TRANSPARENT TWO-FACTOR AUTHENTICATION VIA MOBILE COMMUNICATION DEVICE
First Claim
Patent Images
1. A method implemented at least in part by a computing system, the method comprising:
- from a mobile communication device, receiving a service access request via a first channel, wherein the service access request comprises a delivery destination proof and a cost proof;
authenticating the delivery destination proof;
authenticating the cost proof;
responsive to authenticating the delivery destination proof and the cost proof, sending an authentication code message via a channel different from the first channel;
receiving a response to the authentication code message; and
responsive to receiving the response to the authentication code message, sending an authorization token message to the mobile communication device.
3 Assignments
0 Petitions
Accused Products
Abstract
Two-factor authentication can be provided transparently to a user by virtue of proof information available at a mobile communication device. For example, after an access request for a service is sent, an authentication code can be intercepted from a responsive incoming message. The technologies can incorporate a cost proof as part of a cost optimization. Other features such as obfuscation and separate channels can be incorporated into the technologies to provide a superior user experience while implementing superior security.
-
Citations
20 Claims
-
1. A method implemented at least in part by a computing system, the method comprising:
-
from a mobile communication device, receiving a service access request via a first channel, wherein the service access request comprises a delivery destination proof and a cost proof; authenticating the delivery destination proof; authenticating the cost proof; responsive to authenticating the delivery destination proof and the cost proof, sending an authentication code message via a channel different from the first channel; receiving a response to the authentication code message; and responsive to receiving the response to the authentication code message, sending an authorization token message to the mobile communication device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A mobile communication device comprising:
-
one or more processors coupled to memory; a stored cost proof; a stored delivery destination proof; a service access request orchestrator configured to send a request for access to a service, wherein the request comprises the stored cost proof and the stored delivery destination proof; an intercept component configured to intercept an incoming authentication code message received responsive to the request for access to the service and configured to automatically respond thereto with a message comprising an authentication code and further configured to receive an authorization token sent in response to the message comprising the authentication code; and an authorization token sending component configured to send the authorization token in conjunction with a request for a service protected by two-factor authentication. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. In a mobile communication device, one or more computer-readable media comprising:
-
a cost proof establishing that the mobile communication device is associated with a paying account; a delivery destination proof derived from a delivery destination monitored by the mobile communication device, wherein the delivery destination comprises a telephone number of the mobile communication device; computer-executable instructions causing the mobile communication device to perform a method comprising; via a first channel, sending a service access request for a protected service, wherein the request comprises a username, password, the cost proof, and the delivery destination proof; intercepting a message received via a second channel responsive to sending the service access request for the protected service via the first channel, wherein intercepting comprises watching for a response to the service request receivable via the delivery destination; from the message received via the second channel, deriving an authentication code; sending an automatic response to the message received via the second channel, wherein the automatic response comprises the authentication code and the cost proof; and receiving an authorization token in response to the automatic response; whereby transparent two-factor authentication is performed transparently for the mobile communication device.
-
Specification