Evaluating Customer Security Preferences
US-2016117507-A1 · Apr 28, 2016 · US
Preventing unauthorized access to secured information systems using multi-device authentication techniques
US10091194B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10091194-B2 |
| Application number | US-201615152849-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 12, 2016 |
| Priority date | May 12, 2016 |
| Publication date | Oct 2, 2018 |
| Grant date | Oct 2, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A computing platform may receive, from a client portal server, a request to authenticate a first user to a first user account. The computing platform may generate a first one-time passcode for a first computing device associated with the first user account and may send, to the first computing device, the first one-time passcode. The computing platform also may generate a second one-time passcode for a second computing device associated with the first user account and may send, to the second computing device, the second one-time passcode. Thereafter, the computing platform may receive first one-time passcode input and second one-time passcode input, which the computing platform may validate. Based on the validating, the computing platform may generate a validation message directing the client portal server to provide the first user with access to the first user account, which the computing platform may send to the client portal server.
First claim
Opening claim text (preview).
What is claimed is: 1. A computing platform, comprising: at least one processor; a communication interface communicatively coupled to the at least one processor; and memory storing computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: store first device registration information linking a first computing device and a second computing device to a first user account associated with a client portal provided by a client portal server, wherein the second computing device is different from the first computing device; receive, via the communication interface, and from the client portal server, a request to authenticate a first user to the first user account associated with the client portal provided by the client portal server; based on receiving the request to authenticate the first user to the first user account, evaluate authentication state information associated with the first user account; select a multi-device authentication technique for authenticating the first user to the first user account based on evaluating the authentication state information associated with the first user account; based on selecting the multi-device authentication technique for authenticating the first user to the first user account, generate a first one-time passcode for the first computing device associated with the first user account; send, via the communication interface, to the first computing device associated with the first user account, the first one-time passcode generated for the first computing device associated with the first user account; based on selecting the multi-device authentication technique for authenticating the first user to the first user account, generate a second one-time passcode for the second computing device associated with the first user account, wherein the second one-time passcode generated for the second computing device associated with the first user account is different from the first one-time passcode generated for the first computing device associated with the first user account; send, via the communication interface, to the second computing device associated with the first user account, the second one-time passcode generated for the second computing device associated with the first user account; receive, via the communication interface, from the client portal server, first one-time passcode input; validate the first one-time passcode input based on the first one-time passcode generated for the first computing device associated with the first user account; receive, via the communication interface, from the client portal server, second one-time passcode input; validate the second one-time passcode input based on the second one-time passcode generated for the second computing device associated with the first user account; based on validating the first one-time passcode input and the second one-time passcode input, generate a first validation message directing the client portal server to provide the first user with access to the first user account; and send, via the communication interface, to the client portal server, the first validation message directing the client portal server to provide the first user with access to the first user account. 2. The computing platform of claim 1 , wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: prior to receiving the request to authenticate the first user to the first user account: receive, via the communication interface, from the client portal server, first authentication preferences information for the first user account; and store the first authentication preferences information for the first user account received from the client portal server. 3. The computing platform of claim 2 , wherein the first authentication preferences information for the first user account comprises selection information directing the computing platform to use the multi-device authentication technique when processing authentication requests for the first user account. 4. The computing platform of claim 1 , wherein evaluating the authentication state information associated with the first user account comprises evaluating a current time of day. 5. The computing platform of claim 1 , wherein evaluating the authentication state information associated with the first user account comprises evaluating location information. 6. The computing platform of claim 1 , wherein evaluating the authentication state information associated with the first user account comprises evaluating authentication history information associated with the first user account. 7. The computing platform of claim 1 , wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: receive, via the communication interface, and from the client portal server, a request to authenticate a second user to a second user account associated with the client portal provided by the client portal server; based on receiving the request to authenticate the second user to the second user account, generate a third one-time passcode for a third computing device associated with the second user account; send, via the communication interface, to the third computing device associated with the second user account, the third one-time passcode generated for the third computing device associated with the second user account; based on receiving the request to authenticate the second user to the second user account, generate a fourth one-time passcode for a fourth computing device associated with the second user account; send, via the communication interface, to the fourth computing device associated with the second user account, the fourth one-time passcode generated for the fourth computing device associated with the second user account; receive, via the communication interface, from the client portal server, third one-time passcode input; validate the third one-time passcode input based on the third one-time passcode generated for the third computing device associated with the second user account; receive, via the communication interface, from the client portal server, fourth one-time passcode input; validate the fourth one-time passcode input based on the fourth one-time passcode generated for the fourth computing device associated with the second user account; based on validating the third one-time passcode input and the fourth one-time passcode input, generate a second validation message directing the client portal server to provide the second user with access to the second user account; and send, via the communication interface, to the client portal server, the second validation message directing the client portal server to provide the second user with access to the second user account. 8. The computing platform of claim 7 , wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: prior to receiving the request to authenticate the second user to the second user account, store second device registration information linking the third computing device and the fourth computing device to the second user account. 9. The computing platform of claim 7 , wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to: prior to receiving the request to authenticate the second user to the second user account: receive, via the communication interface, from the client portal server, second authentication preferences infor
Assignees
Inventors
Classifications
- H04L63/0838Primary
using one-time-passwords · CPC title
involving the use of external additional devices, e.g. dongles or smart cards · CPC title
using separate channels for security data · CPC title
using time-dependent-passwords, e.g. periodically changing passwords · CPC title
using an additional device, e.g. smartcard, SIM or a different communication terminal (cryptographic mechanisms or cryptographic arrangements for entity authentication involving additional secure or trusted devices H04L9/3234) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10091194B2 cover?
- A computing platform may receive, from a client portal server, a request to authenticate a first user to a first user account. The computing platform may generate a first one-time passcode for a first computing device associated with the first user account and may send, to the first computing device, the first one-time passcode. The computing platform also may generate a second one-time passcod…
- Who is the assignee on this patent?
- Bank Of America
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0838. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Oct 02 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).