System and method of authenticating a user to a service provider
First Claim
1. A method comprising:
- receiving a first authentication request from a service provider at a terminal, wherein the first authentication request identifies a first acceptable identity provider;
receiving first user input comprising an identity provider application access code;
subsequent to receiving the first user input, comparing, by the terminal, the first acceptable identity provider with a supported identity provider;
determining that the first acceptable identity provider matches the supported identity provider;
displaying, by the terminal, the first acceptable identity provider;
receiving second user input comprising a selection of the first acceptable identity provider;
sending the first authentication request from the terminal to the first acceptable identity provider;
receiving a second authentication request at the terminal, wherein the second authentication request identifies a second acceptable identity provider;
subsequent to receiving the second authentication request, comparing, by the terminal, the second acceptable identity provider with the supported identity provider;
determining that the second acceptable identity provider does not match the supported identity provider; and
sending the second authentication request from the terminal to the second acceptable identity provider.
12 Assignments
0 Petitions
Accused Products
Abstract
A system, device, computer program product, and method provide authentication of a user to a service provider. The system includes a service provider, a terminal, and a network that allows communication between the service provider and the terminal. The terminal includes a memory, a communication interface, a processor, and an Identity Provider (IDP) application. The communication interface is configured to receive an authentication request from a service provider wherein the authentication request includes an acceptable identity provider and to send the authentication request to the acceptable identity provider if the acceptable identity provider matches a supported identity provider stored in the memory of the terminal. The processor is coupled to the communication interface and to the memory and executes the IDP application. The IDP application is configured to compare the acceptable identity provider with the supported identity provider stored in the memory.
-
Citations
17 Claims
-
1. A method comprising:
-
receiving a first authentication request from a service provider at a terminal, wherein the first authentication request identifies a first acceptable identity provider; receiving first user input comprising an identity provider application access code; subsequent to receiving the first user input, comparing, by the terminal, the first acceptable identity provider with a supported identity provider; determining that the first acceptable identity provider matches the supported identity provider; displaying, by the terminal, the first acceptable identity provider; receiving second user input comprising a selection of the first acceptable identity provider; sending the first authentication request from the terminal to the first acceptable identity provider; receiving a second authentication request at the terminal, wherein the second authentication request identifies a second acceptable identity provider; subsequent to receiving the second authentication request, comparing, by the terminal, the second acceptable identity provider with the supported identity provider; determining that the second acceptable identity provider does not match the supported identity provider; and sending the second authentication request from the terminal to the second acceptable identity provider. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A non-transitory computer-readable medium comprising executable instructions that, when executed, cause a device at least to:
-
receive a first authentication request from a service provider, wherein the first authentication request identifies a first acceptable identity provider; receive first user input comprising an identity provider application access code; subsequent to receiving the first user input, compare the first acceptable identity provider with a supported identity provider; determine that the first acceptable identity provider matches the supported identity provider; display the first acceptable identity provider; receive second user input comprising a selection of the first acceptable identity provider; send the first authentication request to the first acceptable identity provider; receive a second authentication request, wherein the second authentication request identifies a second acceptable identity provider; subsequent to receiving the second authentication request, compare the second acceptable identity provider with the supported identity provider; determine that the second acceptable identity provider does not match the supported identity provider; and send the second authentication request to the second acceptable identity provider. - View Dependent Claims (8, 9, 10, 11)
-
-
12. An apparatus comprising:
-
a processor; and memory storing executable instructions configured to, with the processor, cause the apparatus at least to; receive a first authentication request from a service provider, wherein the first authentication request identifies a first acceptable identity provider; receive first user input comprising an identity provider application access code; after receiving the first user input, compare the first acceptable identity provider with a supported identity provider; determine that the first acceptable identity provider matches the supported identity provider; display the first acceptable identity provider; receive second user input comprising a selection of the first acceptable identity provider; send the first authentication request to the first acceptable identity provider; receive a second authentication request, wherein the second authentication request identifies a second acceptable identity provider; subsequent to receiving the second authentication request, compare the second acceptable identity provider with the supported identity provider; determine that the second acceptable identity provider does not match the supported identity provider; and send the second authentication request to the second acceptable identity provider. - View Dependent Claims (13, 14, 15, 16, 17)
-
Specification