SYSTEM AND METHOD FOR IDENTITY VERIFICATION ACROSS MOBILE APPLICATIONS
First Claim
Patent Images
1. A method comprising:
- receiving, at a server computer, user data associated with a user from a first mobile application;
determining, by the server computer, that the first mobile application is trusted;
authenticating, by the server computer, the user based on the user data;
sending, by the server computer, a cryptographic key to the first mobile application after authenticating the user, wherein an identity verification cryptogram is generated using the cryptographic key;
receiving, at the server computer, the user data associated with the user and the identity verification cryptogram from a second mobile application;
validating that the identity verification cryptogram is generated using the user data and the cryptographic key sent to the first mobile application; and
sending a token to the second mobile application upon validating the verification cryptogram.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments are directed to methods, apparatuses, computer readable media and systems for authenticating a user on a user device across multiple mobile applications. The identity of the user is validated by encoding and subsequently validating cryptographically encrypted data in a shared data store accessible by the mobile applications tied to the same entity. Specifically, the application leverages the authentication process of a trusted mobile application (e.g. a banking mobile application) to authenticate the same user on a untrusted mobile application (e.g. a merchant mobile application).
154 Citations
18 Claims
-
1. A method comprising:
-
receiving, at a server computer, user data associated with a user from a first mobile application; determining, by the server computer, that the first mobile application is trusted; authenticating, by the server computer, the user based on the user data; sending, by the server computer, a cryptographic key to the first mobile application after authenticating the user, wherein an identity verification cryptogram is generated using the cryptographic key; receiving, at the server computer, the user data associated with the user and the identity verification cryptogram from a second mobile application; validating that the identity verification cryptogram is generated using the user data and the cryptographic key sent to the first mobile application; and sending a token to the second mobile application upon validating the verification cryptogram. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A server computer comprising:
-
a processor; and a computer readable medium coupled to the processor, the computer readable medium comprising code, executable by the processor, to implement a method comprising; receiving user data associated with a user from a first mobile application; determining that the first mobile application is trusted; authenticating the user based on the user data; sending a cryptographic key to the first mobile application after authenticating the user, wherein an identity verification cryptogram is generated using the cryptographic key; receiving the user data associated with the user and the identity verification cryptogram from a second mobile application; validating that the identity verification cryptogram is generated using the user data and the cryptographic key; and sending a token to the second mobile application upon validating the verification cryptogram. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method comprising:
-
authenticating, by a first mobile application on a user device, a user on the user device; sending, by the first mobile application on the user device, user data associated with the user to a server computer; receiving, by the first mobile application on the user device, a cryptographic key from the server computer; generating, by the first mobile application on the user device, an identity verification cryptogram using the cryptographic key; storing, by the first mobile application on the user device, the cryptographic key on a cloud storage system of an operating system provider of the user device; retrieving, by a second mobile application on the user device, the identity verification cryptogram from the cloud storage system; sending, by the second mobile application on the user device, the user data associated with the user and the identity verification cryptogram to the server computer; receiving, by the second mobile application on the user device, a token from the server computer; and completing, by the second mobile application on the user device, a transaction with the token. - View Dependent Claims (16, 17, 18)
-
Specification