USING A MOBILE DEVICE NUMBER (MDN) SERVICE IN MULTIFACTOR AUTHENTICATION
First Claim
1. A method comprising:
- identifying, by a processor, an encryption key associated with a verification device;
determining, by the processor, attributes of a session between a source device and the verification device, wherein first verification data is sent from the source device to the verification device via the session, wherein the first verification data identifies an account, wherein the account is associated with a user device, and wherein the verification device generates user device data associated with a first identifier for the user device;
determining, by the processor and based on the attributes of the session, a second identifier associated with the source device;
generating, by the processor, second verification data based on the second identifier associated with the source device;
encrypting, by the processor and based on the encryption key associated with a verification device, the second verification data; and
forwarding, by the processor, the encrypted second verification data toward the verification device, wherein the verification device decrypts the encrypted second verification data to recover the second verification data, and wherein the verification device determines that source device corresponds to the user device when the user device data corresponds to the second verification data.
1 Assignment
0 Petitions
Accused Products
Abstract
Attributes of a session, between a source device and a verification device, for sending first verification data, such as a password and an account identifier, are determined. The verification device generates user device data based on an identifier, such as a mobile device number (MDN), for a user device associated with the account identifier. An identifier, such as an MDN, associated with the source device and an encryption key associated with the verification device are determined based on session attributes. Second verification data is generated based on the identifier associated with the source device. The second verification data is encrypted using the encryption key and forwarded to the verification device. The verification device decrypts the second verification data and compares the identifier for the user device to the identifier for the source device to determine whether the first verification data was sent from the user device.
116 Citations
20 Claims
-
1. A method comprising:
-
identifying, by a processor, an encryption key associated with a verification device; determining, by the processor, attributes of a session between a source device and the verification device, wherein first verification data is sent from the source device to the verification device via the session, wherein the first verification data identifies an account, wherein the account is associated with a user device, and wherein the verification device generates user device data associated with a first identifier for the user device; determining, by the processor and based on the attributes of the session, a second identifier associated with the source device; generating, by the processor, second verification data based on the second identifier associated with the source device; encrypting, by the processor and based on the encryption key associated with a verification device, the second verification data; and forwarding, by the processor, the encrypted second verification data toward the verification device, wherein the verification device decrypts the encrypted second verification data to recover the second verification data, and wherein the verification device determines that source device corresponds to the user device when the user device data corresponds to the second verification data. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A device comprising:
-
a memory to store one or more instructions; and a processor configured to execute the one or more instructions to; identify an encryption key associated with a verification device, wherein the verification device determines whether a source device is eligible to access a service or data; determine attributes of a session between the source device and the verification device, wherein first verification data is sent from the source device to the verification device via the session, wherein the first verification data identifies an account, wherein the account is associated with a user device, and wherein the verification device generates user device data associated with a first identifier for the user device; determine, based on the attributes of the session, a second identifier associated with the source device; generate second verification data based on the second identifier associated with the source device; encrypt, based on the encryption key associated with a verification device, the second verification data; and forward the encrypted second verification data toward the verification device, wherein the verification device decrypts the encrypted second verification data to recover the second verification data, and wherein the verification device determines that source device corresponds to the user device when the user device data corresponds to the second verification data. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable medium to store instructions, the instructions comprising:
one or more instructions that when executed by a processor, cause the processor to; identify an encryption key associated with a verification device, wherein the verification device determines whether a source device is eligible to access a service or data; determine attributes of a session between the source device and the verification device, wherein first verification data is sent from the source device to the verification device via the session, wherein the first verification data identifies an account, wherein the account is associated with a user device, and wherein the verification device generates user device data associated with a first identifier for the user device; determine, based on the attributes of the session, a second identifier associated with the source device; generate second verification data based on the second identifier associated with the source device; encrypt, based on the encryption key associated with a verification device, the second verification data; and forward the encrypted second verification data toward the verification device, wherein the verification device decrypts the encrypted second verification data to recover the second verification data, and wherein the verification device determines that source device corresponds to the user device when the user device data corresponds to the second verification data. - View Dependent Claims (16, 17, 18, 19, 20)
Specification