公开(公告)号：US20190238532A1

公开(公告)日：2019-08-01

申请号：US15885154

申请日：2018-01-31

Applicant: Salesforce.com, inc.

Inventor： Joshua David Alexander ,  Evan Tyler Grim

IPC: H04L29/06 ,  H04W12/06 ,  H04L9/08

CPC classification number: H04L63/0853 ,  H04L9/08 ,  H04L63/107 ,  H04L2463/082 ,  H04W4/02 ,  H04W12/06

Abstract: Embodiments are disclosed relating to authenticating a user of a client computer system. One embodiment may include an application, executing on a client computer system, receiving an indication that a user is requesting access to a server computer system. In response to the receiving, the application may detect that a mobile device of the user is connected to a wireless network to which the client computer system is also connected. The application may receive authentication information for the request from the detected mobile device. The application may then send an authentication request to the server computer system. The authentication request may include data based on the authentication information received from the detected mobile device.

公开(公告)号：US09531702B2

公开(公告)日：2016-12-27

申请号：US14940868

申请日：2015-11-13

Applicant: salesforce.com, inc.

Inventor： Evan Tyler Grim ,  Josh Alexander

IPC: H04L29/06 ,  H04W12/06

CPC classification number: H04L63/08 ,  H04L63/0861 ,  H04L63/107 ,  H04L2463/082 ,  H04W12/06

Abstract: Systems and methods for authenticating defined user actions over a computer network. An authentication service receives an authentication request from an authenticating service to perform an action on behalf of a user. The authentication service then sends a permission request to a mobile device associated with the user, asking the user whether or not the action should be allowed. The user sends a permission response via the mobile device to the authentication service, granting or denying the action. The user may automate future similar responses so long as at least one automation criterion is met (e.g., the physical location of the mobile device), eliminating the need to manually provide a response to future permission requests. Information necessary to determine whether the automation criterion is met is stored locally on the mobile device.

公开(公告)号：US11451559B2

公开(公告)日：2022-09-20

申请号：US16913967

申请日：2020-06-26

Applicant: salesforce.com, inc.

Inventor： Evan Tyler Grim ,  Josh Alexander

IPC: H04L29/06 ,  H04W12/06 ,  H04L9/40 ,  H04W4/80 ,  H04W12/61 ,  H04W12/68

Abstract: Techniques are disclosed relating to automating permission requests, e.g., in the context of multi-factor authorization. A mobile device may allow a user to automate responses to future permission requests for multi-factor authorization procedures. The mobile device may automatically respond to subsequent permission requests based on one or more automation criteria. Authorized actions may include login, transaction approval, physical access, vehicle ignition, account recovery, etc. The automation criteria may include location, acceleration, velocity, wireless connectivity, proximity to another device, temperature, lighting, noise, time, biometrics, altitude, pressure, image characteristics, etc. Disclosed techniques may increase authorization security while reducing user interaction for multi-factor authorization, in some embodiments.

公开(公告)号：US20200280552A1

公开(公告)日：2020-09-03

申请号：US16875145

申请日：2020-05-15

Applicant: salesforce.com, inc.

Inventor： Josh Alexander ,  Seth Holloway ,  Evan Tyler Grim ,  Ian Glazer ,  William Charles Mortimore, JR.

IPC: H04L29/06 ,  H04W12/06

Abstract: Techniques are disclosed relating to contextual authentication across different applications based on user communications. In some embodiments, a user is preauthenticated to certain actions on a second application based on the user's communication via a first application. The user's communication via a first application provides contextual information that may be used to preauthenticate a request to perform an action on the second application. Contextual information may include the user's communication itself, communications characteristics that are determined from the user's communications, or both. In some embodiments, the degree of preauthentication progressively increases or decreases with the degree of use on the first application; that is, the user is preauthenticated to greater or fewer portions of an authentication procedure, to perform greater or fewer actions, or to perform actions more or less critical to security, as additional information regarding the user's communication on the first application becomes available. In some embodiments, preauthentication may be revoked as additional contextual information becomes available on the first application.

公开(公告)号：US20150382195A1

公开(公告)日：2015-12-31

申请号：US14849352

申请日：2015-09-09

Applicant: salesforce.com, inc.

Inventor： Evan Tyler Grim ,  Josh Alexander

IPC: H04W12/06

CPC classification number: H04W12/06 ,  H04L63/08 ,  H04L63/0861 ,  H04L63/107 ,  H04L2463/082 ,  H04W12/08

Abstract: Techniques are disclosed relating to automating permission requests, e.g., in the context of multi-factor authentication. In some embodiments, based on a change in one or more automation criteria (e.g., based on a mobile device entering a particular geographic region) a mobile device is configured to preemptively indicate to an authorization system to automatically authorize a subsequent attempt to perform an action, without transmitting the permission request to the mobile device. The mobile device may later revoke the preemptive permission request, e.g., based on another change in automation criteria. Disclosed techniques may increase authorization security while reducing user interaction for multi-factor authentication, in some embodiments.

