Patent Issued for Secure session sharing between computing devices (USPTO 11706219): United Services Automobile Association
2023 AUG 07 (NewsRx) -- By a
The patent’s inventors are Davey, Richard (
This patent was filed on
From the background information supplied by the inventors, news correspondents obtained the following quote: “A user many own multiple different computing devices such as a personal computer, smartphone, tablet computer, and various internet of things (IoT) devices. In some cases, it may be advantageous to transition a computing session seamlessly from one device to another. In some cases, it may be advantageous to share information contained in a user account between two or more of the user’s computing devices. However, sharing user authentication data over a computer network poses a risk that the authentication data may be intercepted by an unauthorized party. Moreover, session or account sharing techniques that authorize sharing between devices based on whether the devices are connected to the same computing network may be susceptible to hacking or malware.”
Supplementing the background information on this patent, NewsRx reporters also obtained the inventors’ summary information for this patent: “This specification relates to sharing access to secure content between multiple computing devices.
“Implementations of the present disclosure are generally directed to systems and methods for sharing access to secure content between multiple computing devices. More specifically, implementations are directed to a process for authorizing a non-authenticated computing device to access secure user content based on an authenticated session of another computing device. Implementations may provide improved data security over existing techniques by, for example, transferring a machine-readable code (MRC) between the authenticated computing device and the non-authenticated computing device in order to verify the physical presence of the two computing devices near each other.
“In general, innovative aspects of the subject matter described in this specification can be embodied in methods that include the actions of authenticating a first computing device to access a secure account. Receiving a request from a second computing device to be authorized to access the secure account. Providing, to the second computing, first data that represents a first machine-readable code for presentation by the second computing device. Receiving, from the first computing device, second data that represents a second machine-readable code as read by the first computing device. Authorizing the second computing device to access the secure account in response to determining that the second data accurately represents the first machine-readable code as sent to the second computing device. Other implementations of this aspect include corresponding systems, apparatus, and computer programs, configured to perform the actions of the methods, encoded on computer storage devices. These and other implementations can each optionally include one or more of the following features.
“Some implementations include in response to authorizing the second computing device to access the secure account, providing, to the second computing device, third data that replicates a graphical user interface as displayed on the first computing device.
“In some implementations, the first and second machine-readable codes are Quick Response (QR) codes.”
The claims supplied by the inventors are:
“1. A computer-implemented method for authorizing access to secure content, the method comprising: authenticating, by a server system, a first computing device to access a secure account and establish an account session between the first computing device and the server system; receiving, by the server system, a request from an internet-of-things (IoT) device to be authorized to access the secure account, wherein, when the request is received, the IoT device is a non-authenticated computing device, and wherein the IoT device is only capable of receiving input by audio commands; providing, to the IoT device by the server system, first data that represents a first machine-readable code, encoded within an audio signal, for presentation by the IoT device; receiving, from the first computing device through the account session, second data that represents a second machine-readable code as received by the first computing device from the IoT device; and authorizing, by the server system, the IoT device to access the secure account in response to determining that the second data accurately represents the first machine-readable code as sent to the IoT device.
“2. The method of claim 1, further comprising in response to authorizing the IoT device to access the secure account, providing, to the IoT device, third data that replicates a graphical user interface as displayed on the first computing device.
“3. The method of claim 1, wherein the first and second machine-readable codes are sound codes.
“4. The method of claim 1, wherein providing the first data defining the first machine-readable code comprises generating the first machine-readable code as unique to the request from the IoT device.
“5. The method of claim 1, wherein the first machine-readable code is associated with an expiration time, and wherein authenticating the IoT device comprises determining that the second data is received before the expiration time of the first machine-readable code.
“6. The method of claim 1, wherein providing the first data defining the first machine-readable code comprise providing the first data defining the first machine-readable code responsive to receiving the request to be authorized to access the secure account and prior to providing the IoT device with access to the secure account.
