Extended security for wireless device handset authentication

US 9,323,915 B2
Filed: 12/08/2010
Issued: 04/26/2016
Est. Priority Date: 12/08/2010
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving login information from an agent on a computing device;

determining from the login information that a valid account exists and is related to a mobile device;

performing a proximity check between the mobile device and the computing device after the valid account is determined, the proximity check including;

sending a message with user instructions to the mobile device via a first network, andreceiving a reply including a correct answer based on the user instructions of the message via a second network, the correct answer being different than the user instructions; and

providing authorization to the agent to approve an exchange of data with an application on the computing device when the mobile device is determined by the proximity check as proximate to the computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile device is related to a user account. An agent implemented as processor instructions on a computing device sends login information to a service provider server. The service provider server compares the login information to the user account, performs a proximity check of the mobile device and the computing device, and sends authorization to the agent to approve an exchange of data with an application on the computing device. In some implementations the service provider may be an authorization service provider. Alternatively the service provider may be a wireless communications service provider and the mobile device is a cellular phone. In some implementations the mobile device is one of a card or a key fob that may include a biometric reader.

Citations

17 Claims

1. A method, comprising:
- receiving login information from an agent on a computing device;
  
  determining from the login information that a valid account exists and is related to a mobile device;
  
  performing a proximity check between the mobile device and the computing device after the valid account is determined, the proximity check including;
  
  sending a message with user instructions to the mobile device via a first network, andreceiving a reply including a correct answer based on the user instructions of the message via a second network, the correct answer being different than the user instructions; and
  
  providing authorization to the agent to approve an exchange of data with an application on the computing device when the mobile device is determined by the proximity check as proximate to the computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the mobile device is determined as proximate to the computing device when the reply including the correct answer to a challenge question of the message presented by the mobile device is received.
  - 3. The method of claim 1, wherein the first network is a cellular communications network, andwherein the cellular communications network is not utilized by the computing device and mobile device to communicate.
  - 4. The method of claim 1, wherein the first network is a wireless network over which a service provider provides a communication service to the mobile device using a cellular communication protocol, wherein the mobile device is a cellular phone.
  - 5. The method of claim 1, wherein the proximity check includes:
    - encoding a challenge question using a Walsh code and a pseudo-random noise (PN) long code;
      
      sending the message to the mobile device by providing the encoded challenge question to the mobile device via the first network;
      
      receiving the reply via the second network from the computing device as submitted in response to the encoded challenge question;
      
      verifying that the reply was a correct response to the encoded challenge question; and
      
      determining that the mobile device is proximate to the computing device when the reply is the correct response.
  - 6. The method of claim 4, wherein the proximity check includes:
    - encrypting a request for a token listed in the valid account;
      
      providing the request in the message to the mobile device;
      
      receiving from the agent a reply message in the reply including a token relayed by the agent from the mobile device, wherein the reply message is responding to the request for the token listed in the valid account;
      
      verifying that the token relayed by the agent matches the token listed in the valid account; and
      
      determining that the mobile device is proximate to the computing device when the token relayed by the agent matches the token listed in the valid account.
  - 7. The method of claim 6, further comprising:
    - encrypting the request for the token listed in the valid account using a Walsh code and a pseudo-random noise (PN) long code.

8. A method, comprising:
- receiving by an agent implemented as processor instructions on a computing device login information related to an account;
  
  sending by the agent the login information over a packet-switched network to a provider of authorization services;
  
  receiving by the agent a response from the authorization service provider requesting a proximity check of a mobile device related to the account, wherein the response includes a message with user instructions;
  
  performing by the agent a proximity check between the mobile device and the computing device after receiving the response, the proximity check including;
  
  routing the message with the user instructions to the mobile device via a short range network, andreceiving a reply including a correct answer based on the user instructions of the message from the mobile device via the short range network or from the computing device, the correct answer being different than the user instructions;
  
  sending by the agent a notice to the authorization service provider indicating proximity of the mobile device based on the proximity check; and
  
  receiving by the agent authorization from the authorization service provider to approve information exchange with an application.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The method of claim 8, wherein the message includes a challenge question for presentation by the mobile device,wherein the message includes a challenge question that is encrypted using a Walsh code and a pseudo-random noise (PN) long code, and further comprising:
    - causing the mobile device to present the challenge question,receiving the reply from the mobile device submitted in response to the presented challenge question, wherein the reply is encrypted using the Walsh code and the PN long code.
  - 10. The method of claim 8, wherein the short range network utilizes a high frequency, low energy communication protocol.
  - 11. The method of claim 8, further comprising:
    - causing a user interface of the mobile device to present a challenge question;
      
      receiving the reply from the user interface of the mobile device, wherein the reply includes the correct answer to the challenge question; and
      
      sending the reply to the authorization service provider.
  - 12. The method of claim 8, wherein the message includes a request for a token listed in the account, and further comprising:
    - sending the message to the mobile device by sending to the mobile device the request for the token listed in the account;
      
      receiving from the mobile device a reply message in the reply in response to the request message, the reply message including a token of the mobile device; and
      
      sending the reply message to the authorization service provider to verify that the token of the mobile device included in the reply message matches a token listed in the account.
  - 13. The method of claim 8, wherein the short range network utilizes a high frequency, low energy communication protocol.

14. A system, comprising:
- a mobile device related to a user account;
  
  a service provider server; and
  
  an agent implemented as processor instructions on a computing device;
  
  wherein the agent is configured to send login information to the service provider server, and wherein the service provider server is configured to;
  
  compare the login information to the user account to verify the mobile device, perform a proximity check that includes sending a message with user instructions to the mobile device via a first network,receiving a reply including a correct answer based on the user instructions of the message via a second network, the correct answer being different than the user instructions, andsend authorization to the agent to approve an exchange of data with an application on the computing device when the mobile device is determined by the proximity check as proximate to the computing device.
- View Dependent Claims (15, 16, 17)
- - 15. The system of claim 14, wherein the service provider is a wireless communications service provider and the mobile device is a cellular phone.
  - 16. The system of claim 14, wherein the service provider is an authorization service provider,wherein the mobile device is a cellular phone, andwherein the authorization service provider communicates with a wireless communications provider to verify an account related to the user and the mobile device.
  - 17. The system of claim 14, wherein the mobile device is one of a card or a keyfob, and wherein the mobile device includes a biometric reader.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Inventors
Perez, John Scott
Primary Examiner(s)
Chao, Michael
Assistant Examiner(s)
Gao, Shu Chun

Application Number

US12/963,221
Publication Number

US 20120151210A1
Time in Patent Office

1,966 Days
Field of Search

713/155, 713/168, 713/182, 713184-186, 726/26, 726/27, 726/28, 726/29, 380/270
US Class Current

1/1
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 21/41   where a single sign-on prov...

G06F 21/43   wireless channels

H04L 2209/80   Wireless

H04L 63/0853   using an additional device,...

H04L 63/107   wherein the security polici...

H04L 9/3231   Biological data, e.g. finge...

H04L 9/3234   involving additional secure...

H04L 9/3271   using challenge-response

H04W 12/062   Pre-authentication

Extended security for wireless device handset authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Extended security for wireless device handset authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links