AUTHENTICATION OF ACCESS REQUEST OF A DEVICE AND PROTECTING CONFIDENTIAL INFORMATION
First Claim
1. A method for requesting access to a resource, comprising:
- receiving, by an application executing on a user device, order data and a signature based on the order data, the order data and the signature being received from an access device, the order data being for an order made via the access device to a request computer, wherein the signature is generated by the request computer using the order data and a shared secret key that is shared between the request computer and an authentication server;
obtaining, by the application, a selection of a credential routine from a plurality of credential routines installed on the user device, wherein each of the plurality of credential routines have access to a different credential corresponding to a different service for obtaining access to the resource;
requesting, by the application, a credential from the selected credential routine;
obtaining, by the application, the credential from the credential routine; and
sending, by the application to the authentication server, an access request including the order data, the signature, and the credential, the access request being a request for access to the resource, wherein the authentication server provides a response to the access request based on the order data, the signature, and the credential.
1 Assignment
0 Petitions
Accused Products
Abstract
The systems and methods described herein enable an application on a user device to securely request access to a resource for an order using a selected credential routine. The application can receive order data and a signature based on the order data from an access device. The application can include an interface for selecting a particular credential routine from a plurality of credential routines that can be used to obtain the credential for accessing the resource. Instead of requesting access to the resource via the access device, the application can communicate with an authentication server that can verify the signature based on the order data and obtain authorization of the credential. Thus, the application can select a credential routine and credential for accessing a resource through secure communications with the authentication server.
-
Citations
20 Claims
-
1. A method for requesting access to a resource, comprising:
-
receiving, by an application executing on a user device, order data and a signature based on the order data, the order data and the signature being received from an access device, the order data being for an order made via the access device to a request computer, wherein the signature is generated by the request computer using the order data and a shared secret key that is shared between the request computer and an authentication server; obtaining, by the application, a selection of a credential routine from a plurality of credential routines installed on the user device, wherein each of the plurality of credential routines have access to a different credential corresponding to a different service for obtaining access to the resource; requesting, by the application, a credential from the selected credential routine; obtaining, by the application, the credential from the credential routine; and sending, by the application to the authentication server, an access request including the order data, the signature, and the credential, the access request being a request for access to the resource, wherein the authentication server provides a response to the access request based on the order data, the signature, and the credential. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for authenticating an access request, comprising:
-
storing, by an authentication server, a shared secret key that is shared with a request computer; receiving, by the authentication server from an application of a user device, an access request including order data, a signature based on the order data, and a credential, wherein the order data is for an order made via the access device to a request computer, wherein the signature is generated by the request computer using the order data and shared secret key; verifying, by the authentication server, the signature using the order data and the shared secret key that is stored at the authentication server; obtaining, by the authentication server, authorization of the access request based on the order data and the credential; and sending, by the authentication server to the application, a response to the access request based on the verifying of the signature and the obtaining of the authorization. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A user device, comprising:
-
a computer readable storage medium storing a plurality of instructions; and one or more processors for executing the instructions stored on the computer readable storage medium to; receive, by an application, order data and a signature based on the order data, the order data and the signature being received from an access device, the order data being for an order made via the access device to a request computer, wherein the signature is generated by the request computer using the order data and a shared secret key that is shared between the request computer and an authentication server; obtain, by the application, a selection of a credential routine from a plurality of credential routines installed on the user device, wherein each of the plurality of credential routines have access to a different credential corresponding to a different service for obtaining access to the resource; request, by the application, a credential from the selected credential routine; obtain, by the application, the credential from the credential routine; and sending, by the application to the authentication server, an access request including the order data, the signature, and the credential, the access request being a request for access to the resource, wherein the authentication server provides a response to the access request based on the order data, the signature, and the credential. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification