Sight codes for website authentication
First Claim
1. A computer-implemented method comprising:
- receiving, from a server that provides a web page to a client device, a request to start, for a user, a new authenticated session of the web page on the client device, the request including data identifying the user;
in response to receiving the request, generating an optical machine-readable code and a security image for the new authenticated session;
transmitting, to the server that provides the web page, (i) the security image, (ii) the optical machine-readable code, and (iii) instructions for the server to provide the security image and the optical machine-readable code for simultaneous display at the client device;
transmitting, to a mobile device that is associated with the user and is different from the client device, the security image and instructions to provide the security image for display, on the mobile device, while the security image and the optical machine-readable code are simultaneously displayed at the client device;
receiving, from the mobile device, extracted data that the mobile device extracted from the optical machine-readable code in response to the mobile device optically detecting the optical machine-readable code using a camera of the mobile device;
in response to receiving the extracted data that the mobile device extracted from the optical machine-readable code, verifying an identity of the user based on a comparison of the extracted data and data corresponding to the optical machine-readable code transmitted to the server that provides the web page; and
in response to verifying the identity of the user based on the comparison, transmitting, to the server that provides the web page, data indicating the verified identity of the user and a session identifier for the new authenticated session.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for site codes for website authentication are disclosed. In one aspect, a method includes receiving, a request to start a new authenticated session of the web page on the client device. The method includes generating an optical machine-readable code and a security image. The method includes transmitting (i) the security image, (ii) the optical machine-readable code, and (iii) instructions for the server to provide the security image and the optical machine-readable code for simultaneous display. The method includes receiving extracted data that the mobile device extracted from the optical machine-readable code in response to the mobile device optically detecting the optical machine-readable code using a camera of the mobile device. The method includes verifying an identity of the user based on a comparison of the extracted data and data corresponding to the optical machine-readable code.
-
Citations
20 Claims
-
1. A computer-implemented method comprising:
-
receiving, from a server that provides a web page to a client device, a request to start, for a user, a new authenticated session of the web page on the client device, the request including data identifying the user; in response to receiving the request, generating an optical machine-readable code and a security image for the new authenticated session; transmitting, to the server that provides the web page, (i) the security image, (ii) the optical machine-readable code, and (iii) instructions for the server to provide the security image and the optical machine-readable code for simultaneous display at the client device; transmitting, to a mobile device that is associated with the user and is different from the client device, the security image and instructions to provide the security image for display, on the mobile device, while the security image and the optical machine-readable code are simultaneously displayed at the client device; receiving, from the mobile device, extracted data that the mobile device extracted from the optical machine-readable code in response to the mobile device optically detecting the optical machine-readable code using a camera of the mobile device; in response to receiving the extracted data that the mobile device extracted from the optical machine-readable code, verifying an identity of the user based on a comparison of the extracted data and data corresponding to the optical machine-readable code transmitted to the server that provides the web page; and in response to verifying the identity of the user based on the comparison, transmitting, to the server that provides the web page, data indicating the verified identity of the user and a session identifier for the new authenticated session. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system comprising:
one or more computers and one or more storage devices storing instructions that are operable, when executed by the one or more computers, to cause the one or more computers to perform operations comprising; receiving, from a server that provides a web page to a client device, a request to start, for a user, a new authenticated session of the web page on the client device, the request including data identifying the user; in response to receiving the request, generating an optical machine-readable code and a security image for the new authenticated session; transmitting, to the server that provides the web page, (i) the security image, (ii) the optical machine-readable code, and (iii) instructions for the server to provide the security image and the optical machine-readable code for simultaneous display at the client device; transmitting, to a mobile device that is associated with the user and is different from the client device, the security image and instructions to provide the security image for display, on the mobile device, while the security image and the optical machine-readable code are simultaneously displayed at the client device; receiving, from the mobile device, extracted data that the mobile device extracted from the optical machine-readable code in response to the mobile device optically detecting the optical machine-readable code using a camera of the mobile device; in response to receiving the extracted data that the mobile device extracted from the optical machine-readable code, verifying an identity of the user based on a comparison of the extracted data and data corresponding to the optical machine-readable code transmitted to the server that provides the web page; and in response to verifying the identity of the user based on the comparison, transmitting, to the server that provides the web page, data indicating the verified identity of the user and a session identifier for the new authenticated session. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
19. A non-transitory computer-readable medium storing software comprising instructions executable by one or more computers which, upon such execution, cause the one or more computers to perform operations comprising:
-
receiving, from a server that provides a web page to a client device, a request to start, for a user, a new authenticated session of the web page on the client device, the request including data identifying the user; in response to receiving the request, generating an optical machine-readable code and a security image for the new authenticated session; transmitting, to the server that provides the web page, (i) the security image, (ii) the optical machine-readable code, and (iii) instructions for the server to provide the security image and the optical machine-readable code for simultaneous display at the client device; transmitting, to a mobile device that is associated with the user and is different from the client device, the security image and instructions to provide the security image for display, on the mobile device, while the security image and the optical machine-readable code are simultaneously displayed at the client device; receiving, from the mobile device, extracted data that the mobile device extracted from the optical machine-readable code in response to the mobile device optically detecting the optical machine-readable code using a camera of the mobile device; in response to receiving the extracted data that the mobile device extracted from the optical machine-readable code, verifying an identity of the user based on a comparison of the extracted data and data corresponding to the optical machine-readable code transmitted to the server that provides the web page; and in response to verifying the identity of the user based on the comparison, transmitting, to the server that provides the web page, data indicating the verified identity of the user and a session identifier for the new authenticated session. - View Dependent Claims (20)
-
Specification