Authenticating via mobile device

US 8,572,701 B2
Filed: 08/22/2011
Issued: 10/29/2013
Est. Priority Date: 08/22/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by a first server device, an authentication request from a second server device;

adding, by the first server device, the authentication request to a queue of authentication requests associated with a user;

providing, by the first server device from the queue, a list of authentication requests that are pending for the user to a mobile device of the user, wherein the list of authentication requests includes the authentication request from the second server device;

receiving, by the first server device from the mobile device, a selection of the authentication request by the user from the list of authentication requests that are pending for the user;

transmitting, to the mobile device, instructions to request authentication information from the user in response to receiving the selection of the authentication request, wherein transmitting instructions to request the authentication information comprises;

determining a level of authentication required for the authentication response, wherein the level of authentication required specifies the authentication information required to successfully authenticate the user for the authentication request; and

generating the instructions based on the level of authentication required;

receiving, by the first server device and from the mobile device, the authentication information, provided by the user, for the authentication request selected from the list of authentication requests;

determining, by the first server device that authentication, of the user, for the selected authentication request is successful based on the authentication information;

generating, by the first server device, an authentication response that indicates that the authentication, of the user, for the selected authentication request is successful; and

transmitting, by the first server device, the authentication response to the second server device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A first server device is configured to receive an authentication request from a second server device; add the authentication request to a queue associated with a user; and provide a representation of the queue to a mobile device of the user. The representation of the queue includes an entry for the authentication request. The first server device is further configured to receive, from the mobile device, authentication information, provided by the user, for the authentication request; determine that authentication, of the user, for the authentication request is successful based on the authentication information; generate an authentication response that indicates that the authentication, of the user, for the authentication request is successful; and transmit, by the first server device, the authentication response to the second server device.

Citations

20 Claims

1. A method comprising:
- receiving, by a first server device, an authentication request from a second server device;
  
  adding, by the first server device, the authentication request to a queue of authentication requests associated with a user;
  
  providing, by the first server device from the queue, a list of authentication requests that are pending for the user to a mobile device of the user, wherein the list of authentication requests includes the authentication request from the second server device;
  
  receiving, by the first server device from the mobile device, a selection of the authentication request by the user from the list of authentication requests that are pending for the user;
  
  transmitting, to the mobile device, instructions to request authentication information from the user in response to receiving the selection of the authentication request, wherein transmitting instructions to request the authentication information comprises;
  
  determining a level of authentication required for the authentication response, wherein the level of authentication required specifies the authentication information required to successfully authenticate the user for the authentication request; and
  
  generating the instructions based on the level of authentication required;
  
  receiving, by the first server device and from the mobile device, the authentication information, provided by the user, for the authentication request selected from the list of authentication requests;
  
  determining, by the first server device that authentication, of the user, for the selected authentication request is successful based on the authentication information;
  
  generating, by the first server device, an authentication response that indicates that the authentication, of the user, for the selected authentication request is successful; and
  
  transmitting, by the first server device, the authentication response to the second server device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1,wherein the second server device is associated with a website that requires the authentication of the user before providing access to a web service associated with the website, orwherein the second server requires the authentication of the user before approving a transaction performed by a third party that requires verification by the user for transaction approval.
  - 3. The method of claim 1, further comprising:
    - generating the authentication information in response to the instructions.
  - 4. The method of claim 1, wherein only non-secret information of the user is exchanged between a the computer device and the second server device before the first server device receives the authentication request from the second server device.
  - 5. The method of claim 1, wherein the authentication information comprises one or more of:
    - a pin,a password,a one time passcode,an authentication phrase provided by the user,a facial signature, ora fingerprint.
  - 6. The method of claim 1, further comprising:
    - determining a user identifier, of the user, included in the authentication request, andretrieving user information of the user based on the user identifier, wherein the user information comprises a queue identifier of the queue and a unique identifier associated with the mobile device.
  - 7. The method of claim 1, wherein providing the list of authentication requests to the mobile device comprises:
    - transmitting, to the mobile device, a notification about the authentication request,receiving, from the mobile device, a request to access the queue, andproviding the list of authorization requests from the queue in response to the request to access the queue.
  - 8. The method of claim 7,wherein the request to access the queue comprises a user identifier and a secret credential, andwherein the list of authorization requests from the queue is provided only when the user identifier and the secret credential match information stored, by the first server device, for the user.
  - 9. The method of claim 1, wherein determining that the authentication for the selected authentication request is successful comprises:
    - retrieving authentication values, of the user, from user information stored by the first server, or from the selected authentication request, anddetermining that the authentication for the selected authentication request is successful when the authentication information matches corresponding values of the authentication values.
  - 10. The method of claim 1, wherein the list of authentication requests comprises a plurality of authentication requests that are pending for the user.
  - 11. The method of claim 1, wherein each of the plurality of authentication requests includes first data identifying a party requesting authentication of the user via a respective one of the plurality of authentication requests, second data identifying the user that needs to authenticate the respective one of the plurality of authentication requests, and third data that specifies a type of a transaction associated with the respective one of the plurality of authentication requests or a type of action required by the user for the transaction associated with the respective one of the plurality of authentication requests.
  - 12. The method of claim 11, wherein each of the plurality of authentication requests includes fourth data that specifies which authentication information that the user is required to provide via the mobile device in order to be authenticated for a respective one of the plurality of authentication requests.
  - 13. The method of claim 11, wherein each of the plurality of authentication requests includes fourth data that indicates a particular time at which a respective one of the plurality of authentication requests expires.

