US 11,659,392 B2
Secure mobile initiated authentications to web-services
George Avetisov, New York, NY (US); Roman Kadinsky, New York, NY (US); and Bojan Simic, New York, NY (US)
Assigned to HYPR Corp., New York, NY (US)
Filed by HYPR Corp., New York, NY (US)
Filed on Jan. 26, 2021, as Appl. No. 17/158,898.
Application 17/158,898 is a continuation of application No. 17/066,280, filed on Oct. 8, 2020, granted, now 10,939,295.
Application 17/066,280 is a continuation in part of application No. 16/932,605, filed on Jul. 17, 2020, granted, now 11,438,764.
Application 16/932,605 is a continuation of application No. 15/931,461, filed on May 13, 2020, granted, now 10,764,752, issued on Sep. 1, 2020.
Application 15/931,461 is a continuation in part of application No. 16/373,561, filed on Apr. 2, 2019, granted, now 11,057,366.
Application 16/373,561 is a continuation in part of application No. 16/270,255, filed on Feb. 7, 2019, granted, now 10,601,828, issued on Mar. 24, 2020.
Claims priority of provisional application 62/951,945, filed on Dec. 20, 2019.
Claims priority of provisional application 62/720,609, filed on Aug. 21, 2018.
Claims priority of provisional application 62/720,590, filed on Aug. 21, 2018.
Prior Publication US 2021/0185531 A1, Jun. 17, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04W 12/06 (2021.01); H04L 9/40 (2022.01); G06F 21/45 (2013.01); H04W 12/08 (2021.01); H04W 12/069 (2021.01)
CPC H04W 12/068 (2021.01) [G06F 21/45 (2013.01); H04L 63/062 (2013.01); H04L 63/083 (2013.01); H04L 63/0884 (2013.01); H04L 63/18 (2013.01); H04L 63/20 (2013.01); H04W 12/069 (2021.01); H04W 12/08 (2013.01); G06F 2221/2149 (2013.01)] 26 Claims
OG exemplary drawing
 
1. A tangible, non-transitory, machine-readable medium storing instructions that when executed by one or more processors of a computer system effectuate operations comprising:
establishing on a first computing device:
a set of credentials maintained on the first computing device, and
a secret key of a key-pair, the secret key maintained on the first computing device;
transmitting, to an authentication server to register the first computing device with the authentication server:
a shared key of the key-pair and, for at least one credential by which a user authenticates to the first computing device in the set of credentials, a representation indicative of a value of the corresponding credential, or
data corresponding to the representation and the shared key;
receiving an indication of a user selection on the first computing device to register the first computing device to a web-service to be accessed from a second computing device, wherein:
the second computing device is different from the first computing device, and
the authentication server is configured to identify sessions of the user with the second computing device to convey credentials received from the first computing device to the second computing device for presentation to a server associated with the web-service;
obtaining, by the first computing device, a registration value corresponding to the web-service, and data signed by the secret key, the signed data being indicative of a result of user authentication on the first computing device;
transmitting data including the registration value and the signed data to cause the authentication server to register the first computing device with the web-service based on authentication of the signed data and the registration value; and
establishing, on the first computing device, a credential value corresponding to the web-service.