What technology area does this patent fall under?

Primary CPC classification H04L63/123. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Jul 17 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Third-party authorization of user credentials

US10027680B1 · US · B1

Patent metadata
Field	Value
Publication number	US-10027680-B1
Application number	US-201514853623-A
Country	US
Kind code	B1
Filing date	Sep 14, 2015
Priority date	Mar 14, 2013
Publication date	Jul 17, 2018
Grant date	Jul 17, 2018

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

In one implementation, a client device receives a request from a user to output a representation for a credential of the user. In response to receiving the request from the user to output the representation for the credential of the user, the client device obtains data identifying a third-party having authority to grant the user access to the credential of the user. The client device then obtains a representation of a credential associated with the third-party and validates the representation of the credential associated with the third-party. In response to validating the representation of the credential associated with the third-party, the client device outputs the representation for the credential of the user.

First claim

Opening claim text (preview).

The invention claimed is: 1. One or more non-transitory computer-readable storage media including instructions that, when executed by one or more processors, cause the one or more processors to perform operations comprising: receiving, by a client device associated with a first user, a request to output a first credential representation that represents a particular user credential issued to the first user by a credential grantor; in response to receiving the request to output the first credential representation that represents the particular user credential issued to the first user, obtaining, by the client device, data identifying one or more third parties having authority to grant access to the particular user credential issued to the first user; receiving user input at the client device that indicates a selection of a validation mode from among multiple different validation modes for validating a second credential representation that represents a credential issued to one of the one or more third parties; obtaining, by the client device and according to the selected validation mode, the second credential representation that represents a credential issued to one of the one or more third parties by the credential grantor that issued the particular user credential to the first user, the one or more third parties having authority to grant access to the particular user credential issued to the first user; validating, by the client device, the second credential representation that represents the credential issued to the one of the one or more third parties; and in response to validating the second credential representation that represents the credential issued to the one of the one or more third parties, outputting, by the client device, the first credential representation that represents the particular user credential issued to the first user. 2. The one or more non-transitory computer-readable storage media of claim 1 , wherein receiving, by the client device associated with the first user, the request to output the first credential representation that represents the particular user credential issued to the first user comprises: receiving, from the first user, a selection of the particular user credential issued to the first user from among the plurality of user credentials, two or more of the plurality of user credentials being associated with different credential grantors. 3. The one or more non-transitory computer-readable storage media of claim 1 , wherein the operations further comprise: receiving a selection of the one of the one or more third parties having authority to grant access to the particular user credential issued to the first user, the one or more third parties including users other than the first user and not including the credential grantor, the second credential representation representing a credential issued to one of the users other than the first user; and receiving a request for location information indicative of a location of the one of the one or more third parties having authority to grant access to the particular user credential issued to the first user. 4. The one or more non-transitory computer-readable storage media of claim 1 , wherein the operations further comprise: providing, by the client device, a user interface indicating the different validation modes used to validate different types of credential representations; and wherein validating the second credential comprises determining that the selected validation mode of the client device matches a validation mode of a device associated with the one of the one or more third parties. 5. The one or more non-transitory computer-readable storage media of claim 1 , wherein the validation mode is selected from the group consisting of an alphanumeric validation mode, a quick response (QR) code validation mode, a sound wave validation mode, and a near field communication (NFC) validation mode. 6. The one or more non-transitory computer-readable storage media of claim 1 , wherein validating, by the client device, the second credential representation that represents the credential issued to the one of the one or more third parties comprises: decoding data from the obtained second credential representation that represents the credential issued to one of the one or more third parties to obtain a credential identifier; determining that the obtained credential identifier matches a stored credential identifier corresponding to the second credential issued to one of the one or more third parties; and displaying, on the client device, an indication that the second credential representation that represents the credential issued to the one of the one or more third parties is validated. 7. The one or more non-transitory computer-readable storage media of claim 6 , wherein: the second credential representation that represents the credential issued to one of the one or more third parties is a time-varying credential representation; decoding data from the obtained second credential representation that represents the credential issued to one of the one or more third parties comprises obtaining a time stamp from the decoded second credential representation that represents the credential issued to one of the one or more third parties; and validating the second credential representation that represents the credential issued to the one of the one or more third parties further comprises determining that a time at which the second credential representation that represents the credential issued to the one of the one or more third parties is being validated is within a time period indicated by the time stamp. 8. The one or more non-transitory computer-readable storage media of claim 1 , wherein obtaining, by the client device, the second credential representation that represents the credential issued to the one of the one or more third parties having authority to grant access to the particular user credential issued to the first user comprises obtaining, by the client device associated with the first user from the third party, an alphanumeric code representing the credential issued to the one of the one or more third parties according to the selected validation mode; and wherein validating, by the client device, the second credential representation that represents the credential issued to the one of the one or more third parties comprises: transmitting, from the client device associated with the first user, a validation request to a server, wherein the validation request includes the alphanumeric code; and receiving a validation response from the server, the validation response indicating that the credential issued to the one of the one or more third parties is validated. 9. The one or more non-transitory computer-readable storage media of claim 8 , wherein the operations further comprise: obtaining, by the client device, a time period during which third party authorization is required to access the credential; and wherein, in response to receiving the request to output the first credential representation that represents the particular user credential issued to the first user, obtaining, by the client device, the data identifying the one or more third parties having authority to grant access to the particular user credential issued to the first user comprises: determining that a current time is within the time period; and in response to receiving the request to output the first credential representation that represents the particular user credential issued to the first user and having determined that the current time is within the time period, obtaining, by the client device, the data identifying the one or more third parties having authority to grant access to the p

Assignees

Microstrategy Inc

Inventors

Saylor Michael J

Classifications

H04L63/08
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
H04L63/123Primary
received data contents, e.g. message integrity · CPC title
H04L9/3228
One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key · CPC title
H04L9/321Primary
involving a third party or a trusted authority · CPC title

Patent family

Related publications grouped by family.

View patent family 54203918

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10027680B1 cover?: In one implementation, a client device receives a request from a user to output a representation for a credential of the user. In response to receiving the request from the user to output the representation for the credential of the user, the client device obtains data identifying a third-party having authority to grant the user access to the credential of the user. The client device then obtai…
Who is the assignee on this patent?: Microstrategy Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/123. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Jul 17 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).