US 12,425,387 B2
Systems and methods for machine-readable code-based authentication
John Tilmon, McLean, VA (US); Kyle G. McKenna, McLean, VA (US); and Nicholas Pulaski, McLean, VA (US)
Assigned to Capital One Services, LLC, McLean, VA (US)
Filed by Capital One Services, LLC, McLean, VA (US)
Filed on Nov. 7, 2023, as Appl. No. 18/503,871.
Prior Publication US 2025/0150446 A1, May 8, 2025
Int. Cl. H04L 9/40 (2022.01); H04W 4/14 (2009.01)
CPC H04L 63/0815 (2013.01) [H04W 4/14 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A system for machine-readable code-based access in absence of a physical authentication token, comprising:
one or more processors; and
one or more non-transitory, computer-readable media comprising instructions that, when executed by the one or more processors, cause operations comprising:
receiving, from a mobile device, a text message addressed to a recipient digital identifier, wherein:
the mobile device is operating on a mobile network and associated with a user digital identifier relating to the mobile network, and
the text message indicates a first request for access in absence of the physical authentication token;
determining whether there exists a user account based on the user digital identifier;
in response to determining an existence of the user account based on the user digital identifier, retrieving mobile device information relating to the mobile network and associated with the user digital identifier;
determining whether to authenticate the first request based on the mobile device information;
in response to determining that the first request is authenticated, generating a first machine-readable code associated with the user account, wherein the first machine-readable code is valid for a specified period;
transmitting, to the mobile device, the first machine-readable code for display on the mobile device;
receiving a second request from a third party for accessing the user account, wherein the second request was initiated by the third party scanning a second machine-readable code using a third party electronic device;
assessing second information associated with the second machine-readable code based on a prediction model and first information associated with the first machine-readable code;
in response to determining that the second information corresponds to the first information and the third party scanned the second machine-readable code within the specified period of the first machine-readable code, identifying the user account associated with the first machine-readable code; and
authenticating the second request for the third party to access the user account.