Providing multi-factor authentication credentials via device notifications

US 10,841,297 B2
Filed: 06/05/2019
Issued: 11/17/2020
Est. Priority Date: 12/16/2013
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

acquiring, via at least one of one or more computing devices, a shared seed;

associating, via at least one of the one or more computing devices, the shared seed with an application;

generating, via at least one of the one or more computing devices, a one-time password based at least in part on the shared seed;

in response to receiving a request from the application, generating, via at least one of the one or more computing devices, a notification in an operating system notification area of a display;

facilitating, via at least one of the one or more computing devices, an entry of a user approval via the notification by showing the operating system notification area simultaneously with a user interface window of the application while the user interface window has focus, wherein the operating system notification area and the user interface window are configured to substantially fill an entirety of the display while the user interface window has focus; and

in response to receiving the user approval, transferring, via at least one of the one or more computing devices, the one-time password to the application.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are various embodiments for providing multi-factor authentication credentials. In one embodiment, in response to a request from an application, a notification is generated in a notification area of a display. Entry of a user approval is facilitated via the notification. The security credential may be shown in the notification area so that a user may enter it in a form field of the application.

79 Citations

View as Search Results

20 Claims

1. A method, comprising:
- acquiring, via at least one of one or more computing devices, a shared seed;
  
  associating, via at least one of the one or more computing devices, the shared seed with an application;
  
  generating, via at least one of the one or more computing devices, a one-time password based at least in part on the shared seed;
  
  in response to receiving a request from the application, generating, via at least one of the one or more computing devices, a notification in an operating system notification area of a display;
  
  facilitating, via at least one of the one or more computing devices, an entry of a user approval via the notification by showing the operating system notification area simultaneously with a user interface window of the application while the user interface window has focus, wherein the operating system notification area and the user interface window are configured to substantially fill an entirety of the display while the user interface window has focus; and
  
  in response to receiving the user approval, transferring, via at least one of the one or more computing devices, the one-time password to the application.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the request is received from the application via a local uniform resource locator (URL).
  - 3. The method of claim 1, wherein the one-time password is generated further based at least in part on a current time.
  - 4. The method of claim 1, wherein the operating system notification area is rendered as a status bar on the display.
  - 5. The method of claim 1, wherein facilitating the entry of the user approval further comprises verifying a biometric factor.

6. A system, comprising:
- a data store; and
  
  a first computing device in communication with the data store, wherein when executing a first application, the first computing device is configured to at least;
  
  receive a one-time password from a second computing device via a network;
  
  generate a notification in an operating system notification area of a display of the first computing device, the notification comprising the one-time password;
  
  facilitate an entry of the one-time password into the second computing device via the notification rendered on the display by showing the operating system notification area simultaneously with a user interface window of a second application while the user interface window has focus, wherein the operating system notification area and the user interface window are configured to substantially fill an entirety of the display while the user interface window has focus; and
  
  in response to receiving the one-time password, transfer a security credential to the second application via a uniform resource locator (URL), wherein the second application is executed on the first computing device that executes the first application.
- View Dependent Claims (7, 8, 9, 10, 11, 20)
- - 7. The system of claim 6, wherein the one-time password is generated by the second computing device based at least in part on a current time.
  - 8. The system of claim 6, wherein the one-time password is generated by the second computing device based at least in part on a shared seed.
  - 9. The system of claim 8, wherein when executing the first application, the first computing device is configured to at least transmit the shared seed to the second computing device via a wireless data transfer.
  - 10. The system of claim 6, wherein the operating system notification area also shows a battery condition of the first computing device.
  - 11. The system of claim 6, wherein the first computing device is configured to render a single application user interface upon the display at a time.
  - 20. The system of claim 6, wherein the security credential is specific to an account used by the second application.

12. A method, comprising:
- receiving, via at least one of one or more computing devices, a one-time password;
  
  receiving, via at least one of the one or more computing devices, a request for a security credential via a uniform resource locator (URL);
  
  determining, via at least one of the one or more computing devices, the security credential;
  
  causing, via at least one of the one or more computing devices, the security credential to be rendered in a notification area upon a display while a user interface window of an application is also rendered upon the display while the user interface window has focus, wherein the user interface window and the notification area are configured to substantially fill an entirety of the display when the security credential is rendered in the notification area while the user interface window has focus; and
  
  receiving, via at least one of the one or more computing devices, the security credential in the application by way of a form field of the user interface window.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The method of claim 12, wherein the application employs a plurality of authentication factors, and the security credential corresponds to one of the plurality of authentication factors.
  - 14. The method of claim 12, wherein the notification area comprises a notification area widget, and causing the security credential to be rendered in the notification area comprises adding a notification component to the notification area widget.
  - 15. The method of claim 12, wherein the one-time password is received via a network from a server.
  - 16. The method of claim 12, further comprising receiving, via at least one of the one or more computing devices, a request to display the security credential from the application via a second URL.
  - 17. The method of claim 12, wherein the security credential is specific to an account used by the application.
  - 18. The method of claim 12, wherein the notification area is rendered as a status bar on the display.
  - 19. The method of claim 12, wherein the URL is a local URL.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Johansson, Jesper Mikael, Canavor, Darren Ernest, Hitchcock, Daniel Wade, Bhimanaik, Bharath Kumar
Primary Examiner(s)
Shaw, Peter C

Application Number

US16/432,437
Publication Number

US 20190288998A1
Time in Patent Office

531 Days
Field of Search

726 6
US Class Current
CPC Class Codes

H04L 2463/082   applying multi-factor authe...

H04L 63/0281   Proxies

H04L 63/08   for authentication of entit...

H04L 63/0838   using one-time-passwords

Providing multi-factor authentication credentials via device notifications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

79 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Providing multi-factor authentication credentials via device notifications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

79 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others