Verifying access to a network account over multiple user communication portals based on security criteria

US 8,087,068 B1
Filed: 03/08/2005
Issued: 12/27/2011
Est. Priority Date: 03/08/2005
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for verifying authorization of access to a network account, comprising:

at a server associated with a user network account;

associating a first user communication portal with the user network account;

receiving an access request to access the user network account from a second user communication portal;

in response to the access request;

determining security criteria related to the second user communication portal; and

passing a security verification request to the first user communication portal when the security criteria is of a predetermined value, wherein the security verification request includes a request for a user of the first user communication portal to decide whether to verify authorization of access to the user network account via the second user communication portal;

receiving a communication from the first user communication portal in response to the security verification request, wherein the communication includes information indicative of a user response to the security verification request;

performing an account access operation enabling access to the user network account from the second communication portal based on the user response to the security verification request; and

wherein the first and second user communication portals comprise devices distinct from the server.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented system and method for verifying access to a network account are provided. A first user communication portal is associated with a user network account. A request to access the user network account is received from a second user communication portal. Security criteria related to the second user communication portal is determined. Access to the user network account is enabled upon receipt of a communication associated with the first user communication portal when the security criteria is of a predetermined value.

137 Citations

View as Search Results

40 Claims

1. A computer-implemented method for verifying authorization of access to a network account, comprising:
- at a server associated with a user network account;
  
  associating a first user communication portal with the user network account;
  
  receiving an access request to access the user network account from a second user communication portal;
  
  in response to the access request;
  
  determining security criteria related to the second user communication portal; and
  
  passing a security verification request to the first user communication portal when the security criteria is of a predetermined value, wherein the security verification request includes a request for a user of the first user communication portal to decide whether to verify authorization of access to the user network account via the second user communication portal;
  
  receiving a communication from the first user communication portal in response to the security verification request, wherein the communication includes information indicative of a user response to the security verification request;
  
  performing an account access operation enabling access to the user network account from the second communication portal based on the user response to the security verification request; and
  
  wherein the first and second user communication portals comprise devices distinct from the server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 2. The method of claim 1, wherein the determining action is based on the location of the second user communication portal.
  - 3. The method of claim 1, wherein the determining action is based on a determination that the second user communication portal is not secure.
  - 4. The method of claim 1, wherein the determining action is based on a determination by a program operative at the second user communication portal that spyware or malware is present at the second user communication portal.
  - 5. The method of claim 1, wherein the determining action is based on the number of times a request to access the account has been received in a predetermined period of time.
  - 6. The method of claim 1, wherein the determining action is triggered based on an account setting selected by a user associated with the user network account.
  - 7. The method of claim 1, wherein the access request comprises a request to use additional security measures to verify authorization of access to the user network account.
  - 8. The method of claim 1, further comprising:
    - receiving an enhanced security account access identifier, wherein the determining action is based on the enhanced security account access identifier.
  - 9. The method of claim 1, wherein the act of passing a security verification request to the first user communication portal comprises passing a text message to at least one of a user'"'"'s mobile phone, a user'"'"'s PDA, and a user'"'"'s portable wireless gaming device.
  - 10. The method of claim 1, wherein the account access operation includes conditionally enabling access to the user network account upon receipt of the user response from the first user communication portal in accordance with the content of the user response.
  - 11. The method of claim 10, wherein the communication comprises an account access code;
    - and wherein the act of enabling access to the network account occurs after receiving a username and a password associated with the user network account and the account access code.
  - 12. The method of claim 1, wherein the access request comprises at least one of an account ID and a password.
  - 13. The method of claim 1, wherein the first user communication portal is identified by at least one of a user telecommunications account, a user portable gaming system account, and a user email account.
  - 14. The method of claim 1, wherein the user network account may be accessed over the Internet and comprises at least one of an email account, a bank account, and a user account with a merchant.
  - 15. The method of claim 1, wherein the account access operation further comprises enabling access to the user network account from the first user communication portal based on the user response to the security verification request.
  - 16. The method of claim 1, wherein the second user communication portal comprises a computer terminal.
  - 17. The method of claim 1, wherein the first user communication portal and the user network account are associated with a first user, and wherein the second user communication portal is associated with a second user.
  - 18. The method of claim 1 wherein the account access operation is based at least in part on the determined security criteria.
  - 19. The method of claim 1, wherein the access request includes information indicating that the access request is for limited access;
    - andwherein the account access operation includes enabling limited access to the user network account upon receipt of the user response from the first user communication portal.

