User authentication by operating system-level token
First Claim
1. A mobile device for communicating an operating system-level token for user identification and/or authentication, the mobile device comprising:
- a single memory device comprising an operating system-level accessible by an operating system running on the mobile device and an application-level accessible by applications running on the mobile device, wherein the application-level is different from the operating system-level and the operating system-level is inaccessible by the applications;
a processor; and
a module stored in the memory device, executable by the processor, and configured to;
store a token at the operating system-level of the memory device, wherein the token is accessible by the operating system running on the mobile device and inaccessible by the applications running on the mobile device and wherein the token comprises at least one authentication credential, for at least partial authentication of the user;
store an operating system-level instruction set configured to be executed by the operating system of the mobile device, the operating system-level instruction set stored only at the operating system-level;
initiate execution of the operating system-level instruction set, comprising initiation of an operation system-level instruction set for periodically or continuously initiating communication of the token;
in response to an initiating event, initiate communication of the token to a second apparatus, associated with a financial institution location, external to the mobile device using the executing operating system-level instruction set, wherein initiating communication of the token does not require launching or running an application stored at the application-level of the mobile device;
detect an external stimulus received from the second apparatus external to the mobile device, wherein the external stimulus comprises a request for the at least one authentication credential for enabling a user activity, wherein the user activity requires a standard level of authentication;
initiate communication of the at least one authentication credential, to the second apparatus, whereby the user may be authenticated at the financial institution location at (i) a first level of authentication lower than the standard level of authentication, (ii) the standard level of authentication required for performing the user activity, or (iii) a second level of authentication higher than the standard level of authentication based on validation of the at least one authentication credential; and
receive one or more user authentication credentials from the user, wherein successful validation of the one or more user authentication credentials and the transmitted at least one authentication credential is configured to authenticate the user with at least the standard level of authentication required for performing the user activity.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments are directed to communicating an operating system-level token for user identification and/or authentication. Embodiments store a token at an operating system-level, wherein the token is accessible by an operating system running on the apparatus, and wherein the token comprises user identification information and/or user authentication information; and in response to an initiating event, initiate communication of the token to a second apparatus external to the apparatus. Some embodiments include initiation of an operation system-level instruction set for periodically, continuously, or in response to detecting a request, initiating communication of the token.
26 Citations
17 Claims
-
1. A mobile device for communicating an operating system-level token for user identification and/or authentication, the mobile device comprising:
-
a single memory device comprising an operating system-level accessible by an operating system running on the mobile device and an application-level accessible by applications running on the mobile device, wherein the application-level is different from the operating system-level and the operating system-level is inaccessible by the applications; a processor; and a module stored in the memory device, executable by the processor, and configured to; store a token at the operating system-level of the memory device, wherein the token is accessible by the operating system running on the mobile device and inaccessible by the applications running on the mobile device and wherein the token comprises at least one authentication credential, for at least partial authentication of the user; store an operating system-level instruction set configured to be executed by the operating system of the mobile device, the operating system-level instruction set stored only at the operating system-level; initiate execution of the operating system-level instruction set, comprising initiation of an operation system-level instruction set for periodically or continuously initiating communication of the token; in response to an initiating event, initiate communication of the token to a second apparatus, associated with a financial institution location, external to the mobile device using the executing operating system-level instruction set, wherein initiating communication of the token does not require launching or running an application stored at the application-level of the mobile device; detect an external stimulus received from the second apparatus external to the mobile device, wherein the external stimulus comprises a request for the at least one authentication credential for enabling a user activity, wherein the user activity requires a standard level of authentication; initiate communication of the at least one authentication credential, to the second apparatus, whereby the user may be authenticated at the financial institution location at (i) a first level of authentication lower than the standard level of authentication, (ii) the standard level of authentication required for performing the user activity, or (iii) a second level of authentication higher than the standard level of authentication based on validation of the at least one authentication credential; and receive one or more user authentication credentials from the user, wherein successful validation of the one or more user authentication credentials and the transmitted at least one authentication credential is configured to authenticate the user with at least the standard level of authentication required for performing the user activity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for communicating an operating system-level token for user identification and/or authentication, the method comprising:
-
storing a token at an operating system-level of a single memory device comprising an operating system-level accessible by an operating system running on the a mobile device and an application-level accessible by applications running on the mobile device, wherein the application-level is different from the operating system-level and the operating system-level is inaccessible by the applications, wherein the token is accessible by the operating system running on the mobile device and inaccessible by the applications running on the mobile device, and wherein the token comprises at least one authentication credential, for at least partial authentication of the user; storing an operating system-level instruction set configured to be executed by the operating system of the mobile device, the operating system-level instruction set stored at the operating system-level; initiating execution of the operating system-level instruction set, comprising initiation of an operation system-level instruction set for periodically or continuously initiating communication of the token; in response to an initiating event, initiating communication of the token to a second apparatus, associated with a financial institution location, external to the mobile device using the executing operating system-level instruction set, wherein initiating communication of the token does not require launching or running an application stored at the application-level of the mobile device; detecting an external stimulus received from the second apparatus external to the mobile device, wherein the external stimulus comprises a request for the at least one authentication credential for enabling a user activity, wherein the user activity requires a standard level of authentication; initiating communication of the at least one authentication credential, to the second apparatus, whereby the user may be authenticated at the financial institution location at (i) a first level of authentication lower than the standard level of authentication, (ii) the standard level of authentication required for performing the user activity, or (iii) a second level of authentication higher than the standard level of authentication based on validation of the at least one authentication credential; and receiving one or more user authentication credentials from the user, wherein successful validation of the one or more user authentication credentials and the transmitted at least one authentication credential is configured to authenticate the user with at least the standard level of authentication required for performing the user activity. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A computer program product for communicating an operating system-level token for user identification and/or authentication, the computer program product comprising a non-transitory computer-readable medium comprising code causing a mobile device to:
-
store a token at an operating system-level of a single memory device comprising the operating system-level accessible by an operating system running on the mobile device and an application-level accessible by applications running on the mobile device, wherein the application-level is different from the operating system-level and the operating system-level is inaccessible by the applications, wherein the token is accessible by the operating system running on the apparatus and inaccessible by the applications running on the mobile device, and wherein the token comprises at least one authentication credential, for at least partial authentication of the user; store an operating system-level instruction set configured to be executed by the operating system of the mobile device, the operating system-level instruction set stored at the operating system-level; initiate execution of the operating system-level instruction set, comprising initiation of an operation system-level instruction set for periodically or continuously initiating communication of the token; in response to an initiating event, initiate communication of the token to a second apparatus, associated with a financial institution location, external to the mobile device using the executing operating system-level instruction set, wherein initiating communication of the token does not require launching or running an application stored at the application-level of the mobile device; detect an external stimulus received from the second apparatus external to the mobile device, wherein the external stimulus comprises a request for the at least one authentication credential for enabling a user activity, wherein the user activity requires a standard level of authentication; initiate communication of the at least one authentication credential, to the second apparatus, whereby the user may be authenticated at the financial institution location at (i) a first level of authentication lower than the standard level of authentication, (ii) the standard level of authentication required for performing the user activity, or (iii) a second level of authentication higher than the standard level of authentication based on validation of the at least one authentication credential; and receive one or more user authentication credentials from the user, wherein successful validation of the one or more user authentication credentials and the transmitted at least one authentication credential is configured to authenticate the user with at least the standard level of authentication required for performing the user activity. - View Dependent Claims (16, 17)
-
Specification