Providing multi-factor authentication credentials via device notifications

US 10,362,026 B2
Filed: 07/27/2015
Issued: 07/23/2019
Est. Priority Date: 12/16/2013
Status: Expired due to Fees

First Claim

Patent Images

1. A non-transitory computer-readable medium embodying a first application that, when executed in a computing device, causes the computing device to at least:

capture an image;

acquire a shared seed from the image;

associate the shared seed with a second application executed by the computing device;

generate a one-time password based at least in part on a current time and the shared seed;

in response to receiving a request from the second application via a first local uniform resource locator (URL), generate a notification in an operating system notification window of a display of the computing device;

facilitate entry of a user approval into the computing device via the notification by showing the operating system notification window simultaneously with a user interface window of the second application while the user interface window has focus; and

in response to receiving the user approval, transfer the one-time password to the second application via a second local URL.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are various embodiments for providing multi-factor authentication credentials. In one embodiment, in response to a request from an application, a notification is generated in a notification area of a display. Entry of a user approval is facilitated via the notification. In response to receiving the approval, a security credential is transferred to the application. In another embodiment, the security credential may be shown in the notification area so that a user may enter it in a form field of the application.

80 Citations

View as Search Results

20 Claims

1. A non-transitory computer-readable medium embodying a first application that, when executed in a computing device, causes the computing device to at least:
- capture an image;
  
  acquire a shared seed from the image;
  
  associate the shared seed with a second application executed by the computing device;
  
  generate a one-time password based at least in part on a current time and the shared seed;
  
  in response to receiving a request from the second application via a first local uniform resource locator (URL), generate a notification in an operating system notification window of a display of the computing device;
  
  facilitate entry of a user approval into the computing device via the notification by showing the operating system notification window simultaneously with a user interface window of the second application while the user interface window has focus; and
  
  in response to receiving the user approval, transfer the one-time password to the second application via a second local URL.
- View Dependent Claims (2, 3)
- - 2. The non-transitory computer-readable medium of claim 1, wherein the first local URL includes a first scheme name associated with the first application, and the second local URL includes a second scheme name associated with the second application.
  - 3. The non-transitory computer-readable medium of claim 1, wherein facilitating entry of the user approval comprises verifying a biometric factor.

4. A system, comprising:
- a data store; and
  
  a computing device in communication with the data store, wherein when executing a first application, the computing device is configured to at least;
  
  receive a one-time password from a server via a network, wherein the one-time password is generated by the server based at least in part on a current time and a shared seed and the shared seed is acquired from a captured image;
  
  generate a notification in an operating system notification window of a display of the computing device, the notification comprising the one-time password;
  
  facilitate entry of the one-time password into the computing device via the notification rendered on the display of the computing device by showing the operating system notification window simultaneously with a user interface window of a second application while the user interface window has focus; and
  
  in response to receiving the one-time password, transfer a security credential to the second application via a uniform resource locator (URL), wherein the second application is executed on the computing device that executes the first application.
- View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 5. The system of claim 4, wherein the computing device is further configured to at least generate the notification in response to a request from the second application.
  - 6. The system of claim 4, wherein the computing device is further configured to at least generate the notification in response to a request from a server.
  - 7. The system of claim 4, wherein the computing device is further configured to at least acquire a seed from an image.
  - 8. The system of claim 4, wherein the first application receives a request via a second URL having a first scheme name associated with the first application, and the URL that the security credential is transferred via has a second scheme name associated with the second application.
  - 9. The system of claim 4, wherein the security credential is specific to the second application.
  - 10. The system of claim 4, wherein the second application employs a plurality of authentication factors, and the security credential corresponds to one of the plurality of authentication factors.
  - 11. The system of claim 4, wherein the first computing device is configured to render one application user interface upon the display at a time.
  - 12. The system of claim 4, wherein the security credential is specific to an account used by the second application.
  - 13. The system of claim 4, wherein the computing device is further configured to at least identify the shared seed from a plurality of seeds based at least in part on the second application.
  - 14. The system of claim 7, wherein the computing device is further configured to capture the image, wherein the seed corresponds to the shared seed.

15. A method, comprising:
- receiving, by a first application executed via a computing device, a one-time password from a server via a network, wherein the one-time password is generated by the server based at least in part on a current time and a shared seed and the shared seed is acquired from a captured image;
  
  receiving, by the first application executed via the computing device, a request for a security credential via a uniform resource locator (URL);
  
  determining, by the first application executed via the computing device, the security credential;
  
  causing the security credential to be rendered in a notification area window upon a display of the computing device while a user interface window of a second application executed via the computing device is also rendered upon the display while the user interface window has focus; and
  
  receiving, by the second application executed via the computing device, the security credential by way of a form field of the user interface window.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, further comprising sending by the second application a request to display the security credential to the first application.
  - 17. The method of claim 16, wherein the request to display the security credential is sent via a second URL that includes a scheme name registered to the first application.
  - 18. The method of claim 15, wherein determining the security credential further comprises:
    - identifying the shared seed from a plurality of seeds based at least in part on the second application.
  - 19. The method of claim 15, wherein the user interface window and the notification area window fill an entirety of the display when the security credential is rendered in the notification area window.
  - 20. The method of claim 15, wherein the notification area window comprises a notification area widget, and causing the security credential to be rendered in the notification area window comprises adding a notification component to the notification area widget.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Johansson, Jesper Mikael, Canavor, Darren Ernest, Hitchcock, Daniel Wade, Bhimanaik, Bharath Kumar
Primary Examiner(s)
Shaw, Peter C

Application Number

US14/809,757
Publication Number

US 20160337344A1
Time in Patent Office

1,457 Days
Field of Search

726 5
US Class Current
CPC Class Codes

H04L 2463/082   applying multi-factor authe...

H04L 63/0281   Proxies

H04L 63/08   for authentication of entit...

H04L 63/0838   using one-time-passwords

Providing multi-factor authentication credentials via device notifications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

80 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Providing multi-factor authentication credentials via device notifications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

80 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links