Two-factor authentication systems and methods

US 9,531,702 B2
Filed: 11/13/2015
Issued: 12/27/2016
Est. Priority Date: 10/25/2011
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable medium having computer instructions stored thereon that are capable of causing a mobile device to perform operations comprising:

transmitting login information for a user of the mobile device to an authorization system and receiving confirmation of a login of the user to a user account;

while the user is logged in to the user account, receiving a first permission request from the authorization system to perform an action related to the user account;

causing display of a message that permits a user to select whether to automate a response for future permission requests if at least one automation criterion is satisfied;

receiving first user input responsive to the message;

after receiving the first user input, receiving a second permission request from the authorization system while the user is logged in to the user account, wherein the second permission request is to perform an action related to the user account;

determining that the at least one automation criterion is met for the second permission request; and

in response to the determining, automatically responding to the second permission request based on the first user input without requesting additional user input indicating whether to grant or deny the second permission request.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for authenticating defined user actions over a computer network. An authentication service receives an authentication request from an authenticating service to perform an action on behalf of a user. The authentication service then sends a permission request to a mobile device associated with the user, asking the user whether or not the action should be allowed. The user sends a permission response via the mobile device to the authentication service, granting or denying the action. The user may automate future similar responses so long as at least one automation criterion is met (e.g., the physical location of the mobile device), eliminating the need to manually provide a response to future permission requests. Information necessary to determine whether the automation criterion is met is stored locally on the mobile device.

Citations

23 Claims

1. A non-transitory computer-readable medium having computer instructions stored thereon that are capable of causing a mobile device to perform operations comprising:
- transmitting login information for a user of the mobile device to an authorization system and receiving confirmation of a login of the user to a user account;
  
  while the user is logged in to the user account, receiving a first permission request from the authorization system to perform an action related to the user account;
  
  causing display of a message that permits a user to select whether to automate a response for future permission requests if at least one automation criterion is satisfied;
  
  receiving first user input responsive to the message;
  
  after receiving the first user input, receiving a second permission request from the authorization system while the user is logged in to the user account, wherein the second permission request is to perform an action related to the user account;
  
  determining that the at least one automation criterion is met for the second permission request; and
  
  in response to the determining, automatically responding to the second permission request based on the first user input without requesting additional user input indicating whether to grant or deny the second permission request.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The non-transitory computer-readable medium of claim 1, wherein the action related to the user account corresponding to the second permission request is a payment transaction.
  - 3. The non-transitory computer-readable medium of claim 1, wherein the authorization system is an authenticating service or an authentication service.
  - 4. The non-transitory computer-readable medium of claim 1, wherein the at least one automation criterion includes a criterion that is based on a geographic location of the mobile device.
  - 5. The non-transitory computer-readable medium of claim 1, wherein the at least one automation criterion includes a criterion that is based on one or more of:
    - biometric information associated with the user, voice recognition of the user, or a gesture performed by the user.
  - 6. The non-transitory computer-readable medium of claim 1, wherein the action requested by the second permission request is the same action as the action requested by the first permission request.
  - 7. The non-transitory computer-readable medium of claim 1, wherein the action corresponding to the second permission request is initiated via a computing device that is different than the mobile device.
  - 8. The non-transitory computer-readable medium of claim 1, wherein the action corresponding to the second permission request is to unlock or start a vehicle.
  - 9. The non-transitory computer-readable medium of claim 1, wherein the at least one automation criterion includes that the first permission request and the second permission request each specify the same:
    - service, account, action, and device requesting the action.

