Patent Issued for Secure session sharing between computing devices (USPTO 11706219): United Services Automobile Association
2023 AUG 07 (NewsRx) -- By a
The patent’s inventors are Davey, Richard (
This patent was filed on
From the background information supplied by the inventors, news correspondents obtained the following quote: “A user many own multiple different computing devices such as a personal computer, smartphone, tablet computer, and various internet of things (IoT) devices. In some cases, it may be advantageous to transition a computing session seamlessly from one device to another. In some cases, it may be advantageous to share information contained in a user account between two or more of the user’s computing devices. However, sharing user authentication data over a computer network poses a risk that the authentication data may be intercepted by an unauthorized party. Moreover, session or account sharing techniques that authorize sharing between devices based on whether the devices are connected to the same computing network may be susceptible to hacking or malware.”
Supplementing the background information on this patent, NewsRx reporters also obtained the inventors’ summary information for this patent: “This specification relates to sharing access to secure content between multiple computing devices.
“Implementations of the present disclosure are generally directed to systems and methods for sharing access to secure content between multiple computing devices. More specifically, implementations are directed to a process for authorizing a non-authenticated computing device to access secure user content based on an authenticated session of another computing device. Implementations may provide improved data security over existing techniques by, for example, transferring a machine-readable code (MRC) between the authenticated computing device and the non-authenticated computing device in order to verify the physical presence of the two computing devices near each other.
“In general, innovative aspects of the subject matter described in this specification can be embodied in methods that include the actions of authenticating a first computing device to access a secure account. Receiving a request from a second computing device to be authorized to access the secure account. Providing, to the second computing, first data that represents a first machine-readable code for presentation by the second computing device. Receiving, from the first computing device, second data that represents a second machine-readable code as read by the first computing device. Authorizing the second computing device to access the secure account in response to determining that the second data accurately represents the first machine-readable code as sent to the second computing device. Other implementations of this aspect include corresponding systems, apparatus, and computer programs, configured to perform the actions of the methods, encoded on computer storage devices. These and other implementations can each optionally include one or more of the following features.
“Some implementations include in response to authorizing the second computing device to access the secure account, providing, to the second computing device, third data that replicates a graphical user interface as displayed on the first computing device.
“In some implementations, the first and second machine-readable codes are Quick Response (QR) codes.”
The claims supplied by the inventors are:
“1. A computer-implemented method for authorizing access to secure content, the method comprising: authenticating, by a server system, a first computing device to access a secure account and establish an account session between the first computing device and the server system; receiving, by the server system, a request from an internet-of-things (IoT) device to be authorized to access the secure account, wherein, when the request is received, the IoT device is a non-authenticated computing device, and wherein the IoT device is only capable of receiving input by audio commands; providing, to the IoT device by the server system, first data that represents a first machine-readable code, encoded within an audio signal, for presentation by the IoT device; receiving, from the first computing device through the account session, second data that represents a second machine-readable code as received by the first computing device from the IoT device; and authorizing, by the server system, the IoT device to access the secure account in response to determining that the second data accurately represents the first machine-readable code as sent to the IoT device.
“2. The method of claim 1, further comprising in response to authorizing the IoT device to access the secure account, providing, to the IoT device, third data that replicates a graphical user interface as displayed on the first computing device.
“3. The method of claim 1, wherein the first and second machine-readable codes are sound codes.
“4. The method of claim 1, wherein providing the first data defining the first machine-readable code comprises generating the first machine-readable code as unique to the request from the IoT device.
“5. The method of claim 1, wherein the first machine-readable code is associated with an expiration time, and wherein authenticating the IoT device comprises determining that the second data is received before the expiration time of the first machine-readable code.
“6. The method of claim 1, wherein providing the first data defining the first machine-readable code comprise providing the first data defining the first machine-readable code responsive to receiving the request to be authorized to access the secure account and prior to providing the IoT device with access to the secure account.
