User-authentication-based approval of a first device via communication with a second device

Assignee

• MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

• Benjamin Richard Vincent · Kirkland, US
• Tarek B. Kamel · Issaquah, US
• Sparky Toews · Seattle, US
• Dejan Subotic · Kirkland, US
• Peter E. Zenzerovich · Kenmore, US
• James Shang Kai Chou · Bellevue, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04W12/77
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

User-authentication-based approval of a first device via communication with a second device over a channel (e.g., an insecure channel) is described. The first device receives a session ID and first user-observable information, or an identifier thereof, from an identity provider, presents the first user-observable information to a user, and sends the session ID to the second device. The second device sends the session ID to the identity provider to obtain therefrom second user-observable information, or an identifier thereof, and a security challenge. The second user-observable information bears a user-discernable relationship to the first user-observable information and is presented to the user by the second device. The second device is capable of generating a response to the security challenge for transmission to the identity provider based at least on input received from the user, the response to the security challenge being indicative of the suitability of the first device for approval.