Service Authorization Using Auxiliary Device

US 20170223016A1
Filed: 04/18/2017
Published: 08/03/2017
Est. Priority Date: 04/15/2014
Status: Active Grant

First Claim

Patent Images

1. A method for service authorization, the method comprising:

receiving, by one or more processors of a server terminal device, user authentication information that is stored on an auxiliary device for user authentication associated with a user terminal device, the user authentication information comprising verification information and user identification information and the verification information including information obtained by signing an authentication label using a private key; and

determining whether the user terminal device meets an authorization condition based on the user authentication information.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Implementations of the present disclosure relate to systems and methods for service authorization. A server terminal device may receive user authentication information that is stored on the auxiliary device for user authentication associated with an authentication device. Based on the user authentication information, the server terminal device may then determine whether the authentication device meets the authentication condition. The implementations further relate to methods and systems for requesting service authorization.

8 Citations

20 Claims

1. A method for service authorization, the method comprising:
- receiving, by one or more processors of a server terminal device, user authentication information that is stored on an auxiliary device for user authentication associated with a user terminal device, the user authentication information comprising verification information and user identification information and the verification information including information obtained by signing an authentication label using a private key; and
  
  determining whether the user terminal device meets an authorization condition based on the user authentication information.
- View Dependent Claims (2, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising:
    - receiving a request for user authentication prior to receiving the user authentication information, the user authentication request including identifier information of the user terminal device;
      
      generating a service serial number based on the user authentication request, the service serial number having a mapping relationship with the user authentication request; and
      
      wherein the determining whether the user terminal device meets the authorization condition comprises;
      
      determining the service serial number corresponding to the user authentication request;
      
      identifying the user terminal device based on the identifier information of the user terminal device;
      
      determining whether the user terminal device meets the authorization condition.
  - 5. The method of claim 1, the method further comprising:
    - transmitting the private key to the user terminal device after verification of the user identification information; and
      
      transmitting the authentication label to the auxiliary device for user authentication via the user terminal device after receiving a request for user authentication.
  - 6. The method of claim 5, wherein the determining whether the user terminal device meets the authorization condition comprises:
    - identifying the user identification information corresponding to a public key;
      
      decrypting the verification information using the public key to obtain information to be certified;
      
      determining whether the information to be certified matches the authentication label based on the user authentication information;
      
      determining that the user terminal device meets authorization conditions in response to a determination that the information to be certified matches the authentication label; and
      
      determining that the user terminal device does not meet authorization conditions in response to a determination that the information to be certified does not match the authentication label.
  - 7. The method of claim 1, wherein the user authentication information is provided by the auxiliary device for user authentication to the server terminal device.
  - 8. The method of claim 1, wherein the user authentication information is obtained from the user terminal device or the auxiliary device for user authentication and transmitted by the user terminal device to the server terminal device.
  - 9. The method of claim 1, wherein the auxiliary device for user authentication comprises at least one of a mobile phone, a desktop computer, a laptop, or a tablet.
  - 10. The method of claim 1, wherein the auxiliary device for user authentication and user terminal device exchange information using sound waves.
  - 11. The method of claim 1, wherein the user authentication information comprises a user name and a password.

3-4. -4. (canceled)

12. A method for requesting authorization, the method comprising:
- receiving, by one or more processors of an auxiliary device for user authentication, an auxiliary authentication request from a user terminal device associated with the auxiliary device for user authentication;
  
  obtaining user authentication information that is stored on the auxiliary device for user authentication, the user authentication information comprising verification information and user identification information and the verification information including information obtained by signing an authentication label using a private key; and
  
  transmitting the user authentication information to a server terminal device such that the server terminal device determines, based on the user authentication information, whether the user terminal device meets a authentication condition.
- View Dependent Claims (13, 14)
- - 13. The method of claim 12, wherein the user authentication information that is stored on the auxiliary device for user authentication is transmitted directly to the server terminal device.
  - 14. The method of claim 12, wherein the user authentication information is transmitted from the auxiliary device for user authentication to the server terminal device via the user terminal device.

15. A system for service authorization, the system comprising:
- one or more processors; and
  
  memory including instructions executable by the one or more processors, which when executed perform the following acts;
  
  receiving, by one or more processors of a server terminal device, user authentication information that is stored on an auxiliary device for user authentication associated with a user terminal device, the user authentication information comprising verification information and user identification information and the verification information including information obtained by signing an authentication label using a private key; and
  
  determining whether the user terminal device meets an authorization condition based on the user authentication information.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15, wherein the acts further comprise:
    - receiving a request for user authentication prior to receiving the user authentication information, the user authentication request including identifier information of the user terminal device; and
      
      generating a service serial number based on the user authentication request, the service serial number having a mapping relationship with the user authentication request; and
      
      wherein the determining whether the user terminal device meets an authorization condition comprises;
      
      determining the service serial number corresponding to the user authentication request based on the user authentication information;
      
      identifying the user terminal device based on the identifier information of the user terminal device; and
      
      determining whether the user terminal device meets the authorization condition.
  - 17. The system of claim 15, wherein the user authentication information is provided by the auxiliary device for user authentication to a server terminal device of the system.
  - 18. The system of claim 15, wherein the user authentication information is obtained from the user terminal device from the auxiliary device for user authentication and transmitted by the user terminal device to a server terminal device of the system.
  - 19. The system of claim 15, wherein the auxiliary device for user authentication comprises at least one of a mobile phone, a desktop computer, a laptop, or a tablet.
  - 20. The system of claim 15, wherein the auxiliary device for user authentication and user terminal device exchange information by implementing sound waves.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Advanced New Technologies Company Limited (Ant Group Co., Ltd.)
Original Assignee
Alibaba Group Holding Ltd.
Inventors
Cao, Kai

Granted Patent

US 10,659,454 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/44   Program or device authentic...

H04L 63/04   for providing a confidentia...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/10   for controlling access to d...

H04L 63/123   received data contents, e.g...

H04L 63/18   using different networks or...

H04L 9/30   Public key, i.e. encryption...

H04L 9/321   involving a third party or ...

H04L 9/3226   using a predetermined code,...

H04L 9/3228   One-time or temporary data,...

H04L 9/3234   involving additional secure...

Service Authorization Using Auxiliary Device

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

8 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Service Authorization Using Auxiliary Device

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

8 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others