Methods and systems for device disablement
First Claim
1. A method for disabling a device associated with a virtual identity, the method comprising:
- receiving, at an identity repository computer system and from the device, a request to use the virtual identity, wherein;
the request comprises a passcode guess and a device identifier, wherein the passcode guess comprises a hash of a salted password; and
the identity repository computer system stores device identifiers for a plurality of registered devices that have previously been paired with the virtual identity;
determining, by the identity repository computer system, that the device identifier received from the device matches at least one of the device identifiers of the plurality of registered devices that are paired with the virtual identity, thereby indicating that the device is a registered device that was previously paired with the virtual identity;
determining, by the identity repository computer system, that the passcode guess does not authorize use of the virtual identity even though it is received from a registered device;
incrementing, by the identity repository computer system, a number of incorrect passcode guesses received within a time interval that is specific to the device;
determining, by the identity repository computer system, that the number of incorrect passcode guesses received from the device within the time interval is greater than or equal to a threshold; and
storing, by the identity repository computer system, an indication that subsequent requests associated with the device identifier should not authorize use of the virtual identity, while still allowing any of the other registered devices in the plurality of registered devices to authorize use of the virtual identity.
6 Assignments
0 Petitions
Accused Products
Abstract
A method for disabling a device associated with a virtual identity may include receiving, from the device, a request to use the virtual identity, where the request that may include a passcode guess and a device identifier. The method may also include determining that the passcode guess does not authorize use of the virtual identity and incrementing a number of incorrect passcode guesses received within a time interval. The method may additionally include determining that the number of incorrect passcode guesses received within the time interval is greater than or equal to a threshold. The method may further include storing an indication that subsequent requests associated with the device identifier should not authorize use of the virtual identity.
54 Citations
19 Claims
-
1. A method for disabling a device associated with a virtual identity, the method comprising:
-
receiving, at an identity repository computer system and from the device, a request to use the virtual identity, wherein; the request comprises a passcode guess and a device identifier, wherein the passcode guess comprises a hash of a salted password; and the identity repository computer system stores device identifiers for a plurality of registered devices that have previously been paired with the virtual identity; determining, by the identity repository computer system, that the device identifier received from the device matches at least one of the device identifiers of the plurality of registered devices that are paired with the virtual identity, thereby indicating that the device is a registered device that was previously paired with the virtual identity; determining, by the identity repository computer system, that the passcode guess does not authorize use of the virtual identity even though it is received from a registered device; incrementing, by the identity repository computer system, a number of incorrect passcode guesses received within a time interval that is specific to the device; determining, by the identity repository computer system, that the number of incorrect passcode guesses received from the device within the time interval is greater than or equal to a threshold; and storing, by the identity repository computer system, an indication that subsequent requests associated with the device identifier should not authorize use of the virtual identity, while still allowing any of the other registered devices in the plurality of registered devices to authorize use of the virtual identity. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory, computer-readable medium comprising instructions that, when executed by one or more processors, cause the one or more processors to perform operations comprising:
-
receiving, at an identity repository computer system and from the device, a request to use the virtual identity, wherein; the request comprises a passcode guess and a device identifier, wherein the passcode guess comprises a hash of a salted password; and the identity repository computer system stores device identifiers for a plurality of registered devices that have previously been paired with the virtual identity; determining, by the identity repository computer system, that the device identifier received from the device matches at least one of the device identifiers of the plurality of registered devices that are paired with the virtual identity, thereby indicating that the device is a registered device that was previously paired with the virtual identity; determining, by the identity repository computer system, that the passcode guess does not authorize use of the virtual identity even though it is received from a registered device; incrementing, by the identity repository computer system, a number of incorrect passcode guesses received within a time interval that is specific to the device; determining, by the identity repository computer system, that the number of incorrect passcode guesses received from the device within the time interval is greater than or equal to a threshold; and storing, by the identity repository computer system, an indication that subsequent requests associated with the device identifier should not authorize use of the virtual identity, while still allowing any of the other registered devices in the plurality of registered devices to authorize use of the virtual identity. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. An identity repository computer system comprising:
-
one or more interfaces that receive requests from user devices; one or more computer processors; and one or more memories comprising instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising; receiving, at the identity repository computer system and from the device through the one or more interfaces, a request to use the virtual identity, wherein; the request comprises a passcode guess and a device identifier, wherein the passcode guess comprises a hash of a salted password; and the identity repository computer system stores device identifiers for a plurality of registered devices that have previously been paired with the virtual identity; determining, by the identity repository computer system, that the device identifier received from the device matches at least one of the device identifiers of the plurality of registered devices that are paired with the virtual identity, thereby indicating that the device is a registered device that was previously paired with the virtual identity; determining, by the identity repository computer system, that the passcode guess does not authorize use of the virtual identity even though it is received from a registered device; incrementing, by the identity repository computer system, a number of incorrect passcode guesses received within a time interval that is specific to the device; determining, by the identity repository computer system, that the number of incorrect passcode guesses received from the device within the time interval is greater than or equal to a threshold; and storing, by the identity repository computer system, an indication in the one or more memories that subsequent requests associated with the device identifier should not authorize use of the virtual identity, while still allowing any of the other registered devices in the plurality of registered devices to authorize use of the virtual identity. - View Dependent Claims (16, 17, 18, 19)
-
Specification