Authentication using device ID
First Claim
1. A method, comprising:
- receiving, by an authentication server and from a user device, an authentication request, wherein the authentication request comprises device attributes of the user device and wherein the authentication request further includes login information of a user;
determine, by the authentication server, whether the login information is valid;
responsive to determining that the login information is valid, generating, by the authentication server, a first device identifier identifying the user device from which the authentication request was received using the device attributes of the user device from which the authentication request was received, the first device identifier includes randomly generated characters that uniquely identify the user device from which the authentication request was received and the first device identifier is generated based on the device attributes that uniquely identify the user device from which the authentication request was received;
creating, by the authentication server, an authentication token, wherein the authentication token is signed with the first device identifier;
transmitting, by the authentication server and to the user device from which the authentication request was received, the authentication token;
receiving, by the authentication server, a request to access protected resources from a user device, wherein the request comprises the authentication token and device attributes of the user device from which the request to access protected resources was received;
generating, by the authentication server, a second, comparison device identifier identifying the user device from which the request to access protected resources was received, the second, comparison device identifier being based on the device attributes of the user device from which the request to access protected resources was received and included in the request to access protected resources, the second, comparison device identifier including randomly generated characters that uniquely identify the user device from which the request to access protected resources was received and the second, comparison device identifier is generated based on the device attributes of the user device from which the request to access protected resources was received and included in the request to access protected resources that uniquely identify the user device from which the request to access protected resources was received;
decrypting, by the authentication server, the received authentication token;
retrieving, by the authentication server, the first device identifier accessed from the decrypted authentication token;
validating, by the authentication server, the authentication token, wherein the validating comprises determining whether the first device identifier matches the second, comparison device identifier; and
outputting, by the authentication server, a response.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for authenticating a customer is disclosed. The customer may attempt to access protected resources located at an authentication server. The customer may log in to the authentication server'"'"'s website, thereby submitting an authentication request. The authentication request may comprise attributes of the device the customer uses to log in. The authentication server may generate a device ID using the received device attributes and generate an authentication token that is signed with the device ID. The authentication server may transmit the authentication token to the client device. Subsequent requests to access protected resources from the client device may include the authentication token that is signed with the device ID.
46 Citations
20 Claims
-
1. A method, comprising:
-
receiving, by an authentication server and from a user device, an authentication request, wherein the authentication request comprises device attributes of the user device and wherein the authentication request further includes login information of a user; determine, by the authentication server, whether the login information is valid; responsive to determining that the login information is valid, generating, by the authentication server, a first device identifier identifying the user device from which the authentication request was received using the device attributes of the user device from which the authentication request was received, the first device identifier includes randomly generated characters that uniquely identify the user device from which the authentication request was received and the first device identifier is generated based on the device attributes that uniquely identify the user device from which the authentication request was received; creating, by the authentication server, an authentication token, wherein the authentication token is signed with the first device identifier; transmitting, by the authentication server and to the user device from which the authentication request was received, the authentication token; receiving, by the authentication server, a request to access protected resources from a user device, wherein the request comprises the authentication token and device attributes of the user device from which the request to access protected resources was received; generating, by the authentication server, a second, comparison device identifier identifying the user device from which the request to access protected resources was received, the second, comparison device identifier being based on the device attributes of the user device from which the request to access protected resources was received and included in the request to access protected resources, the second, comparison device identifier including randomly generated characters that uniquely identify the user device from which the request to access protected resources was received and the second, comparison device identifier is generated based on the device attributes of the user device from which the request to access protected resources was received and included in the request to access protected resources that uniquely identify the user device from which the request to access protected resources was received; decrypting, by the authentication server, the received authentication token; retrieving, by the authentication server, the first device identifier accessed from the decrypted authentication token; validating, by the authentication server, the authentication token, wherein the validating comprises determining whether the first device identifier matches the second, comparison device identifier; and outputting, by the authentication server, a response. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable storage medium having computer-executable program instructions stored thereon that, when executed by a processor, cause the processor to:
-
receive, from a user device, an authentication request, wherein the authentication request comprises device attributes of the user device and wherein the authentication request includes login information of the user; determine whether the login information is valid; responsive to determining that the login information is valid, generate a first device identifier identifying the user device from which the authentication request was received using the device attributes of the user device from which the authentication request was received, the first device identifier includes randomly generated characters that uniquely identify the user device from which the authentication request was received and the first device identifier is generated based on the device attributes that uniquely identify the user device from which the authentication request was received; create an authentication token, wherein the authentication token is signed with the first device identifier; transmit, to the user device from which the authentication request was received, the authentication token; receive a request to access protected resources from a user device, wherein the request comprises the authentication token and device attributes of the user device from which the request to access protected resources was received; generate a second, comparison device identifier identifying the user device from which the request to access protected resources was received, the second, comparison device identifier being based on the device attributes of the user device from which the request to access protected resources was received and included in the request to access protected resources, the second, comparison device identifier including randomly generated characters that uniquely identify the user device from which the request to access protected resources was received and the second, comparison device identifier is generated based on the device attributes of the user device from which the request to access protected resources was received and included in the request to access protected resources that uniquely identifying the user device from which the request to access protected resources was received; decrypt the received authentication token; retrieve the first device identifier accessed from the decrypted authentication token; validate the authentication token, wherein the validating comprises determining whether the first device identifier matches the second, comparison device identifier; and output a response. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. An apparatus comprising:
-
a memory; a processor, wherein the processor executes computer-executable program instructions which cause the processor to; receive, by an authentication server and from a user device, an authentication request, wherein the authentication request comprises device attributes of the user device and wherein the authentication request further includes login information of a user; determine, by the authentication server, whether the login information is valid; responsive to determining that the login information is valid, generate, by the authentication server, a first device identifier identifying the user device from which the authentication request was received using the device attributes of the user device from which the authentication request was received, the first device identifier includes randomly generated characters that uniquely identify the user device from which the authentication request was received and the first device identifier is generated based on the device attributes that uniquely identify the user device from which the authentication request was received; create, by the authentication server, an authentication token, wherein the authentication token is signed with the first device identifier; transmit, by the authentication server and to the user device from which the authentication request was received, the authentication token; receive, by the authentication server, a request to access protected resources from a user device, wherein the request comprises the authentication token and device attributes of the user device from which the request to access protected resources was received; generate, by the authentication server, a second, comparison device identifier identifying the user device from which the request to access protected resources was received, the second, comparison device identifier being based on the device attributes of the user device from which the request to access protected resources was received and included in the request to access protected resources, the second, comparison device identifier including randomly generated characters that uniquely identify the user device from which the request to access protected resources was received and the second, comparison device identifier is generated based on the device attributes of the user device from which the request to access protected resources was received and included in the request to access protected resources that uniquely identifying the user device from which the request to access protected resources was received; decrypt, by the authentication server, the received authentication token; retrieve the first device identifier accessed from the decrypted authentication token; validate the authentication token, wherein the validating comprises determining whether the first device identifier matches the second, comparison device identifier; and output a response. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification