REMOTE AUTHENTICATION USING MOBILE SINGLE SIGN ON CREDENTIALS

US 20150121496A1
Filed: 10/31/2013
Published: 04/30/2015
Est. Priority Date: 10/31/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a proxy server and from a web access device, a request to access a secure online resource via the web access device;

receiving, at the proxy server and from a mobile device different from the web access device, one or more credentials for accessing the secure online resource;

determining that a geographic distance between the web access device and the mobile device is less than a geographic distance threshold; and

upon determining that the geographic distance between the web access device and the mobile device is less than the geographic distance threshold, enabling the web access device access to the secure online resource.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for remote authentication using mobile single sign on credentials are disclosed. In some implementations, a proxy server receives, from a web access device, a request to access a secure online resource via the web access device. The proxy server receives, from a mobile device different from the web access device, one or more credentials for accessing the secure online resource. The proxy server determines that a geographic distance between the web access device and the mobile device is less than a geographic distance threshold. Upon determining that the geographic distance between the web access device and the mobile device is less than the geographic distance threshold, the proxy server enables the web access device access to the secure online resource.

Citations

20 Claims

1. A method comprising:
- receiving, at a proxy server and from a web access device, a request to access a secure online resource via the web access device;
  
  receiving, at the proxy server and from a mobile device different from the web access device, one or more credentials for accessing the secure online resource;
  
  determining that a geographic distance between the web access device and the mobile device is less than a geographic distance threshold; and
  
  upon determining that the geographic distance between the web access device and the mobile device is less than the geographic distance threshold, enabling the web access device access to the secure online resource.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, further comprising:
    - determining a time difference between a first time of receiving, at the proxy server, the request to access the secure online resource via the web access device, and a second time of receiving, at the proxy server, the one or more credentials from the mobile device, wherein the web access device is enabled to access the secure online resource upon determining that the time difference is less than a time difference threshold.
  - 3. The method of claim 1, wherein:
    - the web access device includes a personal computer having a web browser application, andthe mobile device includes a mobile phone.
  - 4. The method of claim 3, wherein the one or more credentials include a username and a password associated with accessing the secure online resource.
  - 5. The method of claim 3, wherein the one or more credentials include an identification of a mobile telephony account.
  - 6. The method of claim 5, wherein:
    - the secure online resource includes an online store, andthe identification of the mobile telephony account is associated, at the proxy server, with one or more of payment account information, contact information, or shipping information.
  - 7. The method of claim 1, wherein the one or more credentials include a result of a biometric scan for identifying a user account, and wherein biometric information of the user is not received at the proxy server.
  - 8. The method of claim 1, wherein determining that the geographic distance between the web access device and the mobile device is less than the geographic distance threshold includes:
    - determining a geographic location of the web access device,determining a geographic location of the mobile device,computing the geographic distance between the geographic location of the web access device and the geographic location of the mobile device, andcomparing the geographic distance between the geographic location of the web access device and the geographic location of the mobile device with the geographic distance threshold.
  - 9. The method of claim 1, wherein determining that the geographic distance between the web access device and the mobile device is less than the geographic distance threshold includes:
    - transmitting, from the proxy server and to the web access device, a second credential,receiving, from the mobile device and at the proxy server, an indication of the second credential, wherein the indication of the second credential is received at the proxy server within a threshold amount of time after the second credential is transmitted from the proxy server to the web access device,determining whether the indication of the second credential received from the mobile device correspond with the second credential sent to the web access device, andupon determining that the indication of the second credential received from the mobile device corresponds with the second credential sent to the web access device, determining that the geographic distance between the web access device and the mobile device is less than the geographic distance threshold.
  - 10. The method of claim 9, wherein determining that the geographic distance between the web access device and the mobile device is less than the geographic distance threshold is based only on determining that the indication of the second credential received from the mobile device corresponds with the second credential sent to the web access device.
  - 11. The method of claim 9, wherein:
    - the second credential includes text, andthe indication of the second credentials includes the user'"'"'s entry of the text on the mobile device.
  - 12. The method of claim 9, wherein the second credential includes an image displayed via a display device, and wherein the indication of the second credential includes a photograph of the image.
  - 13. The method of claim 9, wherein the second credential includes a movement pattern, and wherein the indication of second credential includes indicia of moving the mobile device according to the movement pattern.
  - 14. The method of claim 9, wherein the second credential includes an audio output or text for a user to read, and wherein the indication of the second credential includes an audio input.
  - 15. The method of claim 1, wherein the web access device transmits the request to access the secure online resource in response to a hitting of a button on the web access device.
  - 16. The method of claim 1, wherein the mobile device transmits the one or more credentials for accessing the secure online resource in response to an acceleration of the mobile device corresponding to a hitting of an object with the mobile device.

17. A non-transitory computer-readable medium comprising instructions which, when executed by one or more computers, cause the one or more computers to:
- receive, at a proxy server and from a web access device, a request to access a secure online resource via the web access device;
  
  receive, at the proxy server and from a mobile device different from the web access device, one or more credentials for accessing the secure online resource;
  
  determine that a geographic distance between the web access device and the mobile device is less than a geographic distance threshold; and
  
  upon determining that the geographic distance between the web access device and the mobile device is less than the geographic distance threshold, enable the web access device access to the secure online resource.
- View Dependent Claims (18, 19)
- - 18. The non-transitory computer-readable medium of claim 17, further comprising instruction which, when executed by the one or more computers, cause the one or more computers to:
    - determine a time difference between a first time of receiving, at the proxy server, the request to access the secure online resource via the web access device, and a second time of receiving, at the proxy server, the one or more credentials from the mobile device, wherein the web access device is enabled to access the secure online resource upon determining that the time difference is less than a time difference threshold.
  - 19. The non-transitory computer-readable medium of claim 17, wherein:
    - the web access device includes a personal computer of a user having a web browser application, andthe mobile device includes a mobile phone of the user.

20. A system comprising:
- one or more processors; and
  
  a memory comprising instructions which, when executed by the one or more processors, cause the one or more processors to;
  
  receive, at a proxy server and from a web access device, a request to access a secure online resource via the web access device;
  
  receive, at the proxy server and from a mobile device different from the web access device, one or more credentials for accessing the secure online resource;
  
  determine that a geographic distance between the web access device and the mobile device is less than a geographic distance threshold; and
  
  upon determining that the geographic distance between the web access device and the mobile device is less than the geographic distance threshold, enable the web access device access to the secure online resource.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cellco Partnership, Inc. (Verizon Communications Inc.)
Original Assignee
Cellco Partnership, Inc. (Verizon Communications Inc.)
Inventors
CALDEIRA DE ANDRADA, Mauricio Pati, VAIDYA, Samir, KHALID, Mohammad Raheel, KIM, Ji Hoon, BRUNO, Corey Michael, BERMAN, Paul

Granted Patent

US 9,325,687 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

REMOTE AUTHENTICATION USING MOBILE SINGLE SIGN ON CREDENTIALS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

REMOTE AUTHENTICATION USING MOBILE SINGLE SIGN ON CREDENTIALS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links