Remote authentication method with single sign on credentials

US 9,258,294 B2
Filed: 12/31/2013
Issued: 02/09/2016
Est. Priority Date: 12/31/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

transmitting a request for an identification code from an application at a user device to a wireless service provider, the request provided through an encrypted transport protocol via an IP type packet data network;

receiving the identification code at the user device in a messaging service message from the wireless service provider;

securely routing the received identification code to the requesting application at the user device;

upon receipt of the identification code at the application, retrieving an authentication token for the application at the user device through the encrypted transport protocol; and

providing the authentication token from the user device to an application content server to allow content transfer between the application content server and the application.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for remote authentication using Single Sign-On (SSO) credentials are disclosed. An implementation includes transmitting a request for an identification code from an application to a wireless service provider, the request provided through an encrypted transport protocol, receiving the identification code as a messaging service message from the wireless service provider, securely routing the received identification code to the requesting application, upon receipt of the identification code at the application, retrieving an authentication token for the application through the encrypted transport protocol and providing the authentication token to an application content server to allow content transfer between the application content server and the application.

22 Citations

View as Search Results

20 Claims

1. A method comprising:
- transmitting a request for an identification code from an application at a user device to a wireless service provider, the request provided through an encrypted transport protocol via an IP type packet data network;
  
  receiving the identification code at the user device in a messaging service message from the wireless service provider;
  
  securely routing the received identification code to the requesting application at the user device;
  
  upon receipt of the identification code at the application, retrieving an authentication token for the application at the user device through the encrypted transport protocol; and
  
  providing the authentication token from the user device to an application content server to allow content transfer between the application content server and the application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the application content server is configured to provide the authentication token to the wireless service provider to validate the application prior to the content transfer.
  - 3. The method of claim 1, wherein securely routing the received identification code to the requesting application includes preventing other applications from accessing the identification code during the routing to the requesting application.
  - 4. The method of claim 1, wherein the requesting and the retrieving is performed through a single sign-on (SSO) dynamic-link library (DLL).
  - 5. The method of claim 1, whereinthe request for the identification code is provided via Hyper Text Transfer Protocol-Secure (HTTPS);
    - andreceiving the identification code includes receiving the identification code in an SMS message from the wireless service provider.
  - 6. The method of claim 1, wherein the identification code is received at a modem of a mobile device.
  - 7. The method of claim 1, wherein the request for the identification code is provided to a subscriber profile controller of the wireless service provider.
  - 8. The method of claim 1, further comprising:
    - storing the received authentication token in a memory of a modem of a mobile device; and
      
      encrypting the stored identification token with a private key, wherein the private key is further encrypted with a public key.
  - 9. The method of claim 8, further comprising:
    - decrypting the encrypted private key; and
      
      decrypting the encrypted stored authentication token with the decrypted private key prior to providing the decrypted authentication token to an application content server.

10. A mobile device, comprising:
- a transceiver configured to enable communication of digital information via a mobile network;
  
  a processor coupled with the transceiver;
  
  a storage device accessible to the processor; and
  
  an executable program in the storage device, wherein execution of the program by the processor configures the mobile device to perform functions, including functions to;
  
  transmit a request for an identification code from an application at the mobiledevice to a wireless service provider, the request provided through an encrypted transport protocol via an IP type packet data network;
  
  receive the identification code at the mobile device in a messaging service message from the wireless service provider;
  
  securely route the received identification code to the requesting application at the mobile device;
  
  upon receipt of the identification code for the application at the mobile device, retrieve an authentication token for the application through the encrypted transport protocol; and
  
  provide the authentication token to an application content server to allow content transfer between the application content server and the application at the mobile device.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The mobile device of claim 10, wherein the application content server is configured to provide the authentication token to the wireless service provider to validate the application prior to the content transfer.
  - 12. The mobile device of claim 10, wherein securely routing the received identification code to the requesting application includes functions to:
    - prevent other applications from accessing the identification code during the routing to the requesting application.
  - 13. The mobile device of claim 10, wherein the request and the retrieval is performed through a single sign-on (SSO) dynamic-link library (DLL).
  - 14. The mobile device of claim 10, wherein execution of the program by the processor configures the mobile device to perform functions, including functions to:
    - transmit the request for the identification code via Hyper Text Transfer Protocol-Secure (HTTPS); and
      
      receive the identification code in an SMS message from the wireless service provider.
  - 15. The mobile device of claim 10, wherein the identification code is received at a modem included in the mobile device.
  - 16. The mobile device of claim 10, wherein the request for the identification code is provided to a subscriber profile controller of the wireless service provider.
  - 17. The mobile device of claim 10, wherein execution of the program by the processor configures the mobile device to perform functions, including functions to:
    - store the received the received authentication token in a memory of a cellular modem of a mobile device; and
      
      encrypt the stored identification token with a private key, wherein the private key is further encrypted with a public key.
  - 18. The mobile device of claim 17, wherein execution of the program by the processor configures the mobile device to perform functions, including functions to:
    - decrypt the encrypted private key; and
      
      decrypt the encrypted stored authentication token with the decrypted private key prior to providing the decrypted authentication token to the application content server.

19. A non-transitory computer-readable medium comprising instructions which, when executed by one or more computers, cause the one or more computers to:
- transmit a request for an identification code from an application at a user device to a wireless service provider, the request provided through an encrypted transport protocol via an IP type packet data network;
  
  receive the identification code at the user device in a messaging service message from the wireless service provider;
  
  securely route the received identification code to the requesting application at the user device;
  
  upon receipt of the identification code at the application, retrieve an authentication token for the application at the user device through the encrypted transport protocol; and
  
  provide the authentication token from the user device to an application content server to allow content transfer between the application content server and the application.
- View Dependent Claims (20)
- - 20. The computer-readable medium of claim 19, wherein the application content server is configured to provide the authentication token to the wireless service provider to validate the application prior to the content transfer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cellco Partnership, Inc. (Verizon Communications Inc.)
Original Assignee
Cellco Partnership, Inc. (Verizon Communications Inc.)
Inventors
Khalid, Mohammad Raheel, Rahman, Sm Masudur, Vaidya, Samir
Primary Examiner(s)
Hirl, Joseph P
Assistant Examiner(s)
GUNDRY, STEPHEN T

Application Number

US14/145,716
Publication Number

US 20150188907A1
Time in Patent Office

770 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/41   where a single sign-on prov...

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

Remote authentication method with single sign on credentials

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

22 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Remote authentication method with single sign on credentials

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links