“7. A system comprising: a server system comprising at least one processor; and at least one data store coupled to the at least one processor having instructions stored thereon which, when executed by the at least one processor, causes the at least one processor to perform operations comprising: authenticating a first computing device to access a secure account and establish an account session between the first computing device and the server system; receiving an account access request from an internet-of-things (IoT) device to be authorized to access the secure account, wherein, when the request is received, the IoT device is a non-authenticated computing device, and wherein the IoT device is only capable of receiving input by audio commands; providing, to the IoT device by the server system, first data that represents a first machine-readable code, encoded within an audio signal, for presentation by the IoT device; receiving, from the first computing device through the account session, second data that represents a second machine-readable code as received by the first computing device from the IoT device; and authorizing the IoT device to access the secure account in response to determining that the second data accurately represents the first machine-readable code as sent to the IoT device.
“8. The system of claim 7, wherein the operations further comprise in response to authorizing the IoT device to access the secure account, providing, to the IoT device, third data that replicates a graphical user interface as displayed on the first computing device.
“9. The system of claim 7, wherein the first and second machine-readable codes are sound codes.
“10. The system of claim 7, wherein providing the first data defining the first machine-readable code comprises generating the first machine-readable code as unique to the request from the IoT device.
“11. The system of claim 7, wherein the first machine-readable code is associated with an expiration time, and wherein authenticating the IoT device comprises determining that the second data is received before the expiration time of the first machine-readable code.
“12. The system of claim 7, wherein providing the first data defining the first machine-readable code comprise providing the first data defining the first machine-readable code responsive to receiving the request to be authorized to access the secure account and prior to providing the IoT device with access to the secure account.
“13. A non-transitory computer readable storage medium storing instructions that, when executed by at least one processor of a server system, cause the at least one processor to perform operations comprising: authenticating a first computing device to access a secure account and establish an account session between the first computing device and the server system; receiving an account access request from an internet-of-things (IoT) device to be authorized to access the secure account, wherein, when the request is received, the IoT device is a non-authenticated computing device, and wherein the IoT device is only capable of receiving input by audio commands; providing, to the IoT device by the server system, first data that represents a first machine-readable code, encoded within an audio signal, for presentation by the IoT device; receiving, from the first computing device through the account session, second data that represents a second machine-readable code as received by the first computing device from the IoT device; and authorizing the IoT device to access the secure account in response to determining that the second data accurately represents the first machine-readable code as sent to the IoT device.
“14. The medium of claim 13, wherein the operations further comprise in response to authorizing the IoT device to access the secure account, providing, to the IoT device, third data that replicates a graphical user interface as displayed on the first computing device.”
For the URL and additional information on this patent, see: Davey, Richard. Secure session sharing between computing devices.
(Our reports deliver fact-based news of research and discoveries from around the world.)
Risk of fatal heart attack may double in heat wave & high fine particulate pollution days: American Heart Association
Patent Issued for Beacon-based management of queues (USPTO 11704711): Massachusetts Mutual Life Insurance Company
Advisor News
- Innovative financial literacy’s greatest hits
- Gen Z not following the typical path to retirement
- Survey finds some support for DOL fiduciary rule
- Nonprofit involvement: How do you get business and WIIFM?
- Workers still concerned about financial well-being
More Advisor NewsAnnuity News
- VOYA RETIREMENT INSURANCE AND ANNUITY COMPANY – 3rd QUARTER FINANCIALS 2024
- Riley LaTour Appointed Chief Risk Officer for Somerset Reinsurance Ltd
- NAFA Honors Passionate Industry Champion Rod Mims with 2024 Bo Johnson Spirit Award
- Steve Patton Named Senior Vice President of
Simplified Issue Solutions for AmeriLife Health
- Brighthouse Financial Announces Completion of Reinsurance Transaction
More Annuity NewsHealth/Employee Benefits News
- Advocates highlight Idahoans' health care access under Medicaid expansion in short film
- What Kind of Coverage Do I Need for Medical Transport?
- The Savings Game: Older long-term care insurance policies lack premium protection
- Texas’ 90,000 DACA recipients can sign up for Affordable Care Act coverage — for now
- New York Life Introduces New Resource for Financial Wellbeing in the Workplace
More Health/Employee Benefits NewsLife Insurance News
- Third Quarter 2024 Conseco Life Insurance Company of Texas
- Billionaire Greg Lindberg pleads guilty to a $2 billion insurance fraud scheme
- New York Life Introduces New Resource for Financial Wellbeing in the Workplace
- California insurance department accused of hiding information on life insurance complaints
- RELIASTAR LIFE INSURANCE COMPANY – 3rd QUARTER FINANCIALS 2024
More Life Insurance News