User credentials
US-9269358-B1 · Feb 23, 2016 · US
Sight codes for website authentication
US9887992B1 · US · B1
| Field | Value |
|---|---|
| Publication number | US-9887992-B1 |
| Application number | US-201514817413-A |
| Country | US |
| Kind code | B1 |
| Filing date | Aug 4, 2015 |
| Priority date | Jul 11, 2012 |
| Publication date | Feb 6, 2018 |
| Grant date | Feb 6, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for site codes for website authentication are disclosed. In one aspect, a method includes receiving, a request to start a new authenticated session of the web page on the client device. The method includes generating an optical machine-readable code and a security image. The method includes transmitting (i) the security image, (ii) the optical machine-readable code, and (iii) instructions for the server to provide the security image and the optical machine-readable code for simultaneous display. The method includes receiving extracted data that the mobile device extracted from the optical machine-readable code in response to the mobile device optically detecting the optical machine-readable code using a camera of the mobile device. The method includes verifying an identity of the user based on a comparison of the extracted data and data corresponding to the optical machine-readable code.
First claim
Opening claim text (preview).
The invention claimed is: 1. A computer-implemented method comprising: receiving, from a server that provides a web page to a client device, a request to start, for a user, a new authenticated session of the web page on the client device, the request including data identifying the user; in response to receiving the request, generating an optical machine-readable code and a security image for the new authenticated session; transmitting, to the server that provides the web page, (i) the security image, (ii) the optical machine-readable code, and (iii) instructions for the server to provide the security image and the optical machine-readable code for simultaneous display at the client device; transmitting, to a mobile device that is associated with the user and is different from the client device, the security image and instructions to provide the security image for display, on the mobile device, while the security image and the optical machine-readable code are simultaneously displayed at the client device; receiving, from the mobile device, extracted data that the mobile device extracted from the optical machine-readable code in response to the mobile device optically detecting the optical machine-readable code using a camera of the mobile device; in response to receiving the extracted data that the mobile device extracted from the optical machine-readable code, verifying an identity of the user based on a comparison of the extracted data and data corresponding to the optical machine-readable code transmitted to the server that provides the web page; and in response to verifying the identity of the user based on the comparison, transmitting, to the server that provides the web page, data indicating the verified identity of the user and a session identifier for the new authenticated session. 2. The method of claim 1 , wherein the security image is an animated image. 3. The method of claim 2 , wherein: transmitting, to the server that provides the web page, (i) the security image, (ii) the optical machine-readable code, and (iii) instructions for the server to provide the security image and the optical machine-readable code for simultaneous display at the client device comprises: transmitting, to the server that provides the web page, data for synchronizing animation of the animated image with animation of the animated image on the mobile device; and transmitting, to a mobile device that is associated with the user and is different from the client device, the security image and instructions to provide the security image for display, on the mobile device, while the security image and the optical machine-readable code are simultaneously displayed at the client device comprises: transmitting, to the mobile device, the data for synchronizing animation of the animated image with animation of the animated image on the client device. 4. The method of claim 1 , wherein the optical machine-readable code is a QR code. 5. The method of claim 1 , wherein the security image and the optical machine-readable code are further based on data associated with a current time. 6. The method of claim 1 , wherein transmitting, to the server that provides the web page, data indicating the verified identity of the user and a session identifier for the new authenticated session comprises: transmitting, to the server that provides the web page, a security token for initiating the new authenticated session. 7. The method of claim 1 , comprising: receiving, from the mobile device, data identifying the mobile device and different data identifying the user; generating a credential based on the data identifying the mobile device and the different data identifying the user; and identifying, by accessing the credential, the mobile device based on receiving, from the server that provides the web page to the client device, the request to start, for the user, the new authenticated session of the web page on the client device. 8. The method of claim 7 , comprising: determining that the credential is valid; and based on determining that the credential is valid, transmitting, to the server that provides the web page, the data indicating the verified identity of the user and the session identifier for the new authenticated session. 9. The method of claim 7 , comprising: determining that the credential is valid for a particular period of time; and based on determining that the credential is valid, transmitting, to the server that provides the web page, (i) the data indicating the verified identity of the user, (ii) the session identifier for the new authenticated session, and (iii) data that indicates the particular period of time when the user is authorized to access the web page. 10. A system comprising: one or more computers and one or more storage devices storing instructions that are operable, when executed by the one or more computers, to cause the one or more computers to perform operations comprising: receiving, from a server that provides a web page to a client device, a request to start, for a user, a new authenticated session of the web page on the client device, the request including data identifying the user; in response to receiving the request, generating an optical machine-readable code and a security image for the new authenticated session; transmitting, to the server that provides the web page, (i) the security image, (ii) the optical machine-readable code, and (iii) instructions for the server to provide the security image and the optical machine-readable code for simultaneous display at the client device; transmitting, to a mobile device that is associated with the user and is different from the client device, the security image and instructions to provide the security image for display, on the mobile device, while the security image and the optical machine-readable code are simultaneously displayed at the client device; receiving, from the mobile device, extracted data that the mobile device extracted from the optical machine-readable code in response to the mobile device optically detecting the optical machine-readable code using a camera of the mobile device; in response to receiving the extracted data that the mobile device extracted from the optical machine-readable code, verifying an identity of the user based on a comparison of the extracted data and data corresponding to the optical machine-readable code transmitted to the server that provides the web page; and in response to verifying the identity of the user based on the comparison, transmitting, to the server that provides the web page, data indicating the verified identity of the user and a session identifier for the new authenticated session. 11. The system of claim 10 , wherein the security image is an animated image. 12. The system of claim 11 , wherein: transmitting, to the server that provides the web page, (i) the security image, (ii) the optical machine-readable code, and (iii) instructions for the server to provide the security image and the optical machine-readable code for simultaneous display at the client device comprises: transmitting, to the server that provides the web page, data for synchronizing animation of the animated image with animation of the animated image on the mobile device; and transmitting, to a mobile device that is associated with the user and is different from the client device, the security image and instructions to provide the security image for display, on the mobile device, while the security image and the optical machine-readable code are simultaneously displayed at the client device comprises: transmitting, to the mobile device, the data for synchronizing animation of
Assignees
Inventors
Classifications
- H04L63/0853Primary
using an additional device, e.g. smartcard, SIM or a different communication terminal (cryptographic mechanisms or cryptographic arrangements for entity authentication involving additional secure or trusted devices H04L9/3234) · CPC title
communicating wirelessly · CPC title
by graphic or iconic representation · CPC title
Graphical identity · CPC title
Authentication · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9887992B1 cover?
- Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for site codes for website authentication are disclosed. In one aspect, a method includes receiving, a request to start a new authenticated session of the web page on the client device. The method includes generating an optical machine-readable code and a security image. The method includes transm…
- Who is the assignee on this patent?
- Microstrategy Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0853. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 06 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).