Provisioning a device to be an authentication device
First Claim
Patent Images
1. A system comprising:
- one or more processors;
memory with instructions that, when executed by the one or more processors, cause the system to;
receive a request, at an authentication module of the system, to provision a mobile device to be an authentication device;
provide, to the mobile device, an authentication application that causes the mobile device to generate a one-time passcode usable for authentication,cause an image to be displayed on a computing device, wherein the image enables the mobile device to determine first key information by at least analyzing the image displayed on the computing device;
receive, at the authentication module of the system, the first key information, the received first key information obtained from the mobile device over a network;
determine, at the authentication module, that the first key information matches key information included in the image;
in response to the determination, send a seed to the mobile device, the seed useable to generate the one-time passcode useable for authentication;
obtain, from the computing device, the one-time passcode generated by the mobile device using the seed; and
allow access to the computing device as a result of receiving the one-time passcode.
1 Assignment
0 Petitions
Accused Products
Abstract
In certain embodiments, a web services system receives a request to provision a device, such as a telephone, as an authentication device. The web services system initiates display of an image communicating a key to allow the telephone to capture the image and to send key information associated with the key. The web services system receives the key and determines that the key information is valid. In response to the determination, the web services system sends a seed to the telephone to provision the telephone to be an authentication device. The telephone can use the seed to generate one-time passcodes to access a service of the web services system.
100 Citations
29 Claims
-
1. A system comprising:
-
one or more processors; memory with instructions that, when executed by the one or more processors, cause the system to; receive a request, at an authentication module of the system, to provision a mobile device to be an authentication device; provide, to the mobile device, an authentication application that causes the mobile device to generate a one-time passcode usable for authentication, cause an image to be displayed on a computing device, wherein the image enables the mobile device to determine first key information by at least analyzing the image displayed on the computing device; receive, at the authentication module of the system, the first key information, the received first key information obtained from the mobile device over a network; determine, at the authentication module, that the first key information matches key information included in the image; in response to the determination, send a seed to the mobile device, the seed useable to generate the one-time passcode useable for authentication; obtain, from the computing device, the one-time passcode generated by the mobile device using the seed; and allow access to the computing device as a result of receiving the one-time passcode. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-implemented method comprising:
-
receiving, by one or more processing units, a request to provision a mobile device to be an authentication device that generates one or more one-time passcodes; initiating, by the one or more processing units, display of an image on a computing device so that the image communicates authentication information, wherein the image allows the mobile device to extract key information from the authentication information communicated by the image, wherein the key information allows the mobile device to obtain, from an authentication module of a server computer system, a seed for an application of the mobile device to provision the mobile device as the authentication device that can generate the one or more one-time passcodes, and wherein the one or more one-time passcodes enables the mobile device to be used as the authentication device; receiving, from the mobile device, the key information; determining, by the authentication module, validity of the key information; providing to the mobile device the seed; and allowing access based at least in part on receiving, from the computing device, a valid one-time passcode generated based at least in part on the seed. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. One or more non-transitory computer-readable media comprising logic that, as a result of execution by one or more processing units, cause operations to be performed comprising:
-
sending a request to provision a mobile device to be an authentication device; the mobile device capturing an image that communicates information that enables the image to be analyzed to determine a key; the mobile device determining, by at least analyzing the image, key information using the key; the mobile device transmitting the key information to an authentication module of a computer system to enable the key to be validated; receiving, from the authentication module of the computer systems, a seed; calculating a one-time passcode based at least in part on the seed; and providing the one-time passcode to a computing device to enable the mobile device to be the authentication device. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29)
-
Specification