Two-factor authentication systems and methods
First Claim
1. A method, comprising:
- sending, by authorization server, a first permission request to a mobile device associated with a user, wherein the permission request is to perform an action, and wherein the mobile device includes a memory having stored thereon instructions that are capable of causing the mobile device to display a message that permits a user to select whether to automate a response for future permission requests for the same action if at least one automation criterion is satisfied;
subsequently sending, by the authorization server, a second permission request to the mobile device to perform the same action; and
receiving, at the authorization server, a response to the second permission request that is automatically generated by the mobile device based on user input received at the mobile device in response to the message.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for authenticating defined user actions over a computer network. An authentication service receives an authentication request from an authenticating service to perform an action on behalf of a user. The authentication service then sends a permission request to a mobile device associated with the user, asking the user whether or not the action should be allowed. The user sends a permission response via the mobile device to the authentication service, granting or denying the action. The user may automate future similar responses so long as at least one automation criterion is met (e.g., the physical location of the mobile device), eliminating the need to manually provide a response to future permission requests. Information necessary to determine whether the automation criterion is met is stored locally on the mobile device.
-
Citations
21 Claims
-
1. A method, comprising:
-
sending, by authorization server, a first permission request to a mobile device associated with a user, wherein the permission request is to perform an action, and wherein the mobile device includes a memory having stored thereon instructions that are capable of causing the mobile device to display a message that permits a user to select whether to automate a response for future permission requests for the same action if at least one automation criterion is satisfied; subsequently sending, by the authorization server, a second permission request to the mobile device to perform the same action; and receiving, at the authorization server, a response to the second permission request that is automatically generated by the mobile device based on user input received at the mobile device in response to the message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer-readable medium having computer instructions stored thereon that are capable of causing a mobile device to perform operations comprising:
-
receiving a first permission request to perform an action from an authorization server; causing display of a message that permits a user to select whether to automate a response for future permission requests for the same action if at least one automation criterion is satisfied; receiving first user input responsive to the message; after receiving the first user input, receiving a second permission request from the authorization server to perform the same action; determining that the at least one automation criterion is met for the second permission request; and in response to the determining, automatically responding to the second permission request based on the first user input without requesting additional user input indicating whether to grant or deny the second permission request. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method, comprising:
-
a mobile device receiving, from an authorization server, a permission request to perform an action; the mobile device causing display of a message that permits a user to select whether to automate a response for future permission requests for the same action if at least one automation criterion is satisfied; the mobile device receiving first user input responsive to the message; the mobile device, after receiving the first user input, receiving a second permission request from the authorization server to perform the same action; the mobile device determining that the at least one automation criterion is met for the second permission request; and in response to the determining, the mobile device automatically responding to the second permission request based on the first user input without requesting user input indicating whether to grant or deny the second permission request. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A mobile device, comprising:
-
at least one antenna; one or more processing elements coupled to the at least one antenna; one or more memories having program instructions stored thereon that are capable of causing the mobile device to; receive, from an authorization server, a permission request to perform an action; display an option to select an automated response for future permission requests for the same action, based on at least one automation criterion; receive user input selecting an automated response; receive a subsequent permission request to perform an action for the user; determine that the at least one automation criterion is met for the subsequent permission request; and in response to the determining, automatically respond to the subsequent permission request, without receiving user input indicating to grant or deny the subsequent permission request.
-
Specification