Multi-factor authentication using a unique identification header (UIDH)
First Claim
1. A method, comprising:
- receiving, by a first server device and from a user device, information associated with a request to receive a service from a second server device, the information including a unique identifier,the unique identifier being generated by encoding an identifier, received from the user device and associated with the user device, using a key;
extracting, by the first server device, the unique identifier from the information associated with the request;
retrieving, from a memory associated with the first server device, the identifier, associated with the user device, that corresponds to the unique identifier;
performing, by the first server device, a first authentication operation to determine whether the identifier is trusted;
determining, by the first server device, that the identifier is trusted based on performing the first authentication operation;
determining, by the first server device and based on determining that the identifier is trusted, that the user device is a particular type of user device via which one or more other user devices, associated with two or more users, communicate;
determining, by the first server device, to perform a second authentication operation to authenticate a user, of the user device, based on determining that the user device is the particular type of user device;
transmitting, by the first server device, a request for user information to authenticate the user, based on determining to perform the second authentication operation;
receiving, by the first server device, a response to the request for user information;
determining, by the first server device, that the user is authenticated based on the response; and
transmitting, by the first server device and to the second server device, a notification that indicates that the user is authenticated based on determining that the user is authenticated,the second server device providing the service to the user device based on the notification.
1 Assignment
0 Petitions
Accused Products
Abstract
A system is configured to receive, from a user device, information associated with a request to receive a service from a server device, the information including a unique identifier, an identifier, associated with a user of the user device, being encoded with a key to obtain the unique identifier. The system may also be configured to extract the unique identifier from the information; retrieve, from a memory, the identifier, associated with the user, that corresponds to the unique identifier; obtain an indication whether the identifier, associated with the user, is trusted; perform one or more additional authentication operations on the user when the identifier, associated with the user, is trusted; and transmit, to the server device, a notification that indicates that the user is authenticated when the one or more additional authentication operations indicate that the user device is authenticated.
-
Citations
20 Claims
-
1. A method, comprising:
-
receiving, by a first server device and from a user device, information associated with a request to receive a service from a second server device, the information including a unique identifier, the unique identifier being generated by encoding an identifier, received from the user device and associated with the user device, using a key; extracting, by the first server device, the unique identifier from the information associated with the request; retrieving, from a memory associated with the first server device, the identifier, associated with the user device, that corresponds to the unique identifier; performing, by the first server device, a first authentication operation to determine whether the identifier is trusted; determining, by the first server device, that the identifier is trusted based on performing the first authentication operation; determining, by the first server device and based on determining that the identifier is trusted, that the user device is a particular type of user device via which one or more other user devices, associated with two or more users, communicate; determining, by the first server device, to perform a second authentication operation to authenticate a user, of the user device, based on determining that the user device is the particular type of user device; transmitting, by the first server device, a request for user information to authenticate the user, based on determining to perform the second authentication operation; receiving, by the first server device, a response to the request for user information; determining, by the first server device, that the user is authenticated based on the response; and transmitting, by the first server device and to the second server device, a notification that indicates that the user is authenticated based on determining that the user is authenticated, the second server device providing the service to the user device based on the notification. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A device comprising:
-
a memory to store a list of identifiers associated with a plurality of user devices and a list of encoded identifiers that corresponds to the list of identifiers, each encoded identifier, of the list of encoded identifiers, corresponding to a different one of the list of identifiers; and one or more processors to; receive, from a user device, information associated with a request to access a server device; identify a first encoded identifier based on the information associated with the request; identify a second encoded identifier, of the list of encoded identifiers, that matches the first encoded identifier; determine an identifier, of the list of identifiers, that corresponds to the second encoded identifier; perform a first authentication operation to determine whether the identifier is trusted; determine that the identifier is trusted based on performing the first authentication operation; determine, based on determining that the identifier is trusted, that the user device is a type of user device via which one or more other user devices, associated with two or more users, communicate; determine to perform a second authentication operation to authenticate a user, of the user device, based on determining that the user device is the type of user device via which the one or more other user devices, associated with the two or more users, communicate; transmit, to the user device, a request for first information, associated with the user, based on determining to perform the second authentication operation; receive, from the user device, the first information, the first information being provided by the user, via the user device, based on the request for the first information; determine whether the first information matches stored second information, associated with the user, that corresponds to the identifier, the second information being stored prior to receiving the request to access the server device; and selectively perform a first action or a second action based on determining whether the first information matches the second information, the first action including transmitting, to the server device, a notification indicating that the user is authenticated when the first information matches the second information, and the second action including transmitting, to the server device, a notification indicating that the user is not authenticated when the first information does not match the second information. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable medium storing instructions, the instructions comprising:
one or more instructions that, when executed by at least one processor, cause the at least one processor to; receive, from a user device, information associated with a request to access a server device, the request including an encoded identifier, the encoded identifier being generated by encoding an identifier, associated with the user device, using a key; obtain the identifier using the encoded identifier; perform a first authentication operation to determine whether the obtained identifier is trusted; determine that the obtained identifier is trusted based on performing the first authentication operation; determine, after determining that the obtained identifier is trusted, that the user device is a type of user device via which one or more other user devices, associated with two or more users, communicate; determine to perform a second authentication operation to authenticate a user, of the user device, based on determining that the user device is the type of user device via which the one or more other user devices communicate; provide, to the user device, a request for first information, associated with the user, based on determining to perform the second authentication operation; receive, from the user device, second information associated with the user; and transmit a notification that indicates whether the user is authenticated, the notification indicating that the user is authenticated when the first information matches the second information, or the notification indicating that the user is not authenticated when the first information does not match the second information. - View Dependent Claims (15, 16, 17, 18, 19, 20)
Specification