Method of and system for authenticating and operating personal communication devices over public safety networks
US-9332431-B2 · May 3, 2016 · US
Multi factor user authentication on multiple devices
US9871791B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9871791-B2 |
| Application number | US-201715427464-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 8, 2017 |
| Priority date | Feb 24, 2015 |
| Publication date | Jan 16, 2018 |
| Grant date | Jan 16, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems and methods of the present invention provide for a first and second client computer configured to receive and transmit an authentication credential and at least one additional authentication credential respectively. The authentication credentials may be selected from authentication credentials known only to a user, identifying a client computer and/or identifying a characteristic unique to the user. A server computer communicatively coupled to the network may be configured to receive the authentication credentials and verify the identity of the user via a match, in a database, of a first authentication credential, a second authentication credential and a third authentication credential.
First claim
Opening claim text (preview).
The invention claimed is: 1. A system, comprising a server computing device coupled to a network and comprising at least one processor executing specific computer-executable instructions that, when executed, cause the system to: identify, in a first transmission from a first authentication user interface (UI) on a first client computing device operated by a user, a first authentication credential input by the user; responsive to identifying, within a database coupled to the network, a user identifier associated with the first authentication credential, the database storing a public key and a biometric record signed by a private key and wherein the private key and the public key are configured to bind a first software code on a second client computing device with a second software code on the server computing device to establish an encryption channel: generate a second authentication UI requesting a second authentication credential from the user; transmit the second authentication UI to be displayed on the second client computing device operated by the user; receive, via the encryption channel between the second client computing device and the server computing device, a second transmission from the second authentication UI on the second client computing device; identify, in the second transmission the second authentication UI on the second client computing device, the second authentication credential input by the user; and responsive to identifying, within the database, the user identifier associated with the second authentication credential input by the user, authenticate the user. 2. The system of claim 1 , wherein the first authentication credential or the second authentication credential comprises a time-based one time password or a tap code. 3. The system of claim 1 , wherein the computer-executable instructions further cause the server computing device to generate an alert to be displayed on the first client computing device or the second client computing device responsive to a determination that: the first authentication credential or the second authentication credential is not associated with the user identifier in the database; or the second authentication credential, comprising a biometric input by the user, does not match the biometric record stored in the database. 4. The system of claim 1 , wherein the computer executable instructions further cause the server computing device, responsive to a determination that the first client computing device and the second client computing device are the same device, to generate an alert to be displayed on the first client computing device or the second client computing device. 5. The system of claim 1 , wherein the authentication of the user authorizes the user to access a domain name administration software, a bank account, a retail website, or at least one private health record. 6. The system of claim 5 , wherein the second client computing device is configured to, without user input: store a biometric data; encrypt the biometric data using a private key; and transmit the biometric data to the server computing device. 7. The system of claim 6 , wherein, upon authentication of the user, the server computing device is configured to perform a requested action for which the authentication is required. 8. The system of claim 1 , wherein the second authentication credential comprises a biometric data including a finger or thumb print, a capillary distribution, or a software identification of the user's face, voice, retina, or DNA. 9. A method, comprising the steps of: identifying, by a server computing device coupled to a network and comprising at least one processor executing specific computer-executable instructions, in a first transmission from a first authentication user interface (UI) on a first client computing device operated by a user, a first authentication credential input by the user; responsive to identifying, by the server computing device, within a database coupled to the network, a user identifier associated with the first authentication credential, the database storing a public key and a biometric record signed by a private key and wherein the private key and the public key are configured to bind a first software code on a second client computing device with a second software code on the server computing device to establish an encryption channel: generating, by the server computing device, a second authentication UI requesting a second authentication credential the user; transmitting, by the server computing device, the second authentication UI to be displayed on the second computing device operated by the user; receiving, via the encryption channel between the second client computing device and the server computing device, a second transmission the second authentication UI on the second client computing device; identifying, by the server computing device, in the second transmission the second authentication UI on the second client computing device, the second authentication credential input by the user; responsive to identifying, within the database, the user identifier associated with the second authentication credential input by the user, authenticating, by the server computing device, the user. 10. The method of claim 9 , further comprising the step of decoding the first authentication credential or the second authentication credential as a time-based one time password or a tap code. 11. The method of claim 9 , further comprising the step of generating, by the server computing device, an alert to be displayed on the first client computing device or the second client computing device responsive to a determination that: the first authentication credential or the second authentication credential is not associated with the user identifier in the database; or the second authentication credential, comprising a biometric input by the user, does not match the biometric record stored in the database. 12. The method of claim 9 , further comprising the step of: responsive to a determination that the first client computing device and the second client computing device are the same device, generating, by the server computing device, an alert to be displayed on the first client computing device or the second client computing device. 13. The method of claim 9 , wherein the authentication of the user authorizes the user to access a domain name administration software, a bank account, a retail website, or at least one private health record. 14. The method of claim 13 , further comprising the steps of: storing, by the second client computing device, a biometric data; encrypting, by the second client computing device, the biometric data using a private key; and transmitting, by the second client computing device, the biometric data to the server computing device. 15. The method of claim 14 , further comprising the step of performing, by the server computing device, a requested action, upon authentication of the user, for which the authentication is required. 16. The method of claim 9 , wherein the second authentication credential comprises a biometric data including a finger or thumb print, a capillary distribution, or a software identification of the user's face, voice, retina, or DNA.
Assignees
Inventors
Classifications
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
using passwords (cryptographic mechanisms or cryptographic arrangements for entity authentication using a predetermined code H04L9/3226) · CPC title
using one-time-passwords · CPC title
involving the use of external additional devices, e.g. dongles or smart cards · CPC title
- H04L63/0861Primary
using biometrical features, e.g. fingerprint, retina-scan (cryptographic mechanisms or cryptographic arrangements for entity authentication using biological data H04L9/3231) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9871791B2 cover?
- Systems and methods of the present invention provide for a first and second client computer configured to receive and transmit an authentication credential and at least one additional authentication credential respectively. The authentication credentials may be selected from authentication credentials known only to a user, identifying a client computer and/or identifying a characteristic unique…
- Who is the assignee on this patent?
- Go Daddy Operating Co Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0861. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jan 16 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).