier are received as an authorized token.
  - 17. The method of claim 16, wherein at least the web session identifier and the mobile session identifier are binded in the authorized token.
  - 18. The method of claim 17, further comprising:
    - unbinding at least the web session identifier and the mobile session identifier from the authorized token.

19. A tangible computer readable medium storing instructions that, when executed by one or more servers, cause the one or more servers to perform a method of authenticating a user, the method comprising:
- generating an entry webpage that includes a code having a web session identifier, wherein the entry webpage is configured to be displayed on a computing device;
  
  acquiring the web session identifier from the code;
  
  generating an authorized token having information corresponding to at least the web session identifier and a mobile session identifier that corresponds to either an authenticated session with a service provider of the webpage or credentials to authenticate a session with the service provider; and
  
  receiving at least the web session identifier and a mobile session identifier that corresponds to either an authenticated session with a service provider of the webpage or credentials to authenticate a session with the service provider;
  
  authenticating the user by the one or more servers based on at least the web session identifier and the mobile session identifier; and
  
  providing by the one or more servers a user-specific webpage that replaces the entry webpage on the computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citrix Systems, Inc. (Cloud Software Group)
Original Assignee
Bytemobile Inc. (Cloud Software Group)
Inventors
Oikonomou, Georgios

Application Number

US13/536,616
Publication Number

US 20140007205A1
Time in Patent Office

Days
Field of Search
US Class Current

726/6
CPC Class Codes

G06F 21/335   for accessing specific reso...

G06F 21/35   communicating wirelessly

G06F 21/36   by graphic or iconic repres...

G06F 21/41   where a single sign-on prov...

G06F 2221/2117   User registration

H04L 63/0853   using an additional device,...

H04L 63/18   using different networks or...

H04W 12/06   Authentication

H04W 12/77   Graphical identity

No-Click Log-In Access to User's Web Account Using a Mobile Device

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

211 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

No-Click Log-In Access to User's Web Account Using a Mobile Device

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

211 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links