System and method for secure device authentication

US 9,706,402 B2
Filed: 03/09/2015
Issued: 07/11/2017
Est. Priority Date: 03/09/2015
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a mobile computing device, the method comprising:

obtaining data that identifies the mobile computing device;

exchanging the data with a network service to trigger a secure browser instance on the mobile computing device; and

providing a secure single action link to the mobile computing device, the secure single action link provided in a manner that precludes, other than a link selection action, at least one of a copy and a paste user input actions, the secure single action link further having an embedded session token, whereupon performance of the link selection action by the user within the secure browser instance, the session token corresponding to the mobile computing device is communicated to the network service.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for secure authentication of a mobile computing device (MCD) are described. Data that identifies the MCD is obtained. Identification data is exchanged with a network service, which sends embedded data to trigger a secure browser instance on the MCD. A secure single action link specific to the requesting device is then provided, the secure single action link being actionable to communicate to the network service, through the secure browser instance, a session token corresponding to the mobile computing device. The user can perform a selection action on the secure single action link to authenticate the MCD.

24 Citations

View as Search Results

19 Claims

1. A method for authenticating a mobile computing device, the method comprising:
- obtaining data that identifies the mobile computing device;
  
  exchanging the data with a network service to trigger a secure browser instance on the mobile computing device; and
  
  providing a secure single action link to the mobile computing device, the secure single action link provided in a manner that precludes, other than a link selection action, at least one of a copy and a paste user input actions, the secure single action link further having an embedded session token, whereupon performance of the link selection action by the user within the secure browser instance, the session token corresponding to the mobile computing device is communicated to the network service.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, further comprising:
    - verifying the exchanged data with the network service after the user performs the link selection action on the secure single action link.
  - 3. The method of claim 2, further comprising:
    - redirecting the secure browser instance to an appverify link; and
      
      verifying the data that identifies the mobile computing device with the network service.
  - 4. The method of claim 2, wherein verifying the exchanged data with the network service comprises verifying the session token.
  - 5. The method of claim 2, wherein verifying the exchanged data with the network service comprises verifying the session token with a different session token corresponding to the mobile computing device.
  - 6. The method of claim 1, wherein the data that identifies the mobile computing device includes a phone number for the mobile computing device.
  - 7. The method of claim 1, wherein the data that identifies the mobile computing device includes a unique identifier for the mobile computing device.
  - 8. The method of claim 1, wherein the data that identifies the mobile computing device includes a set of global positioning satellite coordinates for the mobile computing device.
  - 9. The method of claim 1, wherein the data that identifies the mobile computing device includes an internet protocol address for the mobile computing device.
  - 10. The method of claim 1, wherein exchanging the data with the network service to trigger the secure browser instance comprises sending the data that identifies the mobile computing device to the network service.
  - 11. The method of claim 10, wherein exchanging the data with the network service to trigger the secure browser instance further comprises receiving the session token from the network service.
  - 12. The method of claim 11, wherein exchanging the data with the network service to trigger the secure browser instance further comprises automatically opening a browser session and assigning the session token to the browser session.
  - 13. The method of claim 1, wherein providing the secure single action link to the mobile computing device comprises providing the secure single action link in a text message.
  - 14. The method of claim 1, the method being implemented as part of a secure onboarding of the mobile computing device.

15. An authentication system for a mobile computing device comprising:
- a memory resource to store instructions;
  
  one or more processors using the instructions stored in the memory resource to;
  
  obtain data that identifies the mobile computing device;
  
  exchange the data with a network service to trigger a secure browser instance on the mobile computing device;
  
  providing a secure single action link to the mobile computing device, the secure single action link provided in a manner that precludes, other than a link selection action, at least one of a copy and a paste user input actions, the secure single action link further having an embedded session token, whereupon performance of the link selection action by the user within the secure browser instance, the session token corresponding to the mobile computing device is communicated to the network service;
  
  verify the exchanged data with the network service after the user performs a selection action on the secure single action link;
  
  redirect the secure browser instance to an appverify link; and
  
  verify the data that identifies the mobile computing device with the network service.

16. A non-transitory computer-readable medium for authenticating a mobile computing device, the computer-readable medium storing instructions that, when executed by one or more processors, cause a computing device of the one or more processors to perform operations that include:
- obtaining data that identifies the mobile computing device;
  
  exchanging the data with a network service to trigger a secure browser instance on the mobile computing device; and
  
  providing a secure single action link to the mobile computing device, the secure single action link provided in a manner that precludes, other than a link selection action, at least one of a copy and a paste user input actions, the secure single action link further having an embedded session token, whereupon performance of the link selection action by the user within the secure browser instance, the session token corresponding to the mobile computing device is communicated to the network service.
- View Dependent Claims (17, 18, 19)
- - 17. The non-transitory computer readable medium of claim 16, further comprising instruction that, when executed by the one or more processors, cause the computing device to:
    - verifying the exchanged data with the network service after the user performs the link selection action on the secure single action link.
  - 18. The non-transitory computer readable medium of claim 17, further comprising instruction that, when executed by the one or more processors, cause the computing device to:
    - redirect the secure browser instance to an appverify link; and
      
      verify the data that identifies the mobile computing device with the network service.
  - 19. The non-transitory computer readable medium of claim 17, wherein the data that identifies the mobile computing device includes a phone number for the mobile computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Neustar Incorporated
Original Assignee
Neustar Incorporated
Inventors
Kueh, Anthony Y.
Primary Examiner(s)
Gelin, Jean

Application Number

US14/642,680
Publication Number

US 20160269898A1
Time in Patent Office

855 Days
Field of Search

455410, 455411, 4554141
US Class Current
CPC Class Codes

H04L 2463/082   applying multi-factor authe...

H04L 63/08   for authentication of entit...

H04L 67/02   based on web technology, e....

H04W 12/06   Authentication

System and method for secure device authentication

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

24 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for secure device authentication

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links