Online account access control by mobile device
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-021/00
G06F-021/31
H04L-029/06
출원번호
US-0714995
(2012-12-14)
등록번호
US-9317672
(2016-04-19)
발명자
/ 주소
Carlson, Mark
출원인 / 주소
VISA INTERNATIONAL SERVICE ASSOCIATION
대리인 / 주소
Kilpatrick Townsend & Stockton LLP
인용정보
피인용 횟수 :
6인용 특허 :
39
초록▼
Systems and methods for controlling access to an online account are described. An access control message including an action to be performed on an online account can be sent from a mobile device to a server. A user verification query message can be sent to the mobile device. A user verification resp
Systems and methods for controlling access to an online account are described. An access control message including an action to be performed on an online account can be sent from a mobile device to a server. A user verification query message can be sent to the mobile device. A user verification response message can be received from the mobile device. The user verification response message can include verification information that is different from login information for the online account. The user verification response message can be verified by comparing the verification information to stored information. If the user verification response message is successfully verified, the action indicated in the access control message can be performed on the online account.
대표청구항▼
1. A method for controlling access to an online account, the method comprising: receiving an access control message from a mobile device-that includes a request to disable login access to an online account, wherein the online account is associated with login information comprising a password and ide
1. A method for controlling access to an online account, the method comprising: receiving an access control message from a mobile device-that includes a request to disable login access to an online account, wherein the online account is associated with login information comprising a password and identification information associated with the online account;establishing, in response to receiving the access control message, a short message service communication session with the mobile device;receiving, via the short message service communication session, identifying information associated with the mobile device, the identifying information including at least one of a Mobile Subscriber Integrated Services Digital Network (MSISDN) number, an International Mobile Subscriber Identity (IMSI), and an International Mobile Station Equipment Identifier (IMEI);identifying the online account based at least in part on the identifying information associated with the mobile device, wherein the identifying the online account includes comparing an identifier of the mobile device to a plurality of stored identifiers;sending a user verification query message to the mobile device via the short message service communication session;receiving a user verification response message from the mobile device via the short message service communication session, wherein the user verification response message includes verification information that is different from the login information for the online account;verifying the user verification response message, wherein the verifying includes comparing the verification information to stored information; andif the user verification response message is verified, disabling login access to the online account, such that the online account is prevented from being accessed even when the login information for the online account is correctly entered. 2. The method of claim 1, wherein the access control message is a short message service (SMS) message. 3. The method of claim 1, wherein the user verification response message includes a cryptographic hash value. 4. The method of claim 1, wherein at least one of the access control message, the user verification query message and the user verification response message is generated by a signed application. 5. The method of claim 1, further comprising: enrolling the online account; andregistering the mobile device in association with the online account. 6. The method of claim 1, wherein disabling login access to the online account prevents access to the account even when correct login information is presented. 7. The method of claim 1, further comprising: receiving a second access control message from the mobile device including a request to enable login access to the online account;sending a second user verification query message to the mobile device;receiving a second user verification response message from the mobile device; andenabling the online account upon verifying the second user verification response message. 8. A mobile device, comprising: a processor; anda non-transitory computer readable medium coupled to the processor, wherein the computer readable medium includes code executable by the processor, the code operative to: establish, by transmitting an access control message to a server, a short message service communication session with the server, wherein the access control message includes an action to be performed on an online account, wherein the online account in accessed using login information, wherein the action is disabling login access to the online account via the login information, wherein the login information includes a password and identification information associated with the online account, wherein the access control message includes a device identifier that may be used by the server to identify the mobile device, and wherein the identity of the mobile device may be used by the server to identify the online account, the device identifier including at least one of a Mobile Subscriber Integrated Services Digital Network (MSISDN) number, an International Mobile Subscriber Identity (IMSI), and an International Mobile Station Equipment Identifier (IMEI);receive, via the short message service communication session, a user verification query message from the server; andsend, via the short message service communication session, a user verification response message to the server, wherein the user verification response message includes verification information that is different from the login information for the online account;wherein if the user verification response message is verified by the server, the login access to the online account via the login information is disabled. 9. The mobile device of claim 8, wherein the access control message is a short message service (SMS) message. 10. The mobile device of claim 8, wherein the code is further operative to generate a cryptographic hash value to include in the user verification response message. 11. The mobile device of claim 8, wherein at least one of the access control message, the user verification query message and the user verification response message is generated by a signed application. 12. A system for controlling access to an online account, the system comprising: a processor; anda non-transitory computer readable medium coupled to the processor, wherein the computer readable medium includes code executable by the processor, the code operative to:receive an access control message from a mobile device, wherein the access control message includes an action to be performed on an online account, wherein the online account is accessed using login information, wherein the login information includes a password and identification information associated with the online account;establish, in response to receiving the access control message, a short message service communication session with the mobile device;receive, via the short message service communication session, identifying information associated with the mobile device, the identifying information including at least one of a Mobile Subscriber Integrated Services Digital Network (MSISDN) number, an International Mobile Subscriber Identity (IMSI), and an International Mobile Station Equipment Identifier (IMEI);determine the online account based at least in part on the identifying information associated with the mobile device, wherein determining the online account comprises comparing the identifying information associated with the mobile device to stored mobile device identifiers;send, via the short message service communication session, a user verification query message to the mobile device;receive, via the short message service communication session, a user verification response message from the mobile device, wherein the user verification response message includes verification information that is different from the login information for the online account;verify the user verification response message, wherein the verifying includes comparing the verification information to stored information; andif the user verification response message is verified, disabling login access to the online account via the login information. 13. The system of claim 12, wherein the code is further operative to verify the mobile device, wherein the verifying includes comparing an identifier of the mobile device to a plurality of stored identifiers. 14. The system of claim 12, wherein at least one of the access control message, the user verification query message and the user verification response message is a short message service (SMS) message. 15. The system of claim 12, wherein the action is enabling login access to the online account using the login information for the online account. 16. The system of claim 12, wherein the action is disabling editing of information associated with the online account. 17. The system of claim 12, wherein the action is disabling transmitting e-mail from the account.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (39)
Morris E. Cohen, Apparatus and methods for improved credit cards and credit card transactions.
Bickham Richard S. (Cary IL) Furtaw Robert W. (Lake Zurich IL) Schultz Joseph G. (Bartlett IL) Sobti Arun (South Barrington IL) Zdunek Kenneth J. (Schaumburg IL), Method of providing an alert of a financial transaction.
Fung, Daniel Y.; Evans, Stephen C., Method, system and computer readable medium for web site account and e-commerce management from a central location.
Wong Kam-Fu (c/o Star Paging (Holding) Ltd. ; 1/F. ; Chung Nam Centre ; 414 Kwun Tong Road Kwun Tong ; Kowloon HKX), Security system for non-cash transactions.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.