Systems and methods for authenticating mobile device communications
First Claim
1. A computer-implemented method for authenticating communications, the method comprising:
- receiving, by a service manager computer comprising one or more processors, a first information from one or more service providers associated with the mobile device;
receiving, by the service manager computer, a second information from one or more mobile network operators associated with the mobile device;
generating, by the service manager computer, customized information associated with the mobile device based at least in part on the received first information and the received second information;
receiving, by the service manager computer, a message communicated from a service provider server associated with the one or more service providers to a mobile device;
receiving, by the service manager computer, from the mobile device, an identifier of a secure element included in a memory of the mobile device;
generating, by the service manager computer, a shared secret between the service provider server and the mobile device based at least in part on the received identifier and the customized information;
generating, based upon the shared secret between the service provider server and the mobile device, a payload authentication code (PAC);
associating the generated PAC with a payload for the message; and
communicating the message and the generated PAC to the mobile device, wherein the mobile device is configured to utilize the shared secret to verify the PAC and authenticate the message.
5 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the invention provide systems and methods for authenticating mobile device communications. A mobile device to which a message will be communicated may be identified. Based upon a shared secret between a service provider and the mobile device, a payload authentication code (“PAC”) may be generated, and the generated PAC may be associated with a payload for the message. The message and the generated PAC may then be communicated to the mobile device, and the mobile device may be configured to utilize the shared secret to verify the PAC and authenticate the message. In certain embodiments, the operations of the method may be performed by one or more computers associated with the service provider.
147 Citations
21 Claims
-
1. A computer-implemented method for authenticating communications, the method comprising:
-
receiving, by a service manager computer comprising one or more processors, a first information from one or more service providers associated with the mobile device; receiving, by the service manager computer, a second information from one or more mobile network operators associated with the mobile device; generating, by the service manager computer, customized information associated with the mobile device based at least in part on the received first information and the received second information; receiving, by the service manager computer, a message communicated from a service provider server associated with the one or more service providers to a mobile device; receiving, by the service manager computer, from the mobile device, an identifier of a secure element included in a memory of the mobile device; generating, by the service manager computer, a shared secret between the service provider server and the mobile device based at least in part on the received identifier and the customized information; generating, based upon the shared secret between the service provider server and the mobile device, a payload authentication code (PAC); associating the generated PAC with a payload for the message; and communicating the message and the generated PAC to the mobile device, wherein the mobile device is configured to utilize the shared secret to verify the PAC and authenticate the message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 21)
-
-
8. A system for authenticating communications, the system comprising:
-
at least one memory configured to store computer-executable instructions; and at least one processor configured to access the at least one memory and execute the computer-executable instructions to; receive a first information from one or more service providers associated with a mobile device; receive a second information from one or more mobile network operators associated with the mobile device; generate customized information associated with the mobile device based at least in part on the received first information and the received second information; receive a message communicated from a service provider server associated with the one or more service providers to the mobile device; receive from the mobile device, an identifier of a secure element included in a memory of the mobile device; generate a shared secret between the service provider server and the mobile device based at least in part on the received identifier and the customized information; generate, based upon the shared secret between the service provider server and the mobile device, a payload authentication code (PAC); associate the generated PAC with a payload for the message; and direct communication of the message and the generated PAC to the mobile device, wherein the mobile device is configured to utilize the shared secret to verify the PAC and authenticate the message. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-implemented method for authenticating communications, the method comprising:
-
receiving, by a mobile device comprising one or more computer processors, a message output by a service provider server associated with one or more service providers, wherein the one or more service providers are associated with the mobile device; sending, by the mobile device, to the service provider server an identifier of a secure element included in a memory of the mobile device; identifying, by the mobile device based upon an analysis of the received message, a payload authentication code (PAC) generated by a service manager computer based on a shared secret between the service provider server and the mobile device, wherein the shared secret is based at least in part on the identifier and on customized information associated with a first information from the one or more service providers and a second information from one or more mobile network operators, wherein the one or more mobile network operators are associated with the mobile device; verifying, by the mobile device based at least in part upon the shared secret between the mobile device and the service provider server, the PAC; and authenticating, by the mobile device based at least in part upon the verification, a payload of the received message. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification