Authenticating users during and after suspicious voice calls and browsing
US-2024364684-A1 · Oct 31, 2024 · US
Facilitation of service login
US2016285633A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016285633-A1 |
| Application number | US-201514671026-A |
| Country | US |
| Kind code | A1 |
| Filing date | Mar 27, 2015 |
| Priority date | Mar 27, 2015 |
| Publication date | Sep 29, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
As provided herein, a first device may be registered as authorized to authenticate a user login into a service from a second device (e.g., a smart phone may be used to log the user into a webmail service on a computer without the user having to enter a password through the computer). Responsive to the user attempting to access the service through the second device, a login interface may be displayed on the first device. The user may confirm or deny that the user wants to log into the service on the second device, thus allowing the user to seamlessly log into the service on the second device (e.g., without entering a password) while mitigating unauthorized logins into the service from unknown devices. Further, the user may use the first device to delegate the authority to authenticate the user login into the service to one or more other devices.
First claim
Opening claim text (preview).
What is claimed is: 1 . A system for facilitating service login, comprising: a service login management component configured to: register a first device as having authorization to authenticate a user for accessing a service from a second device; store device authorization information on the second device, the device authorization information specifying that the first device is registered as having authorization to authenticate the user; receive an access request for the service from the second device, the access request specifying a username and the device authorization information; query an authorization database using the username to identify an encryption key and a push token; encrypt a request using the encryption key to create an encrypted request; send the encrypted request to the first device using the push token; and responsive to receiving a login user authorization notification from the first device in response to the encrypted request, log the user into the service on the second device. 2 . The system of claim 1 , the service login management component configured to: maintain a count of user logins from the second device; and responsive to the count exceeding a threshold, instruct the second device to facilitate a non-credential login with the service. 3 . The system of claim 1 , the service login management component configured to: receive an authorization delegation request, for a third device, from the first device; and register the third device as having authorization to authenticate the user for accessing the service from the second device. 4 . The system of claim 1 , the first device comprising a mobile phone, and the service login management component configured to: maintain a registration of the first device within a key ring account for the user; and responsive to receiving a phone number change request, modify the registration based upon the phone number change request. 5 . The system of claim 1 , the service login management component configured to: maintain a registration of the first device, the registration specifying a trust level for the first device; and modify the trust level based upon at least one of successful authentication or unsuccessful authentication of the user by the first device. 6 . The system of claim 5 , the service login management component configured to: maintain a second registration of a third device, the second registration specifying a second trust level for the third device; and responsive to the second trust level exceeding a trust level threshold, open a push channel to the third device for authenticating the user for accessing the service from the second device. 7 . The system of claim 6 , the service login management component configured to: determine a first viability score of the first device corresponding to the user; determine a second viability score of the third device corresponding to the user; and responsive to the second viability score being greater than the first viability score, send the encrypted request to the third device using the push token. 8 . The system of claim 1 , the service login management component configured to: store the device authorization information within a login management cookie on the second device. 9 . The system of claim 1 , the service login management component configured to: store the username, the encryption key associated with the username, and the push token associated with the username within the authorization database. 10 . A system for facilitating service login, comprising: a first device configured to: register, as having authorization to authenticate a user for accessing a service from a second device, with the service to obtain an encryption key; store the encryption key and a username, of a user account with the service, within the first device; receive an encrypted request sent by the service using a push token; decrypt the encrypted request using the encryption key; display a login interface to the user; and responsive to receiving a login user authentication notification through the login interface, provide the login user authentication notification to the service, the login user authentication notification instructing the service to log the user into the service on the second device. 11 . The system of 10 , the first device configured to: delegate authorization, to a third device, for authenticating the user for accessing the service from the second device. 12 . The system of claim 10 , the first device configured to: obtain the push token from a push notification service; obtain a verification code from the service; send an encryption key request to the service, the encryption key request comprising the user username, the verification code, and the push token; and obtain the encryption key from the server. 13 . The system of claim 10 , the first device configured to: responsive to receiving a login user dissent notification through the login interface, provide the login user dissent notification to the service, the login user dissent notification instructing the service to prevent a login of the user into the service from the second device 14 . A method for facilitating service login, comprising: registering a first device as having authorization to authenticate a user for accessing a service from a second device; receiving an access request for the service from the second device, the access request specifying a username and device authorization information; sending an encrypted request to the first device; and responsive to receiving a login user authorization notification from the first device in response to the encrypted request, logging the user into the service on the second device. 15 . The method of claim 14 , comprising: maintaining a count of user logins from the second device; and responsive to the count exceeding a threshold, instructing the second device to facilitate non-credential logins with the service. 16 . The method of claim 14 , comprising: receiving an authorization delegation request, for a third device, from the first device; and registering the third device as having authorization to authenticate the user for accessing the service from the second device. 17 . The method of claim 14 , comprising: maintaining a registration of the first device, the registration specifying a trust level for the first device; and modifying the trust level based upon at least one of successful authentication or unsuccessful authentication of the user by the first device. 18 . The method of claim 17 , comprising: maintaining a second registration of a third device, the second registration specifying a second trust level for the third device; and responsive to the second trust level exceeding a trust level threshold, opening a push channel to the third device for authenticating the user for accessing the service from the second device. 19 . The method of claim 18 , comprising: determining a first viability score of the first device corresponding to the user; determining a second viability score of the third device corresponding to the user; and responsive to the second viability score being greater than the first viability score, sending the encrypted request to the third device using the push channel. 20 . The system of claim 14 , comprising: storing the device authorization information within a login management cookie on the second device.
Assignees
Inventors
Classifications
- H04L63/0853Primary
using an additional device, e.g. smartcard, SIM or a different communication terminal (cryptographic mechanisms or cryptographic arrangements for entity authentication involving additional secure or trusted devices H04L9/3234) · CPC title
involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token (network architectures or network communication protocols for supporting authentication of entities using an additional device in a packet data network H04L63/0853) · CPC title
involving the use of external additional devices, e.g. dongles or smart cards · CPC title
by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity · CPC title
using passwords (cryptographic mechanisms or cryptographic arrangements for entity authentication using a predetermined code H04L9/3226) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016285633A1 cover?
- As provided herein, a first device may be registered as authorized to authenticate a user login into a service from a second device (e.g., a smart phone may be used to log the user into a webmail service on a computer without the user having to enter a password through the computer). Responsive to the user attempting to access the service through the second device, a login interface may be disp…
- Who is the assignee on this patent?
- Yahoo Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0853. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Sep 29 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).