10. A mobile device, comprising:
- at least one antenna;
  
  one or more processing elements coupled to the at least one antenna;
  
  one or more memories having program instructions stored thereon that are capable of causing the mobile device to;
  
  transmit login information for a user of the mobile device to an authorization system and receive confirmation of a login of the user to a user account;
  
  while the user is logged in to the user account, receive a first permission request to perform an action related to the user account from the authorization system;
  
  cause display of a message that permits a user to select whether to automate a response for future permission requests if at least one automation criterion is satisfied;
  
  receive first user input responsive to the message;
  
  after receiving the first user input, receive a second permission request from the authorization system while the user is logged in to the user account, wherein the second permission request is to perform an action related to the user account;
  
  determine that the at least one automation criterion is met for the second permission request; and
  
  in response to the determination, automatically respond to the second permission request based on the first user input without requesting additional user input indicating whether to grant or deny the second permission request.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The mobile device of claim 10, wherein the action corresponding to the second permission request is a financial transaction.
  - 12. The mobile device of claim 11, wherein the financial transaction is a payment transaction.
  - 13. The mobile device of claim 10, wherein the at least one automation criterion includes a criterion that is based on a location of the mobile device.
  - 14. The mobile device of claim 10, wherein the action requested by the second permission request is a different action than the action requested by the first permission request.
  - 15. The mobile device of claim 10, wherein the at least one automation criterion includes that the first permission request and the second permission request each specify the same:
    - authorization service, user account, action, and device requesting the action.
  - 16. The mobile device of claim 10, wherein the action corresponding to the second permission request is initiated via a computing device that is different than the mobile device.

17. A method, comprising:
- a mobile computing device transmitting login information for a user of the mobile computing device to an authorization system and receiving confirmation of a login of the user to a user account from the authorization system;
  
  while the user is logged in to the user account on the device, the device receiving a first permission request to perform an action related to the user account from the authorization system;
  
  the device causing display of a message that permits a user to select whether to automate a response for future permission requests if at least one automation criterion is satisfied;
  
  the device receiving first user input responsive to the message;
  
  after receiving the first user input, the device receiving a second permission request from the authorization system while the user is logged in to the user account, wherein the second permission request is to perform an action related to the user account;
  
  the device determining that the at least one automation criterion is met for the second permission request; and
  
  in response to the determining, the device automatically responding to the second permission request based on the first user input without requesting additional user input indicating whether to grant or deny the second permission request.
- View Dependent Claims (18, 19, 20)
- - 18. The method of claim 17, wherein the action related to the user account corresponding to the second permission request is a financial transaction.
  - 19. The method of claim 17, wherein the at least one automation criterion includes a criterion that is based on a location of the mobile device.
  - 20. The method of claim 17, wherein the at least one automation criterion includes that the first permission request and the second permission request each specify the same:
    - service, account, and action.

21. A method, comprising:
- receiving, by an authorization computing system, login information for a user from a mobile device;
  
  transmitting, by the authorization computing system, a confirmation of login to a user account for the user to the mobile device;
  
  sending, by the authorization computing system, a first permission request to perform an action to the mobile device, while the user is logged in to the user account, wherein the mobile device includes a memory having stored thereon instructions that are capable of causing the mobile device to display a message that permits a user to select whether to automate a response for future permission requests if at least one automation criterion is satisfied;
  
  sending, by the authorization computing system, a second permission request to perform an action to the mobile device, while the user is logged in to the user account; and
  
  receiving, by the authorization computing system, an automated response to the second permission request from the mobile device, wherein the automated response is sent without requesting additional user input indicating whether to grant or deny the second permission request.
- View Dependent Claims (22, 23)
- - 22. The method of claim 21, wherein the action corresponding to the second permission request is a financial transaction.
  - 23. The method of claim 21, wherein the at least one automation criterion includes a criterion that is based on a geographic location of the mobile device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Salesforce.com, Inc.
Original Assignee
Salesforce.com, Inc.
Inventors
Grim, Evan Tyler, Alexander, Josh
Primary Examiner(s)
Chai, Longbit

Application Number

US14/940,868
Publication Number

US 20160080348A1
Time in Patent Office

410 Days
Field of Search

726/4
US Class Current

1/1
CPC Class Codes

H04L 2463/082   applying multi-factor authe...

H04L 63/08   for authentication of entit...

H04L 63/0861   using biometrical features,...

H04L 63/107   wherein the security polici...

H04W 12/06   Authentication

H04W 12/68   Gesture-dependent or behavi...

Two-factor authentication systems and methods

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Two-factor authentication systems and methods

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links