US 12,445,302 B2
Caller process verification for device-bound authenticators
Johannes Stockmann, Woodinville, WA (US); and Stephen Woodward Lind, El Cerrito, CA (US)
Filed by Okta, Inc., San Francisco, CA (US)
Filed on Apr. 28, 2023, as Appl. No. 18/309,383.
Prior Publication US 2024/0364535 A1, Oct. 31, 2024
Int. Cl. H04L 9/32 (2006.01); H04L 9/08 (2006.01)
CPC H04L 9/3247 (2013.01) [H04L 9/0825 (2013.01); H04L 9/3271 (2013.01)] 14 Claims
OG exemplary drawing
 
1. A method for process verification at a first application of a device, comprising:
receiving, from a second application of the device, a first request to establish a network connection between the first application and the second application, wherein the first request identifies a port associated with the network connection;
receiving, from the second application via the network connection, a second request to authenticate an identity of a user of the second application via the first application;
identifying, in response to the second request, a process used to establish the network connection between the first application and the second application based at least in part on the port; and
obtaining a signature and a set of data associated with the signature based at least in part on the identified process, wherein authenticating the identity of the user is based at least in part on the signature and the associated set of data.