Apparatus and Method for Authenticating a User via Multiple User Devices

US 20160112437A1
Filed: 09/04/2013
Published: 04/21/2016
Est. Priority Date: 09/04/2013
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

forming, during access to a server, an association between a user and a first device used to access the server, wherein the association constitutes a first possession factor linking the user to the first device;

sending a code to the first device;

receiving the code and contact information for a second device associated with the user, wherein the contact information facilitates a second possession factor linking the user to the second device;

recognizing, during a subsequent access to the server, the first device and therefore establish the first possession factor;

sending a message to the second device in response to recognizing;

obtaining a positively acknowledged message from the second device and therefore establish the second possession factor; and

authenticating the user based upon the first possession factor and the second possession factor.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method includes forming, during access to a site, an association between a user and a first device. Contact information for a second device associated with the user is obtained. During a subsequent access to the site the first device is recognized. The user is prompted to authenticate without inputting identifying information. The user is authenticated at the site relying upon the association and a positively acknowledged message from the second device.

37 Citations

View as Search Results

24 Claims

1. A method, comprising:
- forming, during access to a server, an association between a user and a first device used to access the server, wherein the association constitutes a first possession factor linking the user to the first device;
  
  sending a code to the first device;
  
  receiving the code and contact information for a second device associated with the user, wherein the contact information facilitates a second possession factor linking the user to the second device;
  
  recognizing, during a subsequent access to the server, the first device and therefore establish the first possession factor;
  
  sending a message to the second device in response to recognizing;
  
  obtaining a positively acknowledged message from the second device and therefore establish the second possession factor; and
  
  authenticating the user based upon the first possession factor and the second possession factor.
- View Dependent Claims (4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 18, 24)
- - 4. The method of claim 1 wherein forming includes initially authenticating the user.
  - 5. The method of claim 4 wherein initially authenticating the user is achieved by one or more of:
    - receiving a username and password,receiving a client SSL certificate,receiving a one-time password,confirming a code sent to a user email address, andconfirming a code sent to the second device.
  - 6. The method of claim 1 wherein recognizing includes one or more of:
    - reading a cookie on the first device that uniquely identifies the first device,checking the IP address of the first device,checking the MAC address of the first device, andchecking a unique browser identifier.
  - 8. The method of claim 1 wherein the message includes a single gesture prompt to establish the positively acknowledged message.
  - 9. The method of claim 1 wherein sending and receiving rely upon Internet Protocol network communications.
  - 10. The method of claim 1 wherein sending and receiving rely upon short message service communications.
  - 11. The method of claim 1 wherein authenticating includes:
    - passing a token from the server to a first server;
      
      associating, at the first server, the token with user identification;
      
      sending a message from the first server to the second device;
      
      receiving, at the first server, a positive acknowledgement of the message; and
      
      passing the user identification from the first server to the second server.
  - 12. The method of claim 1 wherein the first device and second device are the same physical device running two distinct software programs that are recognized by the server as separate communication endpoints.
  - 13. The method of claim 1 wherein the second device is identified by one or more of:
    - a hardcoded user ID associated with an application on the second device,a device ID for the second device,a username and password on the second device, andexternal hardware associated with the second device.
  - 14. The method of claim 1 further comprising receiving a negatively acknowledged message from the second device.
  - 15. The method of claim 14 wherein the negatively acknowledged message reports an unauthorized access attempt.
  - 18. The method of claim 1 wherein the contact information comprises one or more of:
    - a telephone number, anda push notification address.
  - 24. The method of claim 1 wherein sending includes sending QR code for display by the first device.

2-3. -3. (canceled)

7. (canceled)

16-17. -17. (canceled)

19-23. -23. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Anton Nikolaevich Churyumov
Original Assignee
Anton Nikolaevich Churyumov
Inventors
Churyumov, Anton Nikolaevich

Granted Patent

US 9,756,056 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/43   wireless channels

H04L 2463/082   applying multi-factor authe...

H04L 63/00   Network architectures or ne...

H04L 63/0823   using certificates cryptogr...

H04L 63/083   using passwords cryptograph...

H04L 63/0838   using one-time-passwords

H04L 63/105   Multiple levels of security

H04L 63/12   Applying verification of th...

Apparatus and Method for Authenticating a User via Multiple User Devices

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

37 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and Method for Authenticating a User via Multiple User Devices

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

37 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links