Generating a token data feed with privacy-preserving logins
US-2024104173-A1 · Mar 28, 2024 · US
Multi-factor authentication using blockchain
US12554828B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12554828-B2 |
| Application number | US-202218050952-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 28, 2022 |
| Priority date | Oct 28, 2022 |
| Publication date | Feb 17, 2026 |
| Grant date | Feb 17, 2026 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Methods and systems are described herein for novel uses and/or improvements in application or service authentication for a provider of disparate applications and/or services using blockchain technology. As one example, a method and a system are described herein for a unified user device authentication mechanism across multiple lines of service using cryptographic tokens. The system may receive, as part of a login request from a user, an address associated with a cryptography-based storage application, a cryptographic signature, and an identifier associated with a cryptographic token. The system may verify that the cryptographic token is valid and that the cryptography-based storage application controls the cryptographic token to grant the user access to the application or line of service.
First claim
Opening claim text (preview).
What is claimed is: 1 . A system for using cryptographic tokens to facilitate user device authentication from multiple applications, the system comprising: one or more processors; and one or more non-transitory, computer-readable media comprising instructions that when executed by the one or more processors cause operations comprising: receiving, from a first application on a user device, a first login request, wherein the first login request comprises (1) a first address associated with a first cryptography-based storage application of a user and (2) a second address associated with a second cryptography-based storage application of the first application; authenticating the user using authentication information within the first login request; generating, using the first application, a cryptographic token for future authentication of the first application and other applications on the user device, wherein the cryptographic token comprises a user identifier; transmitting, to a blockchain node of a blockchain, a blockchain operation request to commit the cryptographic token to the blockchain, wherein the blockchain operation request comprises (1) the first address indicating that the first cryptography-based storage application is to control the cryptographic token and (2) the second address indicating a creator of the cryptographic token; receiving, from a second application on the user device, a second login request from the user device, wherein the second login request comprises (1) the first address associated with the first cryptography-based storage application, (2) a cryptographic signature generated using a private key of the first cryptography-based storage application, and (3) a token identifier of the cryptographic token; determining, using the cryptographic signature, that the first cryptography-based storage application controls the cryptographic token; and in response to determining that the first cryptography-based storage application controls the cryptographic token, granting access to the user identifier based on the second login request. 2 . The system of claim 1 , wherein the instructions further cause the one or more processors to perform operations comprising: retrieving an application identifier associated with the first application; determining, based on the application identifier, that the first application is an authorized authenticator; inserting the second address into the cryptographic token as a creator address; and signing the blockchain operation request with an application private key corresponding to the second cryptography-based storage application. 3 . The system of claim 1 , wherein the instructions further cause the one or more processors to perform operations comprising: retrieving, via the blockchain node, metadata associated with the cryptographic token; determining a generation address associated with the cryptographic token; comparing the generation address with a list of trusted generation addresses; and based on determining that the generation address matches another address on the list of trusted generation addresses, generating an indication that the cryptographic token is validated. 4 . The system of claim 1 , wherein the instructions further cause the one or more processors to perform operations comprising: retrieving, via the blockchain node, a uniform resource identifier associated with the cryptographic token; transmitting, to a computing device associated with the uniform resource identifier, a first insertion request to insert first metadata associated with the first login request into a login log associated with the cryptographic token, wherein the first insertion request is signed using the private key corresponding to the first cryptography-based storage application of the first application; and transmitting, to the computing device associated with the uniform resource identifier, a second insertion request to insert second metadata associated with the second login request into the login log associated with the cryptographic token, wherein the second insertion request is signed using the private key corresponding to the first cryptography-based storage application. 5 . A method for using cryptographic tokens to facilitate user device authentication, the method comprising: receiving, from a user device, a first login request directed to a first application, the first login request comprising (1) a first address associated with a first cryptography-based storage application of a user and (2) authentication information of the user; authenticating the user using the authentication information; generating a cryptographic token comprising a user identifier indicating a second address associated with the first application; transmitting, to a blockchain node of a blockchain, a blockchain operation request to commit the cryptographic token to the blockchain, wherein the blockchain operation request comprises the first address indicating that the first cryptography-based storage application is to control the cryptographic token; receiving a second login request comprising (1) the first address, (2) a cryptographic signature generated using a private key of the first cryptography-based storage application, and (3) a token identifier of the cryptographic token; determining, using the token identifier, that the cryptographic token is valid; determining, using the cryptographic signature, that the first cryptography-based storage application controls the cryptographic token; and based on the first cryptography-based storage application controlling the cryptographic token and the cryptographic token being valid, granting access responsive to the second login request. 6 . The method of claim 5 , wherein the second login request is received from the first application on the user device and the first login request is received from a second application on the user device. 7 . The method of claim 6 , further comprising: retrieving an application identifier associated with the second application; determining, based on the application identifier, that the second application is an authorized authenticator; retrieving a second address corresponding to a second cryptography-based storage application associated with the second application; inserting the second address into the cryptographic token as a creator address; and signing the blockchain operation request with an original private key corresponding to the second cryptography-based storage application associated with the second application. 8 . The method of claim 5 , further comprising: retrieving, via the blockchain node of the blockchain, a uniform resource identifier associated with the cryptographic token; transmitting, to a computing device associated with the uniform resource identifier, a first insertion request to insert first metadata associated with the first login request into a login log associated with the cryptographic token, wherein the first insertion request is signed using a first private key corresponding to the first cryptography-based storage application of the first application to which the user logged in; and transmitting, to the computing device associated with the uniform resource identifier, a second insertion request to insert second metadata associated with the second login request into the login log associated with the cryptographic token, wherein the second insertion request is signed using a second private key corresponding to a second cryptography-based storage application of a second application to which the user logged in. 9 . The method of claim 5 , wherein determining that the cryptographic token is valid further comprises: retrieving, via a blockchain no
Assignees
Inventors
Classifications
using tickets or tokens, e.g. Kerberos (network architectures or network communication protocols for entities authentication using tickets in a packet data network H04L63/0807) · CPC title
using hash chains, e.g. blockchains or hash trees · CPC title
involving digital signatures · CPC title
involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD · CPC title
- G06F21/445Primary
by mutual authentication, e.g. between devices or programs · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12554828B2 cover?
- Methods and systems are described herein for novel uses and/or improvements in application or service authentication for a provider of disparate applications and/or services using blockchain technology. As one example, a method and a system are described herein for a unified user device authentication mechanism across multiple lines of service using cryptographic tokens. The system may receive,…
- Who is the assignee on this patent?
- Capital One Services Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/445. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Feb 17 2026 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).