Patent · US Active

Service channel authentication token

US9836594B2 · kind B2 · utility

12Cited by

51References

12Claims

0Family size

Assignee

Bank of America Corporation · US

Inventors

Xianhong Zhang · Issaquah, US
Andrew T. Keys · Albany, US
Kapil Pruthi · Bothell, US
Daniel Lynn Carpenter · Matthews, US
Mark A. Pender · Baldwin, US
Spencer Yezo · Millstone, US
Apeksh M. Dave · Weddington, US

Key dates

Filing date	May 19, 2014
Grant date	Dec 5, 2017
Priority date	—
Expiry date	Oct 8, 2034

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/105
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A computer system receives an authentication request from a user device and determines a determined device identification from a set of received device attributes. When the device is properly authenticated, the computer system generates an authentication token that is signed by the determined device identification and returns the authentication token to the user device. When the computer system subsequently receives a service request with an authentication token and a plurality of device attributes for a protected resource from a user device, the computer system determines a derived device identification from some or all of the received device attributes. When a signed device identification of the authentication token and the derived device identification are equal, the apparatus continues processing the service request. Otherwise, the service request is rejected.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.