Cross-device access to one-time passwords
US-2020204540-A1 · Jun 25, 2020 · US
Local device authentication system
US12537689B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12537689-B2 |
| Application number | US-202318538911-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 13, 2023 |
| Priority date | Apr 30, 2020 |
| Publication date | Jan 27, 2026 |
| Grant date | Jan 27, 2026 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Various embodiments are generally directed to provide a semi-local authentication scheme. A server can transmit one or more encryption mechanisms to a user device, which in turn can transmit the encrypted mechanisms to one or more secondary devices associated with the user device, where the user device and the secondary devices share a local connection. The secondary devices can transmit the one or more encrypted mechanism utilizing one or more one or more decryption mechanisms supplied by the server, and then transmit the result of the decryption, e.g. decrypted codes, back to the user device, which in turn can then transmit a final decrypted code or codes to the server. Upon confirming receipt of the decryption from the user device, the server can authorize access (via the user device) to one or more devices, networks, applications, and/or components.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method, comprising: transmitting, by a first device via a first network, an authentication credential to a server; receiving, by the first device via the first network, a plurality of encrypted codes from the server based on the authentication credential; transmitting, by the first device via a second network, respective ones of the encrypted codes to respective ones of a plurality of secondary devices; receiving, by the first device via the second network, a respective decrypted code from each of the plurality of the secondary devices; transmitting, by the first device via the first network, the decrypted codes to the server; and permitting, by the first device, access to a computing resource based on the transmission of the decrypted codes to the server. 2 . The method of claim 1 , wherein the transmission of the decrypted codes to the server causes the server to combine the decrypted codes, the method further comprising: receiving, by the first device from the server via the first network, an authorization to permit the access to the computing resource. 3 . The method of claim 1 , wherein the second network comprises one or more of a Bluetooth network, an intranet network, a near field communication (NFC) network, and a mesh network. 4 . The method of claim 1 , wherein at least two of the plurality of encrypted codes include a respective portion of an address associated with the server. 5 . The method of claim 4 , further comprising: combining, by the first device, the portions of the address to generate the address of the server. 6 . The method of claim 5 , wherein the address of the server comprises an internet protocol (IP) address of the server, wherein the decrypted codes are transmitted to the server based on the IP address of the server. 7 . The method of claim 1 , wherein the decrypted codes are received only if the second network exists, wherein the computing resource comprises one or more of: an application, a computing device, or the first network. 8 . A non-transitory computer-readable storage medium, the computer-readable storage medium including instructions that when executed by a processor of a first device, cause the processor to: transmit, via a first network, an authentication credential to a server; receive, via the first network, a plurality of encrypted codes from the server based on the authentication credential; transmit, via a second network, respective ones of the encrypted codes to respective ones of a plurality of secondary devices; receive, via the second network, a respective decrypted code from each of the plurality of the secondary devices; transmit, via the first network, the decrypted codes to the server; and permit access to a computing resource based on the transmission of the decrypted codes to the server. 9 . The computer-readable storage medium of claim 8 , wherein the transmission of the decrypted codes to the server causes the server to combine the decrypted codes, wherein the instructions further cause the processor to: receive, from the server via the first network, an authorization to permit the access to the computing resource. 10 . The computer-readable storage medium of claim 8 , wherein the second network comprises one or more of a Bluetooth network, an intranet network, a near field communication (NFC) network, and a mesh network. 11 . The computer-readable storage medium of claim 8 , wherein at least two of the plurality of encrypted codes include a respective portion of an address associated with the server. 12 . The computer-readable storage medium of claim 11 , wherein the instructions further cause the processor to: combine the portions of the address to generate the address of the server. 13 . The computer-readable storage medium of claim 12 , wherein the address of the server comprises an internet protocol (IP) address of the server, wherein the decrypted codes are transmitted to the server based on the IP address of the server. 14 . The computer-readable storage medium of claim 8 , wherein the decrypted codes are received only if the second network exists, wherein the computing resource comprises one or more of: an application, a computing device, or the first network. 15 . A computing apparatus comprising: a processor; and a memory storing instructions that, when executed by the processor, cause the processor to: transmit, via a first network, an authentication credential to a server; receive, via the first network, a plurality of encrypted codes from the server based on the authentication credential; transmit, via a second network, respective ones of the encrypted codes to respective ones of a plurality of secondary devices; receive, via the second network, a respective decrypted code from each of the plurality of the secondary devices; transmit, via the first network, the decrypted codes to the server; and permit access to a computing resource based on the transmission of the decrypted codes to the server. 16 . The computing apparatus of claim 15 , wherein the transmission of the decrypted codes to the server causes the server to combine the decrypted codes, wherein the instructions further cause the processor to: receive, from the server via the first network, an authorization to permit the access to the computing resource. 17 . The computing apparatus of claim 15 , wherein the second network comprises one or more of a Bluetooth network, an intranet network, a near field communication (NFC) network, and a mesh network. 18 . The computing apparatus of claim 15 , wherein at least two of the plurality of encrypted codes include a respective portion of an address associated with the server. 19 . The computing apparatus of claim 18 , wherein the instructions further cause the processor to: combine the portions of the address to generate the address of the server. 20 . The computing apparatus of claim 19 , wherein the address of the server comprises an internet protocol (IP) address of the server, wherein the decrypted codes are transmitted to the server based on the IP address of the server.
Assignees
Inventors
Classifications
- H04L9/3226Primary
using a predetermined code, e.g. password, passphrase or PIN (network architectures or network communication protocols for supporting authentication of entities using passwords in a packet data network H04L63/083) · CPC title
Proxy, i.e. using intermediary entity to perform cryptographic operations · CPC title
using challenge-response · CPC title
Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor · CPC title
- H04L9/3215Primary
using a plurality of channels (network architectures or network communication protocols using different networks H04L63/18) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12537689B2 cover?
- Various embodiments are generally directed to provide a semi-local authentication scheme. A server can transmit one or more encryption mechanisms to a user device, which in turn can transmit the encrypted mechanisms to one or more secondary devices associated with the user device, where the user device and the secondary devices share a local connection. The secondary devices can transmit the on…
- Who is the assignee on this patent?
- Capital One Services Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3226. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jan 27 2026 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).