Securing multifactor authentication
First Claim
Patent Images
1. A system comprising:
- one or more memories that store an image comprising an optical machine-readable representation of a challenge code; and
one or more processing units cause the system to;
receive a request sent by a computing system to authorize an operation, the request received over a first channel, the computing system having a seed;
provide to the computing system information configured to cause the computing system to display the image and to allow a communications device to capture a challenge code from the image, the image comprising the optical machine-readable representation of the challenge code that can be extracted from the image by the communications device, the communications device including a networking interface for communicating with the system over a second channel; and
receive, from the communications device, a response authorizing the operation, the response calculated using the challenge code captured by the communications device and the seed, the response received over the second channel distinct from the first channel.
1 Assignment
0 Petitions
Accused Products
Abstract
In certain embodiments, a system receives a request sent by a device to authorize an operation. The system initiates display of an image encoding a challenge code to allow the device to capture the image and extract the challenge code. The device calculates a response using the challenge code and a seed, and sends the response to the system. In certain examples, the device may send the request over a first channel and the response over a second channel distinct from the first channel. In other examples, the device displays the response and a user inputs the response into a computing system to send to the system.
-
Citations
31 Claims
-
1. A system comprising:
-
one or more memories that store an image comprising an optical machine-readable representation of a challenge code; and one or more processing units cause the system to; receive a request sent by a computing system to authorize an operation, the request received over a first channel, the computing system having a seed; provide to the computing system information configured to cause the computing system to display the image and to allow a communications device to capture a challenge code from the image, the image comprising the optical machine-readable representation of the challenge code that can be extracted from the image by the communications device, the communications device including a networking interface for communicating with the system over a second channel; and receive, from the communications device, a response authorizing the operation, the response calculated using the challenge code captured by the communications device and the seed, the response received over the second channel distinct from the first channel. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-implemented method under the control of one or more computing systems comprising:
-
receiving a request sent by a computing system to authorize an operation, the computing system having a seed and associated with a user, the request transmitted over a first communication channel; providing the computing system with information configured to cause the computing system to initiate display of an image, the image comprising an optical machine-readable representation of a challenge code and to allow a device to capture the image and extract the challenge code, the device including a communications interface for transmitting information over a second communications channel different from the first communications channel; and receiving, from the device over the second communications, a response authorizing the operation, the response calculated using the challenge code captured by the device and the seed. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A set of one or more non-transitory computer-readable storage media having stored thereon executable instructions that, as a result of being executed by one or more processors of a first computing system and a second computing system, cause the first computing systems and the second computing system to perform operations comprising:
-
sending, by the second computing system to a server, a request to authorize an operation that requires information from the first computing system to be provided to the server, the second computing system having a seed and the request being transmitted over a first communications channel; capturing an image, displayed by the second computing system, comprising an optical machine-readable representation of a challenge code, the image displayed by the second computing system in response to the request; extracting the challenge code from the image; calculating a response authorizing the operation using the challenge code and the seed; and providing, using a communications interface of the first computing device, the response to the server over a second communications channel distinct from the first communications channel. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
Specification