Methods and systems for device disablement

US 9,344,413 B2
Filed: 01/18/2013
Issued: 05/17/2016
Est. Priority Date: 01/18/2012
Status: Active Grant

First Claim

Patent Images

1. A method for disabling a device associated with a virtual identity, the method comprising:

receiving, at an identity repository computer system and from the device, a request to use the virtual identity, wherein;

the request comprises a passcode guess and a device identifier, wherein the passcode guess comprises a hash of a salted password; and

the identity repository computer system stores device identifiers for a plurality of registered devices that have previously been paired with the virtual identity;

determining, by the identity repository computer system, that the device identifier received from the device matches at least one of the device identifiers of the plurality of registered devices that are paired with the virtual identity, thereby indicating that the device is a registered device that was previously paired with the virtual identity;

determining, by the identity repository computer system, that the passcode guess does not authorize use of the virtual identity even though it is received from a registered device;

incrementing, by the identity repository computer system, a number of incorrect passcode guesses received within a time interval that is specific to the device;

determining, by the identity repository computer system, that the number of incorrect passcode guesses received from the device within the time interval is greater than or equal to a threshold; and

storing, by the identity repository computer system, an indication that subsequent requests associated with the device identifier should not authorize use of the virtual identity, while still allowing any of the other registered devices in the plurality of registered devices to authorize use of the virtual identity.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for disabling a device associated with a virtual identity may include receiving, from the device, a request to use the virtual identity, where the request that may include a passcode guess and a device identifier. The method may also include determining that the passcode guess does not authorize use of the virtual identity and incrementing a number of incorrect passcode guesses received within a time interval. The method may additionally include determining that the number of incorrect passcode guesses received within the time interval is greater than or equal to a threshold. The method may further include storing an indication that subsequent requests associated with the device identifier should not authorize use of the virtual identity.

54 Citations

View as Search Results

19 Claims

1. A method for disabling a device associated with a virtual identity, the method comprising:
- receiving, at an identity repository computer system and from the device, a request to use the virtual identity, wherein;
  
  the request comprises a passcode guess and a device identifier, wherein the passcode guess comprises a hash of a salted password; and
  
  the identity repository computer system stores device identifiers for a plurality of registered devices that have previously been paired with the virtual identity;
  
  determining, by the identity repository computer system, that the device identifier received from the device matches at least one of the device identifiers of the plurality of registered devices that are paired with the virtual identity, thereby indicating that the device is a registered device that was previously paired with the virtual identity;
  
  determining, by the identity repository computer system, that the passcode guess does not authorize use of the virtual identity even though it is received from a registered device;
  
  incrementing, by the identity repository computer system, a number of incorrect passcode guesses received within a time interval that is specific to the device;
  
  determining, by the identity repository computer system, that the number of incorrect passcode guesses received from the device within the time interval is greater than or equal to a threshold; and
  
  storing, by the identity repository computer system, an indication that subsequent requests associated with the device identifier should not authorize use of the virtual identity, while still allowing any of the other registered devices in the plurality of registered devices to authorize use of the virtual identity.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising receiving a valid passcode from one or more of the plurality of registered devices paired with the virtual identity;
    - andauthorizing a use of the virtual identity by the one or more of the plurality of registered devices.
  - 3. The method of claim 1 wherein the passcode guess is based on a PIN.
  - 4. The method of claim 1 further comprising sending, to the plurality of registered devices paired with the virtual identity, an indication that the device cannot authorize the use of the virtual identity.
  - 5. The method of claim 4 wherein the indication that the device cannot authorize the use of the virtual identity comprises a push notification to a smart phone.
  - 6. The method of claim 1 wherein the number of incorrect passcode guesses is reset when a valid passcode guess is received.
  - 7. The method of claim 1 further comprising:
    - receiving, from one of the plurality of registered devices;
      
      a second passcode guess; and
      
      an indication that the device should be reauthorized;
      
      determining that the second passcode guess authorizes the use of the virtual identity; and
      
      determining that the subsequent requests associated with the device identifier can authorize the use of the virtual identity.

