Passwordless strong authentication using trusted devices
First Claim
Patent Images
1. A computer-implemented method of authenticating a customer using a trusted device, the method comprising:
- registering a mobile device as a trusted device associated with a customer account for an online resource;
detecting an attempt to access the online resource by an electronic device different from the trusted device;
providing a graphical code for display by the electronic device responsive to detecting the attempt, the graphical code including a security token therein;
receiving authentication data from the mobile device, the authentication data indicating that the graphical code was captured by the mobile device;
identifying the mobile device as the trusted device associated with the customer account responsive to receiving the authentication data from the mobile device and based on the registering the mobile device as a trusted device;
marking the security token included in the graphical code as authenticated responsive to identifying the mobile device as the trusted device associated with the customer account;
detecting authentication of the security token displayed by the electronic device; and
automatically signing-in the electronic device to the customer account for the online resource responsive to detecting the authentication of the security token and without receiving a username or password associated with the customer account therefrom, wherein at least one of the registering, detecting the attempt to access, providing, receiving, identifying, marking, detecting the authentication, and automatically signing-in is performed using at least one hardware processor.
1 Assignment
0 Petitions
Accused Products
Abstract
A code for accessing an online resource having a customer account associated therewith is presented via a secondary device, and authentication data indicative of the code that was presented is received from a primary device. The primary device is identified as a trusted device associated with the customer account responsive to receiving the authentication data therefrom, and the secondary device is authenticated for access to the online resource responsive to identification of the primary device as the trusted device associated with the customer account.
265 Citations
32 Claims
-
1. A computer-implemented method of authenticating a customer using a trusted device, the method comprising:
- registering a mobile device as a trusted device associated with a customer account for an online resource;
detecting an attempt to access the online resource by an electronic device different from the trusted device;
providing a graphical code for display by the electronic device responsive to detecting the attempt, the graphical code including a security token therein;
receiving authentication data from the mobile device, the authentication data indicating that the graphical code was captured by the mobile device;
identifying the mobile device as the trusted device associated with the customer account responsive to receiving the authentication data from the mobile device and based on the registering the mobile device as a trusted device;
marking the security token included in the graphical code as authenticated responsive to identifying the mobile device as the trusted device associated with the customer account;
detecting authentication of the security token displayed by the electronic device; and
automatically signing-in the electronic device to the customer account for the online resource responsive to detecting the authentication of the security token and without receiving a username or password associated with the customer account therefrom, wherein at least one of the registering, detecting the attempt to access, providing, receiving, identifying, marking, detecting the authentication, and automatically signing-in is performed using at least one hardware processor. - View Dependent Claims (2, 3, 4)
- registering a mobile device as a trusted device associated with a customer account for an online resource;
-
5. A computer-implemented method of authenticating a customer, the method comprising:
- presenting, via a secondary device, a code for accessing an online resource having a customer account associated therewith;
receiving, from a primary device, authentication data indicative of the code that was presented via the secondary device, wherein the code is captured by the primary device from a display of the secondary device;
identifying the primary device as a trusted device associated with the customer account responsive to receiving the authentication data from the Mobil device; and
authenticating the secondary device for access to the online resource responsive to identifying the primary device as the trusted device associated with the customer account, wherein at least one of the presenting, receiving, identifying, and authenticating is performed using at least one hardware processor. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- presenting, via a secondary device, a code for accessing an online resource having a customer account associated therewith;
-
19. A server for authenticating a customer, the server comprising:
-
a code generator configured to provide a code for accessing an online resource having a customer account associated therewith; a transceiver configured to transmit the code for presentation by a secondary device responsive to detecting an attempt to access the online resource by the secondary device, and to receive authentication data from a primary device responsive to transmitting the code, wherein the authentication data indicates that the code presented by the secondary device was recorded by the primary device; and an authentication module configured to access a customer account store to identify the primary device as a trusted device associated with the customer account responsive to receiving the authentication data from the primary device, and to authenticate the secondary device for access to the online resource responsive to identifying the primary device as the trusted device. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A computer program product for authenticating a customer, the computer program product comprising a non-transitory computer-readable storage medium having computer-readable program code therein that, when executed by a processor, is configured to:
-
register a mobile device including the processor therein as a trusted device associated with a customer account for an online resource; record a code for accessing the online resource, wherein the code is presented by an electronic device different than the mobile device; and transmit authentication data indicative of the code that was presented by the electronic device to an authentication server, the authentication data indicating that the code was recorded by the trusted device to authenticate the electronic device for access to the online resource. - View Dependent Claims (30, 31, 32)
-
Specification