Computer-implemented method for mobile authentication and corresponding computer system

US 9,253,180 B2
Filed: 12/12/2013
Issued: 02/02/2016
Est. Priority Date: 10/06/2011
Status: Active Grant

First Claim

Patent Images

1. A computerized method comprising:

receiving, at a computing device, a verification request to verify a login request to log into a user account associated with a service provider on another computing device;

receiving, by the computing device and from a personal-smart card that is separate from the computing device, authentication information configured for logging into the user account from the computing device;

receiving, by the computing device, a user verification for confirming logging into the user account; and

transmitting, by the computing device, the authentication information and the user verification to the service provider for logging the user account into the another computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment of the present invention a computerized method includes receiving at a personal-mobile device a first communication, which includes information for requesting user verification for logging into an account of a user, via a computing device. The account is with a service provided by an application server. The method includes starting a personal-authentication application on the personal-mobile device in response to receiving the first communication, and receiving in the personal-authentication application a user verification for confirming logging into the account. The method includes logging into the account via the computing device based on receipt of the user verification. Embodiments of the present invention provide enhanced security for logging into an account that a user may have with a service by providing that a personal-mobile device, such as a mobile telephone, which is personal to a user, is configured as a security token for login to the account.

8 Citations

20 Claims

1. A computerized method comprising:
- receiving, at a computing device, a verification request to verify a login request to log into a user account associated with a service provider on another computing device;
  
  receiving, by the computing device and from a personal-smart card that is separate from the computing device, authentication information configured for logging into the user account from the computing device;
  
  receiving, by the computing device, a user verification for confirming logging into the user account; and
  
  transmitting, by the computing device, the authentication information and the user verification to the service provider for logging the user account into the another computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The computerized method of claim 1, wherein receiving the authentication information comprises receiving, from the personal-smart card, a unique identifier for verifying the login request.
  - 3. The computerized method of claim 2, wherein the service provider is a personal-identity server configured to verify the user account as authentic when the unique identifier matches a stored credential in a personal-identity account of the personal-identity server.
  - 4. The computerized method of claim 3, wherein the personal-identity server is further configured to transmit to an application server a login credential for logging into the user account when the user account is verified as authentic.
  - 5. The computerized method of claim 4, wherein the login credential is a signed token.
  - 6. The computerized method of claim 2, wherein the verification request is received from the service provider through a messaging service server.
  - 7. The computerized method of claim 1, wherein the computing device and the personal-smart card are both under the exclusive control of a user associated with the user account.

8. A non-transitory computer readable storage medium storing one or more programs, the one or more programs comprising instructions for:
- receiving, at a computing device, a verification request to verify a login request to log into a user account associated with a service provider on another computing device;
  
  receiving, by the computing device and from a personal-smart card that is separate from the computing device, authentication information configured for logging into the user account from the computing device;
  
  receiving, by the computing device, a user verification for confirming logging into the user account; and
  
  transmitting, by the computing device, the authentication information and the user verification to the service provider for logging the user account into the another computing device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The non-transitory computer readable storage medium of claim 8, wherein receiving the authentication information comprises receiving, from the personal-smart card, a unique identifier for verifying the login request.
  - 10. The non-transitory computer readable storage medium of claim 9, wherein the service provider is a personal-identity server configured to verify the user account as authentic when the unique identifier matches a stored credential in a personal-identity account of the personal-identity server.
  - 11. The non-transitory computer readable storage medium of claim 10, wherein the personal-identity server is further configured to transmit to an application server a login credential for logging into the user account when the user account is verified as authentic.
  - 12. The non-transitory computer readable storage medium of claim 11, wherein the login credential is a signed token.
  - 13. The non-transitory computer readable storage medium of claim 8, wherein the verification request is received from the service provider through a messaging service server.
  - 14. The non-transitory computer readable storage medium of claim 8, wherein the computing device and the personal-smart card are both under the exclusive control of a user associated with the user account.

15. A computer implemented system, comprising:
- one or more computer processors; and
  
  a non-transitory computer-readable storage medium comprising instructions, that when executed, control the one or more computer processors to be configured for;
  
  receiving, at a computing device, a verification request to verify a login request to log into a user account associated with a service provider on another computing device;
  
  retrieving, by the computing device and from a smart-card that is separate from the computing device, authentication information configured for logging into the user account from the computing device;
  
  receiving, by the computing device, a user verification for confirming logging into the user account; and
  
  transmitting, by the computing device, the authentication and the user verification to the service provider for logging the user account into the another computing device.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer implemented system of claim 15, wherein the authentication information comprises receiving, from the personal-smart card, a unique identifier for verifying the login request and wherein the service provider is a personal-identity server configured to verify the user account as authentic when the unique identifier matches a stored credential in a personal-identity account of the personal-identity server.
  - 17. The computer implemented system of claim 16, wherein the personal-identity server is further configured to transmit to an application server a login credential for logging into the user account when the user account is verified as authentic.
  - 18. The computer implemented system of claim 17, wherein the login credential is a signed token.
  - 19. The computer implemented system of claim 15, wherein the verification request is received from the service provider through a messaging service server.
  - 20. The computer implemented system of claim 15, wherein the computing device and the personal-smart card are both under the exclusive control of a user associated with the user account.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAP SE
Original Assignee
SAP SE
Inventors
Thun, Philipp
Primary Examiner(s)
Dinh, Minh

Application Number

US14/105,042
Publication Number

US 20140123263A1
Time in Patent Office

782 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 21/42   using separate channels for...

G06F 21/43   wireless channels

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04W 12/068   using credential vaults, e....

Computer-implemented method for mobile authentication and corresponding computer system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

8 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Computer-implemented method for mobile authentication and corresponding computer system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

8 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links