Electronic authentication of an account in an unsecure environment

US 9,984,217 B2
Filed: 02/19/2016
Issued: 05/29/2018
Est. Priority Date: 02/19/2016
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a non-transitory memory; and

one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising;

providing an active password associated with a user account stored in a database of a server, the active password being a first password, and when inputted by the user, gives the user access to the user account;

receiving, via a network connection, the active password from a computing device to give the user access to the user account;

determining that the network connection is unsecure;

responsive to the determining, causing an emergency mode actuator to be presented to the user; and

upon receiving a selection of the emergency mode actuator, deactivating the first password and setting a second password, stored in the database of the server as an inactive password associated with the user account, as the active password without requiring the user to input the second password when setting the second password as the active password.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are provided for accessing a user account by a user with a first password, and then changing the first password to a second password in response to a request from the user without compromising the second password. The system may include a database in a server storing the first password and the second password. The server may provide the user access to the user account over a network connection in response to receiving the first password from the user. In response to the server receiving a request by the user, the server may disable the first password and activate the second password without requiring the user to provide the second password over the network connection at the time of the request.

20 Citations

View as Search Results

20 Claims

1. A system, comprising:
- a non-transitory memory; and
  
  one or more hardware processors coupled to the non-transitory memory and configured to read instructions from the non-transitory memory to cause the system to perform operations comprising;
  
  providing an active password associated with a user account stored in a database of a server, the active password being a first password, and when inputted by the user, gives the user access to the user account;
  
  receiving, via a network connection, the active password from a computing device to give the user access to the user account;
  
  determining that the network connection is unsecure;
  
  responsive to the determining, causing an emergency mode actuator to be presented to the user; and
  
  upon receiving a selection of the emergency mode actuator, deactivating the first password and setting a second password, stored in the database of the server as an inactive password associated with the user account, as the active password without requiring the user to input the second password when setting the second password as the active password.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1, further comprising a user interface comprising the emergency mode actuator, wherein the user initiates the deactivating of the first password and the setting of the second password as the active password by actuating the emergency mode actuator.
  - 3. The system of claim 2, further comprising a location determining device, wherein the operations further comprise displaying the emergency mode actuator in response to indication by the location determining device that the user is in a first type of environment.
  - 4. The system of claim 2, further comprising a proximity sensor, wherein the operations further comprise displaying the emergency mode actuator in response to indication by the proximity sensor that one or more other people are within a first distance to the user.
  - 5. The system of claim 2, wherein the user interface is a mobile app on a mobile device or a web browser on a computer.
  - 6. The system of claim 1, wherein the second password is created by the user at a different point in time.
  - 7. The system of claim 1, wherein the user account is an account associated with a payment service provider.
  - 8. The system of claim 1, wherein the deactivating the first password and the setting the second password as the active password are performed concurrently.

9. A method for providing account access in an unsecure environment, the method comprising:
- providing to a user, access to a user account over a network connection, in response to a server receiving a first password provided by the user over the network connection, wherein the first password is associated with the user account in a database of the server and is an active password such that when inputted by the user from a user interface, the server provides access to the user account;
  
  determining, by the server, that the network connection is unsecure;
  
  responsive to the determining, causing an emergency mode actuator to be presented to the user; and
  
  disabling by the server, the first password, and setting by the server, a second password, associated with the user account and stored the database of the server as an inactive password, as the active password, in response to the server receiving a selection of the emergency mode actuator by the user over the network connection without requiring the user to provide the second password over the network connection at a time of the selection.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The method of claim 9, wherein the second password is created by the user from a secure environment before providing access to the user account in the unsecure environment.
  - 11. The method of claim 9, wherein the second password is a computer generated password generated by a hardware processor coupled to a non-transitory memory of the server.
  - 12. The method of claim 11, wherein the computer generated password is generated after the selection by the user.
  - 13. The method of claim 11, wherein the computer generated password is generated when the user account is created.
  - 14. The method of claim 11, further comprising sending the computer generated password to the user via an email or an SMS test message, in response to the selection by the user.
  - 15. The method of claim 14, further comprising sending a first portion of the computer generated password to the user via email and sending a second portion of the computer generated password to the user via SMS.

16. A non-transitory machine-readable medium having stored thereon machine-readable instructions executable to cause a machine to perform operations comprising:
- providing to a user, access to a user account over a network connection, in response to a server receiving a first password provided by the user over the network connection, wherein the first password is associated with the user account in a database of the server and is an active password such that when inputted by the user from a user interface, the server provides access to the user account;
  
  determining, by the server, that the network connection is unsecure;
  
  responsive to the determining, causing an emergency mode actuator to be presented to the user; and
  
  disabling by the server, the first password, and setting by the server, a second password, associated with the user account and stored the database of the server as an inactive password, as the active password, in response to the server receiving a selection of the emergency mode actuator by the user over the network connection without requiring the user to provide the second password over the network connection at a time of the selection.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The non-transitory machine-readable medium of claim 16, wherein the second password is created by the user from a secure environment before providing access to the user account over the unsecure network connection.
  - 18. The non-transitory machine-readable medium of claim 16, wherein the second password is a computer generated password generated by a hardware processor coupled to a non-transitory memory of the server.
  - 19. The non-transitory machine-readable medium of claim 18, wherein the operations further comprise sending the computer generated password to the user via email or SMS text message, in response to the selection by the user.
  - 20. The non-transitory machine-readable medium of claim 19, wherein the operations further comprise sending a first portion of the computer generated password to the user via email and sending a second portion of the compute generated password to the user via SMS.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.), SAP AG (SAP SE)
Original Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Inventors
Mohamed, Riaz Ebrahim
Primary Examiner(s)
Turchen, James R

Application Number

US15/048,949
Publication Number

US 20170244683A1
Time in Patent Office

830 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

H04L 63/06   for supporting key manageme...

H04L 63/083   using passwords cryptograph...

H04L 63/0838   using one-time-passwords

H04L 63/107   wherein the security polici...

H04L 63/18   using different networks or...

H04L 67/306   User profiles

H04W 4/14   Short messaging services, e...

Electronic authentication of an account in an unsecure environment

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

20 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Electronic authentication of an account in an unsecure environment

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links