User credentials

US 9,807,074 B1
Filed: 05/01/2015
Issued: 10/31/2017
Est. Priority Date: 07/11/2012
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable storage medium storing instructions executable by one or more computers of a server which, upon such execution, cause the one or more computers to perform operations comprising:

at the server, receiving a request from a first client device for a numeric representation for a credential, the request comprising (i) a credential identifier that identifies the credential and (ii) a first user identifier that identifies a first user and is associated with the credential identifier;

responsive to the request from the first client device;

generating, at the server, a first numeric representation for the credential, wherein the first numeric representation for the credential expires at a first time;

associating, at the server, the first numeric representation for the credential with the credential identifier and the first user identifier; and

transmitting, from the server, a message including the first numeric representation for the credential to the first client device;

at the server, receiving a first validation request from a processing system associated with a credential authority, wherein the first validation request comprises a first value;

before the first time, accessing, at the server, the first numeric representation for the credential using the first value; and

at the server, responsive to determining that the first value from the first validation request matches the first numeric representation for the credential, transmitting to the processing system, a first validation response indicating that the credential is associated with the first user.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Obtaining and/or validating user credentials at client devices is described.

Citations

20 Claims

1. A non-transitory computer-readable storage medium storing instructions executable by one or more computers of a server which, upon such execution, cause the one or more computers to perform operations comprising:
- at the server, receiving a request from a first client device for a numeric representation for a credential, the request comprising (i) a credential identifier that identifies the credential and (ii) a first user identifier that identifies a first user and is associated with the credential identifier;
  
  responsive to the request from the first client device;
  
  generating, at the server, a first numeric representation for the credential, wherein the first numeric representation for the credential expires at a first time;
  
  associating, at the server, the first numeric representation for the credential with the credential identifier and the first user identifier; and
  
  transmitting, from the server, a message including the first numeric representation for the credential to the first client device;
  
  at the server, receiving a first validation request from a processing system associated with a credential authority, wherein the first validation request comprises a first value;
  
  before the first time, accessing, at the server, the first numeric representation for the credential using the first value; and
  
  at the server, responsive to determining that the first value from the first validation request matches the first numeric representation for the credential, transmitting to the processing system, a first validation response indicating that the credential is associated with the first user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The non-transitory computer-readable storage medium of claim 1, wherein generating a first numeric representation for the credential comprises generating a random number based on a seed value obtained from a clock at the server.
  - 3. The non-transitory computer-readable storage medium of claim 1, wherein the operations further comprise:
    - at the server, receiving a second request from a second client device for a numeric representation for the credential, the second request comprising (i) the credential identifier that identifies the credential and (ii) a second user identifier that identifies a second user and is associated with the credential identifier;
      
      responsive to the second request from the second client device;
      
      generating, at the server, a second numeric representation for the credential, wherein the second numeric representation for the credential expires at a second time;
      
      associating, at the server, the second numeric representation for the credential with the credential identifier and the second user identifier; and
      
      transmitting, from the server, a message including the second numeric representation for the credential to the second client device.
  - 4. The non-transitory computer-readable storage medium of claim 3, wherein the operations further comprise:
    - at the server, receiving a second validation request from the processing system associated with the credential authority, wherein the second validation request comprises a second value;
      
      before the second time, accessing, at the server, the second numeric representation for the credential using the second value; and
      
      at the server, responsive to determining that the second value from the second validation request matches the second numeric representation for the credential, transmitting to the processing system a second validation response indicating that the credential is associated with the second user.
  - 5. The non-transitory computer-readable storage medium of claim 3, wherein the operations further comprise:
    - storing, at the server, the first numeric representation for the credential in a memory; and
      
      wherein generating, at the server, a second numeric representation for the credential comprises;
      
      generating, at the server, a candidate numeric representation for the credential;
      
      determining, at the server, that the candidate numeric representation for the credential matches the first numeric representation for the credential stored in the memory; and
      
      generating another numeric representation for the credential.
  - 6. The non-transitory computer-readable storage medium of claim 5, wherein the operations further comprise removing one or more numeric representations from the memory based on an age of the one or more numeric representations.
  - 7. The non-transitory computer-readable storage medium of claim 1, wherein transmitting, from the server, the message including the first numeric representation for the credential to the first client device comprises transmitting via short message service (SMS), from the server, the message including the first numeric representation for the credential to the first client device.
  - 8. The non-transitory computer-readable storage medium of claim 1, wherein receiving the first validation request from the processing system associated with the credential authority comprises receiving the first validation request via short message service (SMS) from the processing system associated with the credential authority.
  - 9. The non-transitory computer-readable storage medium of claim 1, wherein the operations further comprise:
    - responsive to determining that the first value from the first validation request matches the first numeric representation for the credential,obtaining, at the server, an image of the first user; and
      
      transmitting, from the server to the processing system, the image of the first user.
  - 10. The non-transitory computer-readable storage medium of claim 9, wherein obtaining the image of the first user comprises:
    - querying another server via a network connection; and
      
      receiving, from the other server over the network connection, the image of the user.
  - 11. The non-transitory computer-readable storage medium of claim 1, wherein the first numeric representation for the credential is a sequence of digits comprising between four to twenty-four integers.
  - 12. The non-transitory computer-readable storage medium of claim 1, wherein associating, at the server, the first numeric representation for the credential with the credential identifier and the first user identifier comprises mapping, at the server, the first numeric representation for the credential to the credential identifier and the first user identifier in a table.
  - 13. The non-transitory computer-readable storage medium of claim 1, wherein responsive to determining that the first value from the first validation request matches the first numeric representation for the credential, transmitting to the processing system, a first validation response comprises:
    - determining that the first numeric representation for the credential is not expired; and
      
      in response to determining that the first numeric representation for the credential is not expired, transmitting the first validation response to the processing system.

