Authentication Using Device ID

US 20150310194A1
Filed: 04/29/2014
Published: 10/29/2015
Est. Priority Date: 04/29/2014
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving, at an authentication server, an authentication request, wherein the authentication request comprises device attributes;

generating, at the authentication server, a device ID using the device attributes;

creating, at the authentication server, an authentication token, wherein the authentication token is signed with the device ID;

transmitting, at the authentication server, the authentication token;

receiving, at the authentication server, a request to access protected resources, wherein the request comprises the authentication token and device attributes;

generating, at the authentication server, a comparison device ID based on the device attributes included in the request to access protected resources;

decrypting, at the authentication server, the authentication token;

retrieving, at the authentication server, the device ID generated from the decrypted authentication token;

validating, at the authentication server, the authentication token, wherein the validating comprises determining whether the device ID matches the comparison device ID; and

outputting, at the authentication server, a response.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for authenticating a customer is disclosed. The customer may attempt to access protected resources located at an authentication server. The customer may log in to the authentication server'"'"'s website, thereby submitting an authentication request. The authentication request may comprise attributes of the device the customer uses to log in. The authentication server may generate a device ID using the received device attributes and generate an authentication token that is signed with the device ID. The authentication server may transmit the authentication token to the client device. Subsequent requests to access protected resources from the client device may include the authentication token that is signed with the device ID.

43 Citations

View as Search Results

20 Claims

1. A method, comprising:
- receiving, at an authentication server, an authentication request, wherein the authentication request comprises device attributes;
  
  generating, at the authentication server, a device ID using the device attributes;
  
  creating, at the authentication server, an authentication token, wherein the authentication token is signed with the device ID;
  
  transmitting, at the authentication server, the authentication token;
  
  receiving, at the authentication server, a request to access protected resources, wherein the request comprises the authentication token and device attributes;
  
  generating, at the authentication server, a comparison device ID based on the device attributes included in the request to access protected resources;
  
  decrypting, at the authentication server, the authentication token;
  
  retrieving, at the authentication server, the device ID generated from the decrypted authentication token;
  
  validating, at the authentication server, the authentication token, wherein the validating comprises determining whether the device ID matches the comparison device ID; and
  
  outputting, at the authentication server, a response.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the response comprises the protected resources if the device ID matches the comparison device ID.
  - 3. The method of claim 1, wherein the response comprises an authentication landing page if the device ID does not match the comparison device ID.
  - 4. The method of claim 1, wherein the device attributes are received using a client-side SDK.
  - 5. The method of claim 1, wherein the device attributes are received using a script.
  - 6. The method of claim 1, wherein the device attributes comprise at least one of a device operating system, a device type, and a device serial number.
  - 7. The method of claim 1, wherein the authentication request comprises a username and password.

8. A non-transitory computer-readable storage medium having computer-executable program instructions stored thereon that, when executed by a processor, cause the processor to:
- receive an authentication request, wherein the authentication request comprises device attributes;
  
  generate a device ID using the device attributes;
  
  create an authentication token, wherein the authentication token is signed with the device ID;
  
  transmit the authentication token;
  
  receive a request to access protected resources, wherein the request comprises the authentication token and device attributes;
  
  generate a comparison device ID based on the device attributes included in the request to access protected resources;
  
  decrypt the authentication token;
  
  retrieve the device ID generated from the decrypted authentication token;
  
  validate the authentication token, wherein the validating comprises determining whether the device ID matches the comparison device ID; and
  
  output a response.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The non-transitory computer-readable storage medium of claim 8, wherein the response comprises the protected resources if the device ID matches the comparison device ID.
  - 10. The transitory computer-readable storage medium of claim 8, wherein the response comprises an authentication landing page if the device ID does not match the comparison device ID.
  - 11. The transitory computer-readable storage medium of claim 8, wherein the device attributes are received using a client-side SDK.
  - 12. The transitory computer-readable storage medium of claim 8, wherein the device attributes are received using a script.
  - 13. The transitory computer-readable storage medium of claim 8, wherein the device attributes comprise at least one of a device operating system, a device type, and a device serial number.

14. An apparatus comprising:
- a memory;
  
  a processor, wherein the processor executes computer-executable program instructions which cause the processor to;
  
  receive an authentication request, wherein the authentication request comprises device attributes;
  
  generate a device ID using the device attributes;
  
  create an authentication token, wherein the authentication token is signed with the device ID;
  
  transmit the authentication token;
  
  receive a request to access protected resources, wherein the request comprises the authentication token and device attributes;
  
  generate a comparison device ID based on the device attributes included in the request to access protected resources;
  
  decrypt the authentication token;
  
  retrieve the device ID generated from the decrypted authentication token;
  
  validate the authentication token, wherein the validating comprises determining whether the device ID matches the comparison device ID; and
  
  output a response.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The apparatus of claim 14, wherein the response comprises the protected resources if the device ID matches the comparison device ID.
  - 16. The apparatus of claim 14, wherein the response comprises an authentication landing page if the device ID does not match the comparison device ID.
  - 17. The apparatus of claim 14, wherein the device attributes are received using a client-side SDK.
  - 18. The apparatus of claim 14, wherein the device attributes are received using a script.
  - 19. The apparatus of claim 14, wherein the device attributes comprise at least one of a device operating system, a device type, and a device serial number.
  - 20. The apparatus of claim 14, wherein the authentication request comprises a username and password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Zhang, Xianhong, Keys, Andrew, Pruthi, Kapil

Granted Patent

US 9,378,345 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/33   using certificates

G06F 21/44   Program or device authentic...

H04L 63/10   for controlling access to d...

Authentication Using Device ID

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

43 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication Using Device ID

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

43 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links