System and method for integrating two-factor authentication in a device

US 9,338,156 B2
Filed: 02/24/2014
Issued: 05/10/2016
Est. Priority Date: 02/22/2013
Status: Active Grant

First Claim

Patent Images

1. A method for providing secondary-factor authentication with a third party application, the method comprising:

enrolling a device application instance of an account into a secondary-factor authentication service on behalf of a service provider comprising;

at server of the secondary-factor authentication service, receiving a secondary factor of authentication enrollment request of an account, the request received from the service provider,the secondary-factor authentication service transmitting an activation code to the service provider, andat a database of the secondary-factor authentication service, pairing the device application instance with the account in response to device application processing of the activation code;

receiving an authentication request identifying the account;

transmitting an authentication request to the device application instance paired with the account;

validating a response to the application request; and

transmitting an assessment to the service provider;

wherein the activation code is an activation universal resource identifier (URI); and

wherein pairing the device application instance with the account through the activation code comprises pairing the device application instance with the account in response to the device application instance accessing the activation URI.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for providing secondary-factor authentication with a third party application that can include enrolling a device application instance of an account into a secondary-factor authentication service on behalf of a service provider that includes at the secondary-factor authentication service, receiving a secondary factor of authentication enrollment request of an account, the request received from the service provider, transmitting an activation code, and pairing the device application instance with the account through the activation code; receiving an authentication request identifying the account; transmitting an authentication request to the device application instance paired with the account; validating a response to the application request; and transmitting an assessment to the service provider.

119 Citations

View as Search Results

9 Claims

1. A method for providing secondary-factor authentication with a third party application, the method comprising:
- enrolling a device application instance of an account into a secondary-factor authentication service on behalf of a service provider comprising;
  
  at server of the secondary-factor authentication service, receiving a secondary factor of authentication enrollment request of an account, the request received from the service provider,the secondary-factor authentication service transmitting an activation code to the service provider, andat a database of the secondary-factor authentication service, pairing the device application instance with the account in response to device application processing of the activation code;
  
  receiving an authentication request identifying the account;
  
  transmitting an authentication request to the device application instance paired with the account;
  
  validating a response to the application request; and
  
  transmitting an assessment to the service provider;
  
  wherein the activation code is an activation universal resource identifier (URI); and
  
  wherein pairing the device application instance with the account through the activation code comprises pairing the device application instance with the account in response to the device application instance accessing the activation URI.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising encoding the activation URI into a computer recognizable code and transmitting the computer recognizable code to the service provider.
  - 3. The method of claim 1, further comprising providing a secondary-factor authentication software development kit;
    - at the secondary-factor authentication software development kit, enrolling a coupled device application instance and processing an authentication request received from the secondary-factor authentication service.
  - 4. The method of claim 3, further comprising configuring the service provider with software development kit credentials;
    - and in the secondary-factor authentication software development kit, cryptographically securing the response to the authentication request.
  - 5. The method of claim 3, further comprising providing a background device application, wherein the secondary-factor authentication software development kit is configured to direct authentication request processing operations to the background device application, and at the background device application, validating the authentication request and transmitting the response to the secondary-authentication service.
  - 6. The method of claim 1, further comprising providing a secondary device application;
    - receiving the authentication request at the secondary application from the device application; and
      
      at the secondary device application, validating the authentication request, rendering an interface according to customization directives of the device application, transmitting the response to the secondary-authentication service, and redirecting application focus in a modular operating system to the device application.

7. A method for using an authentication service comprising:
- enrolling a device application instance of an account into an authentication service on behalf of a service provider, the method comprising;
  
  at a server of the service platform, receiving an activation code of an authentication enrollment request,facilitating transfer of the activation code to the device application instance, andat the device application instance, communicating to the authentication service by processing the activation code, wherein processing the activation code successfully pairs the device application instance with an account on the authentication service;
  
  at the service platform, completing a primary authentication of the account and transmitting an authentication request to a factor authentication service, wherein the authentication request identifies the account;
  
  at the device application instance, receiving the authentication request;
  
  at the device application instance, validating the authentication;
  
  at the device application instance, rendering an authentication interface and receiving a user selected response option;
  
  at the device application, transmitting a response to the authentication service according to the user selected response option;
  
  at the service platform, receiving an assessment of the service providers;
  
  wherein the activation code is an activation universal resource identifier (URI); and
  
  wherein communicating to the authentication service comprises communicating device addressing information to the activation URI.
- View Dependent Claims (8, 9)
- - 8. The method of claim 7, wherein at the device application, validating the authentication comprises validating the authentication request through a software development kit of the authentication service.
  - 9. The method of claim 7, wherein the activation URI is a computer recognizable code;
    - and further comprising at the device application, reading the computer recognizable code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Duo Security Incorporated (Cisco Systems, Inc.)
Inventors
Oberheide, Jon, Song, Douglas
Primary Examiner(s)
BROWN, CHRISTOPHER J

Application Number

US14/188,480
Publication Number

US 20140245396A1
Time in Patent Office

806 Days
Field of Search

713/182
US Class Current

1/1
CPC Class Codes

G06F 21/40   by quorum, i.e. whereby two...

H04L 2463/082   applying multi-factor authe...

H04L 63/08   for authentication of entit...

H04L 63/0853   using an additional device,...

H04L 63/18   using different networks or...

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

System and method for integrating two-factor authentication in a device

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

119 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for integrating two-factor authentication in a device

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

119 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links