14. A method comprising:
- at a server, receiving a request from a first client device for a numeric representation for a credential, the request comprising (i) a credential identifier that identifies the credential and (ii) a first user identifier that identifies a first user and is associated with the credential identifier;
  
  responsive to the request from the first client device;
  
  generating, at the server, a first numeric representation for the credential, wherein the first numeric representation for the credential expires at a first time;
  
  associating, at the server, the first numeric representation for the credential with the credential identifier and the first user identifier; and
  
  transmitting, from the server, a message including the first numeric representation for the credential to the first client device;
  
  at the server, receiving a first validation request from a processing system associated with a credential authority, wherein the first validation request comprises a first value;
  
  before the first time, accessing, at the server, the first numeric representation for the credential using the first value; and
  
  at the server, responsive to determining that the first value from the first validation request matches the first numeric representation for the credential, transmitting to the processing system, a first validation response indicating that the credential is associated with the first user.
- View Dependent Claims (15, 16, 17)
- - 15. The method of claim 14, wherein generating a first numeric representation for the credential comprises generating a random number that is based on a seed value obtained from a clock at the server and that is between four to twenty-four integers.
  - 16. The method of claim 14, further comprising:
    - at the server, receiving a second request from a second client device for a numeric representation for the credential, the second request comprising (i) the credential identifier that identifies the credential and (ii) a second user identifier that identifies a second user and is associated with the credential identifier;
      
      responsive to the second request from the second client device;
      
      generating, at the server, a second numeric representation for the credential, wherein the second numeric representation for the credential expires at a second time;
      
      associating, at the server, the second numeric representation for the credential with the credential identifier and the second user identifier; and
      
      transmitting, from the server, a message including the second numeric representation for the credential to the second client device.
  - 17. The method of claim 16, further comprising:
    - storing, at the server, the first numeric representation for the credential in a memory; and
      
      wherein generating, at the server, a second numeric representation for the credential comprises;
      
      generating, at the server, a candidate numeric representation for the credential;
      
      determining, at the server, that the candidate numeric representation for the credential matches the first numeric representation for the credential stored in the memory; and
      
      generating another numeric representation for the credential.

18. A system comprising:
- a server comprising one or more computers and one or more computer-readable storage media storing instructions that are operable and when executed by the one or more computers, cause the one or more computers to perform operations comprising;
  
  at the server, receiving a request from a first client device for a numeric representation for a credential, the request comprising (i) a credential identifier that identifies the credential and (ii) a first user identifier that identifies a first user and is associated with the credential identifier;
  
  responsive to the request from the first client device;
  
  generating, at the server, a first numeric representation for the credential, wherein the first numeric representation for the credential expires at a first time;
  
  associating, at the server, the first numeric representation for the credential with the credential identifier and the first user identifier; and
  
  transmitting, from the server, a message including the first numeric representation for the credential to the first client device;
  
  at the server, receiving a first validation request from a processing system associated with a credential authority, wherein the first validation request comprises a first value;
  
  before the first time, accessing, at the server, the first numeric representation for the credential using the first value; and
  
  at the server, responsive to determining that the first value from the first validation request matches the first numeric representation for the credential, transmitting to the processing system, a first validation response indicating that the credential is associated with the first user.
- View Dependent Claims (19, 20)
- - 19. The system of claim 18, wherein the operations further comprise:
    - at the server, receiving a second request from a second client device for a numeric representation for the credential, the second request comprising (i) the credential identifier that identifies the credential and (ii) a second user identifier that identifies a second user and is associated with the credential identifier;
      
      responsive to the second request from the second client device;
      
      generating, at the server, a second numeric representation for the credential, wherein the second numeric representation for the credential expires at a second time;
      
      associating, at the server, the second numeric representation for the credential with the credential identifier and the second user identifier; and
      
      transmitting, from the server, a message including the second numeric representation for the credential to the second client device.
  - 20. The system of claim 19, wherein the operations further comprise:
    - storing, at the server, the first numeric representation for the credential in a memory; and
      
      wherein generating, at the server, a second numeric representation for the credential comprises;
      
      generating, at the server, a candidate numeric representation for the credential;
      
      determining, at the server, that the candidate numeric representation for the credential matches the first numeric representation for the credential stored in the memory; and
      
      generating another numeric representation for the credential.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microstrategy Incorporated
Original Assignee
Microstrategy Incorporated
Inventors
Saylor, Michael J., Chen, Gang, Vazquez, Hector
Primary Examiner(s)
Goodchild, William

Application Number

US14/702,315
Time in Patent Office

914 Days
Field of Search

726 5
US Class Current
CPC Class Codes

G06F 16/58   Retrieval characterised by ...

G06F 16/5854   using shape and object rela...

G06F 21/31   User authentication

G06F 21/36   by graphic or iconic repres...

G06F 21/46   by designing passwords or c...

G06K 7/10544   by scanning of the records ...

G10L 17/00   Speaker identification or v...

G10L 17/24   the user being prompted to ...

H04L 63/08   for authentication of entit...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04L 63/0876   based on the identity of th...

H04L 63/10   for controlling access to d...

H04L 63/102   Entity profiles

H04L 67/10   in which an application is ...

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/77   Graphical identity

H04W 4/12   Messaging; Mailboxes; Annou...

User credentials

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

User credentials

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links