Providing remote user authentication

US 8,522,010 B2
Filed: 10/20/2008
Issued: 08/27/2013
Est. Priority Date: 10/20/2008
Status: Active Grant

First Claim

Patent Images

1. A tangible computer readable storage medium comprising instructions that when executed perform a method, comprising:

providing a reference to a user authentication service for installation in source code of a host server, the reference associated with source code for an Iframe in a browser accessing the host server;

providing a user interface (UI) in the Iframe for user authentication on the host server;

providing integration code to the host server for use in an application programming interface for notifying the user authentication service to initiate user authentication upon a request from the UI;

providing an authentication-test message for display in the UI, the authentication-test message comprising a randomly generated challenge-response test specific to a user session in the host server;

performing at least one of;

sending a short message service (SMS)-based authentication-request message, requesting a response, to a mobile device designated by a user;

orreceiving an SMS-based user response from the mobile device, the SMS-based user response comprising an authentication key from the authentication-test message; and

providing a notification to the host server of an authentication of the user after at least one of a desired user response to the SMS-based authentication-request message or the SMS-based user response is received by the user authentication service, at least one of the desired user response or the SMS-based user response comprising an activation of an event by the user which results in the notification, to the host server, of the authentication of the user.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Providing a remote computer user authentication service involves providing a reference to a user authentication service in a host server'"'"'s source code (e.g., website source code). Further, integration code that may be used in an application programming interface (API) on the host server for interaction with a user authentication service can be provided. Additionally, a user interface (UI) for user authentication on the host server, and an authentication-test message on the host server using the UI may be provided. Also, providing authentication can comprise sending an authentication-request message to a mobile device designated by the user; and/or can comprise the user responding with information from the authentication-test message. The host server can be notified of the user'"'"'s authentication after a correct response is received by the user authentication service.

Citations

20 Claims

1. A tangible computer readable storage medium comprising instructions that when executed perform a method, comprising:
- providing a reference to a user authentication service for installation in source code of a host server, the reference associated with source code for an Iframe in a browser accessing the host server;
  
  providing a user interface (UI) in the Iframe for user authentication on the host server;
  
  providing integration code to the host server for use in an application programming interface for notifying the user authentication service to initiate user authentication upon a request from the UI;
  
  providing an authentication-test message for display in the UI, the authentication-test message comprising a randomly generated challenge-response test specific to a user session in the host server;
  
  performing at least one of;
  
  sending a short message service (SMS)-based authentication-request message, requesting a response, to a mobile device designated by a user;
  
  orreceiving an SMS-based user response from the mobile device, the SMS-based user response comprising an authentication key from the authentication-test message; and
  
  providing a notification to the host server of an authentication of the user after at least one of a desired user response to the SMS-based authentication-request message or the SMS-based user response is received by the user authentication service, at least one of the desired user response or the SMS-based user response comprising an activation of an event by the user which results in the notification, to the host server, of the authentication of the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The tangible computer readable storage medium of claim 1, the reference associated with a domain.
  - 3. The tangible computer readable storage medium of claim 2, the domain associated with the user authentication service.
  - 4. The tangible computer readable storage medium of claim 1, the host server configured to host a website.
  - 5. The tangible computer readable storage medium of claim 4, the Iframe provided in the website.
  - 6. The tangible computer readable storage medium of claim 1, the method comprising determining whether the user is human based upon at least one of the desired user response or the SMS-based user response.
  - 7. The tangible computer readable storage medium of claim 4, the Iframe associated with a first domain, the first domain different than a second domain associated with the website.

8. A system, comprising:
- one or more processing units; and
  
  memory comprising instructions that when executed by at least some of the one or more processing units, perform a method comprising;
  
  providing a reference to a user authentication service for installation in source code of a host server, the reference associated with source code for an Iframe in a browser accessing the host server;
  
  providing a user interface (UI) in the Iframe for user authentication on the host server;
  
  providing integration code to the host server for use in an application programming interface for notifying the user authentication service to initiate user authentication upon a request from the UI;
  
  providing an authentication-test message for display in the UI, the authentication-test message comprising a randomly generated challenge-response test specific to a user session in the host server;
  
  performing at least one of;
  
  sending a short message service (SMS)-based authentication-request message, requesting a response, to a mobile device designated by a user;
  
  orreceiving an SMS-based user response from the mobile device, the SMS-based user response comprising an authentication key from the authentication-test message; and
  
  providing a notification to the host server of an authentication of the user after at least one of a desired user response to the SMS-based authentication-request message or the SMS-based user response is received by the user authentication service, at least one of the desired user response or the SMS-based user response comprising an activation of an event.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, the reference associated with a domain.
  - 10. The system of claim 9, the domain associated with the user authentication service.
  - 11. The system of claim 8, the host server configured to host a website.
  - 12. The system of claim 11, the Iframe provided in the website.
  - 13. The system of claim 8, the method comprising determining whether the user is human based upon at least one of the desired user response or the SMS-based user response.
  - 14. The system of claim 11, the Iframe associated with a first domain, the first domain different than a second domain associated with the website.

15. A method, comprising:
- providing a reference to a user authentication service for installation in source code of a host server, the reference associated with source code for an Iframe in a browser accessing the host server;
  
  providing a user interface (UI) in the Iframe for user authentication on the host server;
  
  providing integration code to the host server for use in an application programming interface for notifying the user authentication service to initiate user authentication upon a request from the UI;
  
  providing an authentication-test message for display, the authentication-test message comprising a randomly generated challenge-response test specific to a user session in the host server;
  
  performing at least one of;
  
  sending a short message service (SMS)-based authentication-request message, requesting a response, to a mobile device designated by a user;
  
  orreceiving an SMS-based user response from the mobile device, the SMS-based user response comprising an authentication key from the authentication-test message; and
  
  providing a notification to the host server of an authentication of the user after at least one of a desired user response to the SMS-based authentication-request message or the SMS-based user response is received by the user authentication service.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, the reference associated with a domain.
  - 17. The method of claim 16, the domain associated with the user authentication service.
  - 18. The method of claim 15, the host server configured to host a website.
  - 19. The method of claim 18, the Iframe provided in the website.
  - 20. The method of claim 15, comprising determining whether the user is human based upon at least one of the desired user response or the SMS-based user response.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Ozzie, Raymond E., Ozzie, Jack E., Galvin, Thomas A., Patey, Eric M.
Primary Examiner(s)
CHEN, SHIN HON

Application Number

US12/254,115
Publication Number

US 20100100725A1
Time in Patent Office

1,772 Days
Field of Search

None
US Class Current

713/155
CPC Class Codes

G06F 21/43   wireless channels

H04L 63/0853   using an additional device,...

H04L 63/18   using different networks or...

Providing remote user authentication

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Providing remote user authentication

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links