Systems and methods for providing location-based application authentication using a location token service
First Claim
1. A method, for authenticating a mobile device associated with a user to permit the mobile device to access an application, comprising:
- determining, by the mobile device, a location of the mobile device;
receiving, by the mobile device, via an input interface of the mobile device, a user identification and a password;
retrieving, from a subscriber identity system of the mobile device, a universal unique identifier and a telephone number;
generating, by the mobile device, a first message including the location, the universal unique identifier, the telephone number of the mobile device, the user identification, and the password;
sending the first message to a location token service server;
recording, by the location token service server, the location, the universal unique identifier the telephone number, the user identification, and the password;
authenticating, by the location token service server, the user identification and the password;
creating, by the location token service server, a user session associated with the mobile device based upon the location, the universal unique identifier, the telephone number, the user identification, and the password;
determining, subsequent to the user session being created, in response to an application being initiated on the mobile device, a current location of the mobile device and generating a second message including the current location, the universal unique identifier, the telephone number, the user identification, and the password;
sending the second message to the location token service server;
determining, by the location token service server, whether the current location is within a threshold distance of the location for a temporal threshold; and
returning, by the location token service server, if the location token service server determines that the current location is within the threshold distance of the location for the temporal threshold, a token to the mobile device, the token being used by the mobile device to permit access to the application.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for implementing a location token service (LTS) to enhance the security of mobile device identity tokens by using the location of the mobile device to augment the tokens. The LTS enforces re-authentication (login) of the mobile device to one or more applications if the mobile device moves beyond a threshold distance from the location of the last use of the token within a time period defined in a temporal threshold. The LTS increases authentication strength and drastically reduces the potential for spoofing or otherwise permitting unauthorized access to one or more applications on the mobile device.
-
Citations
19 Claims
-
1. A method, for authenticating a mobile device associated with a user to permit the mobile device to access an application, comprising:
-
determining, by the mobile device, a location of the mobile device; receiving, by the mobile device, via an input interface of the mobile device, a user identification and a password; retrieving, from a subscriber identity system of the mobile device, a universal unique identifier and a telephone number; generating, by the mobile device, a first message including the location, the universal unique identifier, the telephone number of the mobile device, the user identification, and the password; sending the first message to a location token service server; recording, by the location token service server, the location, the universal unique identifier the telephone number, the user identification, and the password; authenticating, by the location token service server, the user identification and the password; creating, by the location token service server, a user session associated with the mobile device based upon the location, the universal unique identifier, the telephone number, the user identification, and the password; determining, subsequent to the user session being created, in response to an application being initiated on the mobile device, a current location of the mobile device and generating a second message including the current location, the universal unique identifier, the telephone number, the user identification, and the password; sending the second message to the location token service server; determining, by the location token service server, whether the current location is within a threshold distance of the location for a temporal threshold; and returning, by the location token service server, if the location token service server determines that the current location is within the threshold distance of the location for the temporal threshold, a token to the mobile device, the token being used by the mobile device to permit access to the application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method, for authenticating a mobile device associated with a user to permit the mobile device to access an application, comprising:
-
receiving, by a location token service library of the mobile device, a request to initiate a location token service in response to the application being initiated on the mobile device; requesting, by the location token service library, a current location of the mobile device from a location services application of the mobile device, the location services application using a location component of the mobile device to determine the current location of the mobile device; receiving, by the location token service library, the current location from the location services application; requesting, by the location token service library, a universal unique identifier and a telephone number from a subscriber identity system of the mobile device; receiving, by the location token service library, the universal unique identifier and the telephone number from the subscriber identity system; generating, by the location token service library, a message comprising the current location, the universal unique identifier, and the telephone number; communicating, by the location token service library, communicating with an location token service server to transmit the message; receiving, by the location token service library, user login information from the location token service server; providing, by the location token service library, the user login information to the application, permitting a user to access the application on the mobile device; and receiving, by the location token service library, a notification from the location token service server indicating that the user is not logged in and therefore unable to access the application, the notification being triggered at the location token service server in response to the current location of the mobile device being outside of a predetermined location in which access to the application is permitted. - View Dependent Claims (11, 12)
-
-
13. A method, for selectively permitting user access to an application stored on a mobile device, comprising:
-
providing, by the mobile device, upon the application being initiated at the mobile device, authentication information to a location token service server to authenticate a user of the mobile device to access the application, the authentication information comprises a current location of the mobile device, a user identification, and a password; and determining, by the location token service server, whether the current location of the mobile device is within a threshold distance; providing, by the location token service server, if the location token service determines that the current location of the mobile device is within the threshold distance, the mobile device with a location token service token used by the mobile device to permit the user to access the application; and denying, by the location token server server, if the location token service determines that the current location of the mobile device is not within the threshold distance, the user access to the application. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
Specification