Mobile security fob
First Claim
Patent Images
1. A computer-implemented method comprising:
- causing, by one or more computer servers, initiation of a pairing process that occurs directly between a client computing system and a mobile security fob that is associated with a device identifier that uniquely identifies the mobile security fob;
receiving, from the client computing system by the one or more computer servers, a request to perform an action on the one or more computer servers, with the request comprising information identifying a user associated with the client computing system;
retrieving by the one or more computer servers a user profile of the user of the client computing system, with the user profile including the device identifier assigned to the mobile security fob that uniquely identifies the mobile security fob;
generating, by the one or more computer servers, an encrypted authentication token to authenticate that the user is authorized to perform the action;
causing by the one or more computer servers the authentication token to be transmitted, via the client computing system, to the mobile security fob that is already paired with the client computing system;
receiving, by the one or more computer servers, the encrypted authentication token and the device identifier;
determining by the one or more computer servers whether the mobile security fob paired with the client computing system sent the device identifier; and
performing, by the one or more computer servers, authentication when there are matches between the authentication token and the device identifierauthenticating by the one or more servers by using the device identifier to identify an association between the device identifier and a key;
decrypting the encrypted authentication token associated with device identifier using the key to produce a decrypted version of authentication token.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer-implemented method comprising: receiving, from a primary factor authentication device by one or more computer systems, a request to enroll a mobile device as a secondary factor authentication device; and
- enrolling by the one or more computer systems the mobile device as a first, secondary factor authentication device.
-
Citations
19 Claims
-
1. A computer-implemented method comprising:
-
causing, by one or more computer servers, initiation of a pairing process that occurs directly between a client computing system and a mobile security fob that is associated with a device identifier that uniquely identifies the mobile security fob; receiving, from the client computing system by the one or more computer servers, a request to perform an action on the one or more computer servers, with the request comprising information identifying a user associated with the client computing system; retrieving by the one or more computer servers a user profile of the user of the client computing system, with the user profile including the device identifier assigned to the mobile security fob that uniquely identifies the mobile security fob; generating, by the one or more computer servers, an encrypted authentication token to authenticate that the user is authorized to perform the action; causing by the one or more computer servers the authentication token to be transmitted, via the client computing system, to the mobile security fob that is already paired with the client computing system; receiving, by the one or more computer servers, the encrypted authentication token and the device identifier; determining by the one or more computer servers whether the mobile security fob paired with the client computing system sent the device identifier; and performing, by the one or more computer servers, authentication when there are matches between the authentication token and the device identifier authenticating by the one or more servers by using the device identifier to identify an association between the device identifier and a key; decrypting the encrypted authentication token associated with device identifier using the key to produce a decrypted version of authentication token. - View Dependent Claims (2, 3, 4, 5, 6, 7, 19)
-
-
8. A computer program product tangibly stored on a computer readable storage device, the computer program product comprising instructions for causing one or more computer servers to:
-
cause transmission of a paring instruction to initiate a pairing process that occurs directly between a client computing system and a mobile security fob that is associated with a device identifier that uniquely identifies the mobile security fob; receive, from the client computing system, a request to perform an action on the one or more computer servers, with the request comprising information identifying a user associated with the client computing system; retrieve a user profile of the user of the client computing system, with the user profile including the device identifier assigned to the mobile security fob that uniquely identifies the mobile security fob; generate a encrypted authentication token to authenticate that the user is authorized to perform the action; cause the authentication token to be transmitted, via the client computing system, to the mobile security fob that is already paired with the client computing system; receive the authentication token and the device identifier; determine whether the mobile security fob paired with the client computing system sent the device identifier perform authentication when there are matches between the authentication token and the device identifier; authenticate using the device identifier to identify an association between the device identifier and a key; decrypt the authentication token associated with device identifier using the key to produce a decrypted version of authentication token. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. An apparatus comprising:
one or more server computers in communication, each server comprising; a processor; memory, coupled to the processor;
with the one or more server computers configured tocause a pairing instruction to be sent to a client device to cause a direct pairing between the client computing system and a mobile security fob that is associated with a device identifier that uniquely identifies the mobile security fob; receive, from the client computing system, a request to perform an action on the one or more computer servers, with the request comprising information identifying a user associated with the client computing system; retrieve a user profile of the user of the client computing system, with the user profile including the device identifier assigned to the mobile security fob that uniquely identifies the mobile security fob; generate an encrypted authentication token to authenticate that the user is authorized to perform the action; cause the authentication token to be transmitted, via the client computing system, to the mobile security fob that is already paired with the client computing system; receive the authentication token and the device identifier; determine whether the mobile security fob paired with the client computing system sent the device identifier; perform authentication when there are matches between the authentication token and the device identifier;
authenticate using the device identifier to identify an association between the device identifier and a key;
decrypt an encrypted version of the authentication token associated with device identifier using the key to produce a decrypted version of authentication token.- View Dependent Claims (15, 16, 17, 18)
Specification