8. A non-transitory, computer-readable medium comprising instructions that, when executed by one or more processors, cause the one or more processors to perform operations comprising:
- receiving, at an identity repository computer system and from the device, a request to use the virtual identity, wherein;
  
  the request comprises a passcode guess and a device identifier, wherein the passcode guess comprises a hash of a salted password; and
  
  the identity repository computer system stores device identifiers for a plurality of registered devices that have previously been paired with the virtual identity;
  
  determining, by the identity repository computer system, that the device identifier received from the device matches at least one of the device identifiers of the plurality of registered devices that are paired with the virtual identity, thereby indicating that the device is a registered device that was previously paired with the virtual identity;
  
  determining, by the identity repository computer system, that the passcode guess does not authorize use of the virtual identity even though it is received from a registered device;
  
  incrementing, by the identity repository computer system, a number of incorrect passcode guesses received within a time interval that is specific to the device;
  
  determining, by the identity repository computer system, that the number of incorrect passcode guesses received from the device within the time interval is greater than or equal to a threshold; and
  
  storing, by the identity repository computer system, an indication that subsequent requests associated with the device identifier should not authorize use of the virtual identity, while still allowing any of the other registered devices in the plurality of registered devices to authorize use of the virtual identity.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The non-transitory, computer-readable medium of claim 8 further comprising additional instructions that cause the one or more processors to perform operations comprising sending an indication that subsequent requests associated with the device identifier should not register unregistered devices to a pairing repository.
  - 10. The non-transitory, computer-readable medium of claim 9 further comprising:
    - receiving a request to register an unregistered device, the request comprising;
      
      a second passcode guess; and
      
      the device identifier;
      
      denying the request to register the second unregistered device based on the stored indication.
  - 11. The non-transitory, computer-readable medium of claim 8 wherein the passcode guess comprises a digital signature derived from a user-provided passcode.
  - 12. The non-transitory, computer-readable medium of claim 8 wherein the device comprises a smart phone.
  - 13. The non-transitory, computer-readable medium of claim 8 wherein the request to use the virtual identity further comprises an encrypted salt value.
  - 14. The non-transitory, computer-readable medium of claim 8 wherein the request to use the virtual identity further comprises a pairing code.

15. An identity repository computer system comprising:
- one or more interfaces that receive requests from user devices;
  
  one or more computer processors; and
  
  one or more memories comprising instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising;
  
  receiving, at the identity repository computer system and from the device through the one or more interfaces, a request to use the virtual identity, wherein;
  
  the request comprises a passcode guess and a device identifier, wherein the passcode guess comprises a hash of a salted password; and
  
  the identity repository computer system stores device identifiers for a plurality of registered devices that have previously been paired with the virtual identity;
  
  determining, by the identity repository computer system, that the device identifier received from the device matches at least one of the device identifiers of the plurality of registered devices that are paired with the virtual identity, thereby indicating that the device is a registered device that was previously paired with the virtual identity;
  
  determining, by the identity repository computer system, that the passcode guess does not authorize use of the virtual identity even though it is received from a registered device;
  
  incrementing, by the identity repository computer system, a number of incorrect passcode guesses received within a time interval that is specific to the device;
  
  determining, by the identity repository computer system, that the number of incorrect passcode guesses received from the device within the time interval is greater than or equal to a threshold; and
  
  storing, by the identity repository computer system, an indication in the one or more memories that subsequent requests associated with the device identifier should not authorize use of the virtual identity, while still allowing any of the other registered devices in the plurality of registered devices to authorize use of the virtual identity.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The identity repository computer system of claim 15, wherein the one or more memories further store encrypted personal information associated with a virtual identity, wherein the device identifier is associated with the virtual identity.
  - 17. The identity repository computer system of claim 15, wherein the number of incorrect passcode guesses is reset when a valid passcode guess is received.
  - 18. The identity repository computer system of claim 15, wherein the request from the device further comprises a request to pair an unregistered device with a virtual identity.
  - 19. The identity repository computer system of claim 15, wherein the instructions, when executed by the one or more processors, further cause the one or more processors to perform operations comprising:
    - sending the indication to a pairing repository that is physically separate from the identity repository.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Neustar Incorporated
Original Assignee
OneID Inc.
Inventors
Kirsch, Steven Todd
Primary Examiner(s)
Holder, Bradley
Assistant Examiner(s)
MOHAMMADI, FAHIMEH M

Application Number

US13/745,354
Publication Number

US 20130198834A1
Time in Patent Office

1,215 Days
Field of Search

726/4, 726 17- 19, 726/21, 726/27, 726/35
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/335   for accessing specific reso...

G06F 2221/2103   Challenge-response

H04L 63/06   for supporting key manageme...

H04L 63/08   for authentication of entit...

H04L 63/0823   using certificates cryptogr...

H04L 63/083   using passwords cryptograph...

H04L 63/0869   for achieving mutual authen...

H04L 63/12   Applying verification of th...

H04L 9/14   using a plurality of keys o...

H04L 9/30   Public key, i.e. encryption...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

Methods and systems for device disablement

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

54 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for device disablement

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

54 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links