“7. A system comprising: a server system comprising at least one processor; and at least one data store coupled to the at least one processor having instructions stored thereon which, when executed by the at least one processor, causes the at least one processor to perform operations comprising: authenticating a first computing device to access a secure account and establish an account session between the first computing device and the server system; receiving an account access request from an internet-of-things (IoT) device to be authorized to access the secure account, wherein, when the request is received, the IoT device is a non-authenticated computing device, and wherein the IoT device is only capable of receiving input by audio commands; providing, to the IoT device by the server system, first data that represents a first machine-readable code, encoded within an audio signal, for presentation by the IoT device; receiving, from the first computing device through the account session, second data that represents a second machine-readable code as received by the first computing device from the IoT device; and authorizing the IoT device to access the secure account in response to determining that the second data accurately represents the first machine-readable code as sent to the IoT device.
“8. The system of claim 7, wherein the operations further comprise in response to authorizing the IoT device to access the secure account, providing, to the IoT device, third data that replicates a graphical user interface as displayed on the first computing device.
“9. The system of claim 7, wherein the first and second machine-readable codes are sound codes.
“10. The system of claim 7, wherein providing the first data defining the first machine-readable code comprises generating the first machine-readable code as unique to the request from the IoT device.
“11. The system of claim 7, wherein the first machine-readable code is associated with an expiration time, and wherein authenticating the IoT device comprises determining that the second data is received before the expiration time of the first machine-readable code.
“12. The system of claim 7, wherein providing the first data defining the first machine-readable code comprise providing the first data defining the first machine-readable code responsive to receiving the request to be authorized to access the secure account and prior to providing the IoT device with access to the secure account.
“13. A non-transitory computer readable storage medium storing instructions that, when executed by at least one processor of a server system, cause the at least one processor to perform operations comprising: authenticating a first computing device to access a secure account and establish an account session between the first computing device and the server system; receiving an account access request from an internet-of-things (IoT) device to be authorized to access the secure account, wherein, when the request is received, the IoT device is a non-authenticated computing device, and wherein the IoT device is only capable of receiving input by audio commands; providing, to the IoT device by the server system, first data that represents a first machine-readable code, encoded within an audio signal, for presentation by the IoT device; receiving, from the first computing device through the account session, second data that represents a second machine-readable code as received by the first computing device from the IoT device; and authorizing the IoT device to access the secure account in response to determining that the second data accurately represents the first machine-readable code as sent to the IoT device.
“14. The medium of claim 13, wherein the operations further comprise in response to authorizing the IoT device to access the secure account, providing, to the IoT device, third data that replicates a graphical user interface as displayed on the first computing device.”
For the URL and additional information on this patent, see: Davey, Richard. Secure session sharing between computing devices.
(Our reports deliver fact-based news of research and discoveries from around the world.)
Risk of fatal heart attack may double in heat wave & high fine particulate pollution days: American Heart Association
Patent Issued for Beacon-based management of queues (USPTO 11704711): Massachusetts Mutual Life Insurance Company
Advisor News
- Finseca and IAQFP announce merger
- More than half of recent retirees regret how they saved
- Tech group seeks additional context addressing AI risks in CSF 2.0 draft profile connecting frameworks
- How to discuss higher deductibles without losing client trust
- Take advantage of the exploding $800B IRA rollover market
More Advisor NewsAnnuity News
- Somerset Re Appoints New Chief Financial Officer and Chief Legal Officer as Firm Builds on Record-Setting Year
- Indexing the industry for IULs and annuities
- United Heritage Life Insurance Company goes live on Equisoft’s cloud-based policy administration system
- Court fines Cutter Financial $100,000, requires client notice of guilty verdict
- KBRA Releases Research – Private Credit: From Acquisitions to Partnerships—Asset Managers’ Growing Role With Life/Annuity Insurers
More Annuity NewsHealth/Employee Benefits News
- As ACA subsidies expire, thousands drop coverage or downgrade plans
- Findings from Centers for Disease Control and Prevention Provides New Data about Managed Care (Association Between Health Plan Design and the Demand for Naloxone: Evidence From a Natural Experiment in New York): Managed Care
- Medicare is experimenting with having AI review claims – a cost-saving measure that could risk denying needed care
- CMS proposed rule impacts MA marketing and enrollment
- HUMAN RIGHTS CAMPAIGN FOUNDATION TAKES NEXT STEP IN CLASS ACTION LITIGATION AGAINST TRUMP ADMINISTRATION, FILES COMPLAINT WITH EEOC OVER PROHIBITION ON GENDER-AFFIRMING HEALTHCARE COVERAGE FOR FEDERAL EMPLOYEES
More Health/Employee Benefits NewsLife Insurance News