14. A device comprising:
- a memory configured to store a queue associated with a user, wherein the queue stores a list comprising a plurality of authentication requests; and
  
  a processor configured to;
  
  receive an authentication request from a web server associated with a website accessed by the user,add the authentication request to the list stored in the queue, as one of the plurality of authentication requests,receive an access request to access the queue from a mobile device of the user,provide, to the mobile device, the list comprising the plurality of authentication requests in response to the access request, wherein the list includes an entry for the authentication request,receive a selection of the authentication request from the list comprising the plurality of authentication requests,prompt the user to provide authentication information for the selected authentication request, wherein, when prompting the user to provide the authentication information, the processor is further configured to;
  
  determine a level of authentication required for the selected authentication request, where the level of authentication required specifies the authentication information required to successfully authenticate the user for the selected authentication request,determine instructions based on the level of authentication required, andtransmit, to the mobile device, instructions to request the authentication information from the user, andreceive the authentication information from the mobile device.
- View Dependent Claims (15, 16, 17)
- - 15. The device of claim 14 wherein the processor is further configured to:
    - determine the authentication for the user is successful when the authentication information matches authentication values stored for the user or included in the selected authentication request,generate an authentication response that indicates that the authentication, of the user, for the selected authentication request is successful, andtransmit the authentication response to the web server associated with the selected authentication request.
  - 16. The device of claim 15, wherein , after transmitting the authentication response, the processor is further configured to:
    - remove the selected authentication request from the queue, or indicate, in the queue, that the selected authentication request is approved by the user.
  - 17. The device of claim 14 wherein each of the plurality of authentication requests includes:
    - first data identifying a party requesting authentication of the user via a respective one of the plurality of authentication requests, second data identifying the user that needs to authenticate the respective one of the plurality of authentication requests, and third data that specifies a type of a transaction associated with the respective one of the plurality of authentication requests, or a type of action required by the user for the transaction associated with the respective one of the plurality of authentication requests,fourth data that specifies which authentication information that the user is required to provide via the mobile device in order to be authenticated for a respective one of the plurality of authentication requests, andfifth data that indicates a particular time at which a respective one of the plurality of authentication requests expires.

18. One or more non-transitory computer-readable media storing instructions executable by one or more processors of a device to perform a method, the method comprising:
- receiving an authentication request, associated with a user, from a server, wherein the authentication request involves an interaction between a computer terminal and the server;
  
  adding the authentication request to a queue of authentication requests associated with the user, wherein the queue includes a plurality of authentication requests that are pending for the user;
  
  retrieving, from the queue, a list that includes the plurality of authentication requests;
  
  transmitting, to a mobile device of the user, the list that includes the plurality of authentication requests;
  
  receiving, from the mobile device, a selection by the user of the authentication request from the list that includes the plurality of authentication requests that are pending for the user;
  
  determining a level of authentication required for the selected authentication request, where the level of authentication required specifies authentication information required to successfully authenticate the user for the selected authentication request;
  
  determining instructions based on the level of authentication required;
  
  transmitting the instructions to the mobile device to request the authentication information from the user;
  
  receiving, from the mobile device, the authentication information for the selected authentication request;
  
  determining a successful authentication, of the user, for the selected authentication request when the authentication information matches one or more corresponding values associated with the user;
  
  generating an authentication response that indicates the successful authentication of the user, for the selected authentication request; and
  
  transmitting the authentication response to the server.
- View Dependent Claims (19, 20)
- - 19. The media of claim 18, wherein only non-secret information of the user is exchanged between the computer terminal and the server before the authentication request is received from the second server.
  - 20. The media of claim 18, wherein the authentication request comprises one or more of:
    - an identifier associated with the user or the mobile device, where the mobile device uses the identifier to identify the queue,types of authentication information required for the authentication request, where the mobile device uses the types of the authentication information to prompt the user to provide the authentication information via the mobile device,a rule for determining a time when the authentication request expires, where the mobile device uses the rule to determine the time when the authentication request expires, orthe time when the authentication request expires, where the mobile device removes the authentication request from the queue when a current time is equal to the time when the authentication request expires.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Inventors
Rathbun, George Steven
Primary Examiner(s)
Chea, Philip
Assistant Examiner(s)
ABEDIN, SHANTO

Application Number

US13/214,529
Publication Number

US 20130055362A1
Time in Patent Office

799 Days
Field of Search

726 2- 6, 726/21, 713/168, 713182-186, 705/67, 705/72, 705/50, 705/75, 709/219, 709/225
US Class Current

726/6
CPC Class Codes

H04L 2209/80   Wireless

H04L 63/0853   using an additional device,...

H04L 63/18   using different networks or...

H04L 9/3271   using challenge-response

H04W 12/068   using credential vaults, e....

Authenticating via mobile device

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Authenticating via mobile device

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links