Two-factor authentication systems and methods
First Claim
1. A non-transitory computer-readable medium having computer instructions stored thereon that are capable of causing a mobile device to perform operations comprising:
- transmitting login information for a user of the mobile device to an authorization system and receiving confirmation of a login of the user to a user account;
while the user is logged in to the user account, receiving a first permission request from the authorization system to perform an action related to the user account;
causing display of a message that permits a user to select whether to automate a response for future permission requests if at least one automation criterion is satisfied;
receiving first user input responsive to the message;
after receiving the first user input, receiving a second permission request from the authorization system while the user is logged in to the user account, wherein the second permission request is to perform an action related to the user account;
determining that the at least one automation criterion is met for the second permission request; and
in response to the determining, automatically responding to the second permission request based on the first user input without requesting additional user input indicating whether to grant or deny the second permission request.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods for authenticating defined user actions over a computer network. An authentication service receives an authentication request from an authenticating service to perform an action on behalf of a user. The authentication service then sends a permission request to a mobile device associated with the user, asking the user whether or not the action should be allowed. The user sends a permission response via the mobile device to the authentication service, granting or denying the action. The user may automate future similar responses so long as at least one automation criterion is met (e.g., the physical location of the mobile device), eliminating the need to manually provide a response to future permission requests. Information necessary to determine whether the automation criterion is met is stored locally on the mobile device.
-
Citations
23 Claims
-
1. A non-transitory computer-readable medium having computer instructions stored thereon that are capable of causing a mobile device to perform operations comprising:
-
transmitting login information for a user of the mobile device to an authorization system and receiving confirmation of a login of the user to a user account; while the user is logged in to the user account, receiving a first permission request from the authorization system to perform an action related to the user account; causing display of a message that permits a user to select whether to automate a response for future permission requests if at least one automation criterion is satisfied; receiving first user input responsive to the message; after receiving the first user input, receiving a second permission request from the authorization system while the user is logged in to the user account, wherein the second permission request is to perform an action related to the user account; determining that the at least one automation criterion is met for the second permission request; and in response to the determining, automatically responding to the second permission request based on the first user input without requesting additional user input indicating whether to grant or deny the second permission request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A mobile device, comprising:
-
at least one antenna; one or more processing elements coupled to the at least one antenna; one or more memories having program instructions stored thereon that are capable of causing the mobile device to; transmit login information for a user of the mobile device to an authorization system and receive confirmation of a login of the user to a user account; while the user is logged in to the user account, receive a first permission request to perform an action related to the user account from the authorization system; cause display of a message that permits a user to select whether to automate a response for future permission requests if at least one automation criterion is satisfied; receive first user input responsive to the message; after receiving the first user input, receive a second permission request from the authorization system while the user is logged in to the user account, wherein the second permission request is to perform an action related to the user account; determine that the at least one automation criterion is met for the second permission request; and in response to the determination, automatically respond to the second permission request based on the first user input without requesting additional user input indicating whether to grant or deny the second permission request. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A method, comprising:
-
a mobile computing device transmitting login information for a user of the mobile computing device to an authorization system and receiving confirmation of a login of the user to a user account from the authorization system; while the user is logged in to the user account on the device, the device receiving a first permission request to perform an action related to the user account from the authorization system; the device causing display of a message that permits a user to select whether to automate a response for future permission requests if at least one automation criterion is satisfied; the device receiving first user input responsive to the message; after receiving the first user input, the device receiving a second permission request from the authorization system while the user is logged in to the user account, wherein the second permission request is to perform an action related to the user account; the device determining that the at least one automation criterion is met for the second permission request; and in response to the determining, the device automatically responding to the second permission request based on the first user input without requesting additional user input indicating whether to grant or deny the second permission request. - View Dependent Claims (18, 19, 20)
-
-
21. A method, comprising:
-
receiving, by an authorization computing system, login information for a user from a mobile device; transmitting, by the authorization computing system, a confirmation of login to a user account for the user to the mobile device; sending, by the authorization computing system, a first permission request to perform an action to the mobile device, while the user is logged in to the user account, wherein the mobile device includes a memory having stored thereon instructions that are capable of causing the mobile device to display a message that permits a user to select whether to automate a response for future permission requests if at least one automation criterion is satisfied; sending, by the authorization computing system, a second permission request to perform an action to the mobile device, while the user is logged in to the user account; and receiving, by the authorization computing system, an automated response to the second permission request from the mobile device, wherein the automated response is sent without requesting additional user input indicating whether to grant or deny the second permission request. - View Dependent Claims (22, 23)
-
Specification