System and method for converting one-time passcodes to app-based authentication
First Claim
Patent Images
1. A method comprising:
- detecting, in response to a user access attempt on a first electronic device, a one-time passcode authentication event;
wherein detecting the event comprises detecting web content referencing a one-time passcode using a browser extension operating on the first electronic device;
wherein detecting the event further comprises detecting an identity of an outside service for which access is attempted;
identifying, using the outside service identity and a user identity, a second electronic device as an authenticating device;
wherein the user identity is associated with the browser extension;
transmitting a notification of the one-time password authentication event from the first electronic device to the authenticating device;
wherein the notification comprises OTP retrieval information, wherein;
transmitting, via one or more networks, the notification of the one-time password authentication event from the first electronic device to the authenticating device comprises transmitting, via the one or more networks, the notification from the first electronic device to a cloud relay and transmitting, via the one or more networks, the notification from the cloud relay to the authenticating device, wherein transmitting the one-time passcode from the authenticating device to the browser extension comprises transmitting the one-time passcode from the authenticating device to the cloud relay and transmitting, via the one or more networks, the one-time passcode from the cloud relay to the first electronic device, wherein identifying the second electronic device as the authenticating device comprises identifying the second electronic device at the cloud relay using a database accessible to the cloud relay;
retrieving, in response to the notification and according to the OTP retrieval information, a one-time passcode from the authenticating device;
requesting user approval input on the authenticating device;
transmitting the one-time passcode from the authenticating device to the browser extension operating on the first electronic device only after receiving the user approval input, wherein receiving the user approval input comprises;
displaying an approval interface on a display of the authenticating device, wherein the approval interface comprises information pertaining to the outside service identity and a selectable approval input indicator; and
detecting user selection of the selectable approval input indicator;
retrieving a set of stored primary credentials, the set associated with the user identity and the outside service identity;
transmitting the set of stored primary credentials to the browser extension; and
populating, using the browser extension, a one-time passcode entry form with the one-time passcode and at least one primary credential field with the set of stored primary credentials.
3 Assignments
0 Petitions
Accused Products
Abstract
A method comprising includes detecting, in response to a user access attempt on an electronic access device, a one-time passcode authentication event; receiving, at an electronic authenticating device, notification of the one-time passcode authentication event; retrieving, in response to the notification, a one-time passcode from the authenticating device; transmitting the one-time passcode from the authenticating device to a facilitator software instance operating on the access device; and enabling population, using the facilitator software instance, of a one-time passcode entry form with the one-time passcode.
193 Citations
17 Claims
-
1. A method comprising:
-
detecting, in response to a user access attempt on a first electronic device, a one-time passcode authentication event;
wherein detecting the event comprises detecting web content referencing a one-time passcode using a browser extension operating on the first electronic device;
wherein detecting the event further comprises detecting an identity of an outside service for which access is attempted;identifying, using the outside service identity and a user identity, a second electronic device as an authenticating device;
wherein the user identity is associated with the browser extension;transmitting a notification of the one-time password authentication event from the first electronic device to the authenticating device;
wherein the notification comprises OTP retrieval information, wherein;transmitting, via one or more networks, the notification of the one-time password authentication event from the first electronic device to the authenticating device comprises transmitting, via the one or more networks, the notification from the first electronic device to a cloud relay and transmitting, via the one or more networks, the notification from the cloud relay to the authenticating device, wherein transmitting the one-time passcode from the authenticating device to the browser extension comprises transmitting the one-time passcode from the authenticating device to the cloud relay and transmitting, via the one or more networks, the one-time passcode from the cloud relay to the first electronic device, wherein identifying the second electronic device as the authenticating device comprises identifying the second electronic device at the cloud relay using a database accessible to the cloud relay; retrieving, in response to the notification and according to the OTP retrieval information, a one-time passcode from the authenticating device; requesting user approval input on the authenticating device; transmitting the one-time passcode from the authenticating device to the browser extension operating on the first electronic device only after receiving the user approval input, wherein receiving the user approval input comprises; displaying an approval interface on a display of the authenticating device, wherein the approval interface comprises information pertaining to the outside service identity and a selectable approval input indicator; and detecting user selection of the selectable approval input indicator; retrieving a set of stored primary credentials, the set associated with the user identity and the outside service identity; transmitting the set of stored primary credentials to the browser extension; and populating, using the browser extension, a one-time passcode entry form with the one-time passcode and at least one primary credential field with the set of stored primary credentials. - View Dependent Claims (2)
-
-
3. A method comprising:
-
detecting, in response to a user access attempt on an electronic access device, a one-time passcode authentication event; transmitting, via one or more networks, a notification of the one-time password authentication event from the electronic access device to an authenticating device, wherein the transmitting comprises transmitting, via the one or more networks, the notification from the electronic access device to a cloud relay and transmitting, via the one or more networks, the notification from the cloud relay to the authenticating device, wherein transmitting the one-time passcode from the authenticating device to a facilitator software instance comprises transmitting the one-time passcode from the authenticating device to the cloud relay and transmitting, via the one or more networks, the one-time passcode from the cloud relay to the electronic access device, wherein identifying the authenticating device comprises identifying the authentication device at the cloud relay using a database accessible to the cloud relay; receiving, at the authenticating device, the notification of the one-time passcode authentication event; retrieving, in response to the notification, the one-time passcode from the authenticating device; requesting user approval input on the authenticating device; transmitting the one-time passcode from the authenticating device to the facilitator software instance operating on the electronic access device only after receiving user approval input, wherein receiving user approval input comprises; displaying an approval interface on a display of the authenticating device, wherein the approval interface comprises information pertaining to the outside service identity and a selectable approval input indicator; and detecting user selection of the selectable approval input indicator; retrieving a set of stored primary credentials, the set associated with the user identity and the outside service identity; transmitting the set of stored primary credentials to the facilitator software instance; and enabling population, using the facilitator software instance, of a one-time passcode entry form with the one-time passcode and at least one primary credential field with the set of stored primary credentials. - View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. The method of claim 7, wherein enabling population comprises storing the one-time passcode in a copy-paste clipboard of the electronic access device.
-
16. The method of claim 7, wherein enabling population comprises prompting a user of the electronic access device to select a field for OTP entry and in response to the selection of the field by the user, filling the field with the one-time passcode.
-
17. The method of claim 7, wherein enabling population comprises enabling population only after a user of the electronic access device has authenticated with the facilitator software instance.
Specification