20. A server for verifying access to a network account, comprising:
- at least one processor;
  
  an associating module that associates a first user communication portal with a user network account;
  
  a request receiving module that receives an access request to access the user network account from a second user communication portal;
  
  a security determination module that determines security criteria related to the second user communication portal;
  
  a communication module that passes a security verification request to the first user communication portal when the security criteria is of a predetermined value, wherein the security verification request includes a request for a user of the first user communication portal to decide whether to verify authorization of access to the user network account via the second user communication portal;
  
  an account access module that receives a communication from the first user communication portal in response to the security verification request, wherein the communication includes information indicative of a user response to the security verification request, and performs an account access operation enabling access to the user network account from the second communication portal based on the user response to the security verification request; and
  
  wherein the first and second user communication portals comprise devices distinct from the server.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
- - 21. The server of claim 20, wherein the server determines the security criteria based on the location of the second user communication portal.
  - 22. The server of claim 20, wherein the server determines the security criteria based on a determination that the second user communication portal is not secure.
  - 23. The server of claim 20, wherein the server determines the security criteria based on a determination by a program operative at the second user communication portal that spyware or malware is present at the second user communication portal.
  - 24. The server of claim 20, wherein the server determines the security criteria based on the number of times a request to access the account has been received in a predetermined period of time.
  - 25. The server of claim 20, wherein determining the security criteria is triggered based on an account setting selected by a user associated with the user network account.
  - 26. The server of claim 20, wherein the access request comprises a request to use additional security measures to verify authorization of access to the user network account.
  - 27. The server of claim 20, wherein:
    - the access request includes an enhanced security account access identifier; and
      
      the server determines the security criteria based on the enhanced security account access identifier.
  - 28. The server of claim 20, wherein passing the security verification request to the first user communication portal comprises passing a text message to at least one of a user'"'"'s mobile phone, a user'"'"'s PDA, and a user'"'"'s portable wireless gaming device.
  - 29. The server of claim 20, wherein performing the account access operation includes conditionally enabling access to the user network account upon receipt of the user response from the first user communication portal in accordance with the content of the user response.
  - 30. The server of claim 29, wherein:
    - the communication comprises an account access code; and
      
      access to the network account is enabled after receiving a username and a password associated with the user network account and the account access code.
  - 31. The server of claim 20, wherein performing the account access operation includes enabling access to the user network account from the first user communication portal based on the user response to the security verification request.
  - 32. The server of claim 20, wherein the access request comprises at least one of an account ID and a password.
  - 33. The server of claim 20, wherein the first user communication portal is identified by at least one of a user telecommunications account, a user portable gaming system account, and a user email account.
  - 34. The server of claim 20, wherein the user network account may be accessed over the Internet and comprises at least one of an email account, a bank account, and a user account with a merchant.
  - 35. The server of claim 20, wherein the second user communication portal comprises a computer terminal.
  - 36. The server of claim 20, wherein:
    - the first user communication portal and the user network account are associated with a first user; and
      
      the second user communication portal is associated with a second user.
  - 37. The server of claim 20 wherein the server performs the account access operation based at least in part on the determined security criteria.
  - 38. The server of claim 20, wherein:
    - the access request includes information indicating that the access request is for limited access; and
      
      performing the account access operation includes enabling limited access to the user network account upon receipt of the user response from the first user communication portal.

39. A computer-implemented method for verifying access to a network account, comprising:
- at a server associated with a user network account;
  
  associating a user telecommunications number with the user network account;
  
  receiving an access request to access the user network account from a computer;
  
  determining security criteria related to the computer, wherein the security criteria comprises information about at least one of a location of the computer and a presence of spyware or malware at the computer;
  
  based on the security criteria, requesting a confirmation from a device associated with the user telecommunications number, wherein requesting a confirmation includes a request for a user of the device to decide whether to verify authorization of access to the user network account via the computer;
  
  receiving the confirmation from the device associated with the user telecommunications number, wherein the confirmation includes information indicative of a user response to the request for a confirmation;
  
  enabling access to the user network account at the computer based on receiving the user response to the request for confirmation; and
  
  wherein the device and the computer are distinct from the server.

40. A server for verifying access to a network account, comprising:
- at least one processor;
  
  an associating module that associates a user telecommunications number with a user network account;
  
  a request receiving module that receives an access request to access the user network account from a computer;
  
  a security determination module that determines security criteria related to the computer, wherein the security criteria comprises information about at least one of a location of the computer and a presence of spyware or malware at the computer;
  
  an identity verifier module that passes a confirmation request to a device associated with the user telecommunications number based on the security criteria, wherein the confirmation request includes a request for a user of the device to decide whether to verify authorization of access to the user network account via the computer;
  
  a multiple security portal module that receives a confirmation from the device associated with the user telecommunications number, wherein the confirmation includes information indicative of a user response to the request for a confirmation; and
  
  enables access to the user network account at the computer based on receiving the user response to the confirmation request; and
  
  wherein the device and the computer are distinct from the server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
Downey, Brandon A., Patel, Amit J., Yu, Chris
Primary Examiner(s)
Lanier, Benjamin
Assistant Examiner(s)
ALMEIDA, DEVIN E

Application Number

US11/074,007
Time in Patent Office

2,485 Days
Field of Search

726/4
US Class Current

726/4
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/40   by quorum, i.e. whereby two...

G06F 21/42   using separate channels for...

G06F 21/43   wireless channels

H04L 63/083   using passwords cryptograph...

H04L 63/105   Multiple levels of security

Verifying access to a network account over multiple user communication portals based on security criteria

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

137 Citations

40 Claims

Specification

Solutions

Use Cases

Quick Links

Verifying access to a network account over multiple user communication portals based on security criteria

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

137 Citations

40 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links