Online account access control by mobile device
First Claim
1. A method for controlling access to an online account, the method comprising:
- receiving an access control message from a mobile device-that includes a request to disable login access to an online account, wherein the online account is associated with login information comprising a password and identification information associated with the online account;
establishing, in response to receiving the access control message, a short message service communication session with the mobile device;
receiving, via the short message service communication session, identifying information associated with the mobile device, the identifying information including at least one of a Mobile Subscriber Integrated Services Digital Network (MSISDN) number, an International Mobile Subscriber Identity (IMSI), and an International Mobile Station Equipment Identifier (IMEI);
identifying the online account based at least in part on the identifying information associated with the mobile device, wherein the identifying the online account includes comparing an identifier of the mobile device to a plurality of stored identifiers;
sending a user verification query message to the mobile device via the short message service communication session;
receiving a user verification response message from the mobile device via the short message service communication session, wherein the user verification response message includes verification information that is different from the login information for the online account;
verifying the user verification response message, wherein the verifying includes comparing the verification information to stored information; and
if the user verification response message is verified, disabling login access to the online account, such that the online account is prevented from being accessed even when the login information for the online account is correctly entered.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods for controlling access to an online account are described. An access control message including an action to be performed on an online account can be sent from a mobile device to a server. A user verification query message can be sent to the mobile device. A user verification response message can be received from the mobile device. The user verification response message can include verification information that is different from login information for the online account. The user verification response message can be verified by comparing the verification information to stored information. If the user verification response message is successfully verified, the action indicated in the access control message can be performed on the online account.
84 Citations
17 Claims
-
1. A method for controlling access to an online account, the method comprising:
-
receiving an access control message from a mobile device-that includes a request to disable login access to an online account, wherein the online account is associated with login information comprising a password and identification information associated with the online account; establishing, in response to receiving the access control message, a short message service communication session with the mobile device; receiving, via the short message service communication session, identifying information associated with the mobile device, the identifying information including at least one of a Mobile Subscriber Integrated Services Digital Network (MSISDN) number, an International Mobile Subscriber Identity (IMSI), and an International Mobile Station Equipment Identifier (IMEI); identifying the online account based at least in part on the identifying information associated with the mobile device, wherein the identifying the online account includes comparing an identifier of the mobile device to a plurality of stored identifiers; sending a user verification query message to the mobile device via the short message service communication session; receiving a user verification response message from the mobile device via the short message service communication session, wherein the user verification response message includes verification information that is different from the login information for the online account; verifying the user verification response message, wherein the verifying includes comparing the verification information to stored information; and if the user verification response message is verified, disabling login access to the online account, such that the online account is prevented from being accessed even when the login information for the online account is correctly entered. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A mobile device, comprising:
-
a processor; and a non-transitory computer readable medium coupled to the processor, wherein the computer readable medium includes code executable by the processor, the code operative to; establish, by transmitting an access control message to a server, a short message service communication session with the server, wherein the access control message includes an action to be performed on an online account, wherein the online account in accessed using login information, wherein the action is disabling login access to the online account via the login information, wherein the login information includes a password and identification information associated with the online account, wherein the access control message includes a device identifier that may be used by the server to identify the mobile device, and wherein the identity of the mobile device may be used by the server to identify the online account, the device identifier including at least one of a Mobile Subscriber Integrated Services Digital Network (MSISDN) number, an International Mobile Subscriber Identity (IMSI), and an International Mobile Station Equipment Identifier (IMEI); receive, via the short message service communication session, a user verification query message from the server; and send, via the short message service communication session, a user verification response message to the server, wherein the user verification response message includes verification information that is different from the login information for the online account; wherein if the user verification response message is verified by the server, the login access to the online account via the login information is disabled. - View Dependent Claims (9, 10, 11)
-
-
12. A system for controlling access to an online account, the system comprising:
-
a processor; and a non-transitory computer readable medium coupled to the processor, wherein the computer readable medium includes code executable by the processor, the code operative to; receive an access control message from a mobile device, wherein the access control message includes an action to be performed on an online account, wherein the online account is accessed using login information, wherein the login information includes a password and identification information associated with the online account; establish, in response to receiving the access control message, a short message service communication session with the mobile device; receive, via the short message service communication session, identifying information associated with the mobile device, the identifying information including at least one of a Mobile Subscriber Integrated Services Digital Network (MSISDN) number, an International Mobile Subscriber Identity (IMSI), and an International Mobile Station Equipment Identifier (IMEI); determine the online account based at least in part on the identifying information associated with the mobile device, wherein determining the online account comprises comparing the identifying information associated with the mobile device to stored mobile device identifiers; send, via the short message service communication session, a user verification query message to the mobile device; receive, via the short message service communication session, a user verification response message from the mobile device, wherein the user verification response message includes verification information that is different from the login information for the online account; verify the user verification response message, wherein the verifying includes comparing the verification information to stored information; and if the user verification response message is verified, disabling login access to the online account via the login information. - View Dependent Claims (13, 14, 15, 16, 17)
-
Specification