Abstract translation: 公开了关于自动化许可请求的技术，例如在多因素认证的上下文中。 在一些实施例中，基于一个或多个自动化标准（例如，基于进入特定地理区域的移动设备）的变化，移动设备被配置为优先地向授权系统指示以自动授权后续尝试执行动作 ，而不向移动设备发送许可请求。 移动设备可以稍后撤销例如基于自动化标准中的另一变化的抢占许可请求。 在一些实施例中，公开的技术可以增加授权安全性，同时减少多因素认证的用户交互。

公开(公告)号：US20150381633A1

公开(公告)日：2015-12-31

申请号：US14849323

申请日：2015-09-09

Applicant: salesforce.com, inc.

Inventor： Evan Tyler Grim ,  Josh Alexander

IPC: H04L29/06

CPC classification number: H04L63/107 ,  H04L63/08 ,  H04L63/0861 ,  H04L2463/082 ,  H04W4/80 ,  H04W12/06

Abstract: Techniques are disclosed relating to automating permission requests, e.g., in the context of multi-factor authentication. A mobile device may display an option to allow a user to automate responses to future permission requests to perform an action. The mobile device may automatically respond to subsequent permission requests based on at least one automation criterion. The action may include login, transaction approval, physical access, vehicle ignition, account recovery, etc. The automation criteria may include location, acceleration, velocity, wireless connectivity, proximity to another device, temperature, lighting, noise, time, biometrics, altitude, pressure, image characteristics, etc. Disclosed techniques may increase authorization security while reducing user interaction for multi-factor authentication, in some embodiments.

Abstract translation: 公开了关于自动化许可请求的技术，例如在多因素认证的上下文中。 移动设备可以显示允许用户自动化对将来的许可请求的响应以执行动作的选项。 移动设备可以基于至少一个自动化标准来自动响应后续许可请求。 该操作可能包括登录，交易审批，物理访问，车辆点火，帐户恢复等。自动化标准可能包括位置，加速度，速度，无线连接，与另一设备的接近度，温度，照明，噪声，时间，生物特征，高度 ，压力，图像特征等。在一些实施例中，公开的技术可以增加授权安全性，同时减少多因素认证的用户交互。

公开(公告)号：US20200329051A1

公开(公告)日：2020-10-15

申请号：US16913967

申请日：2020-06-26

Applicant: salesforce.com, inc.

Inventor： Evan Tyler Grim ,  Josh Alexander

IPC: H04L29/06 ,  H04W12/06

Abstract: Techniques are disclosed relating to automating permission requests, e.g., in the context of multi-factor authorization. A mobile device may allow a user to automate responses to future permission requests for multi-factor authorization procedures. The mobile device may automatically respond to subsequent permission requests based on one or more automation criteria. Authorized actions may include login, transaction approval, physical access, vehicle ignition, account recovery, etc. The automation criteria may include location, acceleration, velocity, wireless connectivity, proximity to another device, temperature, lighting, noise, time, biometrics, altitude, pressure, image characteristics, etc. Disclosed techniques may increase authorization security while reducing user interaction for multi-factor authorization, in some embodiments.

公开(公告)号：US10701081B2

公开(公告)日：2020-06-30

申请号：US16290678

申请日：2019-03-01

Applicant: salesforce.com, inc.

Inventor： Evan Tyler Grim ,  Josh Alexander

IPC: H04L29/06 ,  H04L12/06 ,  H04W12/06 ,  H04W4/80 ,  H04W12/00

Abstract: Techniques are disclosed relating to automating permission requests, e.g., in the context of multi-factor authentication. A mobile device may allow a user to automate responses to future permission requests for multi-factor authentication procedures. The mobile device may automatically respond to subsequent permission requests based on one or more automation criteria. Authorized actions may include login, transaction approval, physical access, vehicle ignition, account recovery, etc. The automation criteria may include location, acceleration, velocity, wireless connectivity, proximity to another device, temperature, lighting, noise, time, biometrics, altitude, pressure, image characteristics, etc. Disclosed techniques may increase authorization security while reducing user interaction for multi-factor authentication, in some embodiments.

公开(公告)号：US10225242B2

公开(公告)日：2019-03-05

申请号：US14849312

申请日：2015-09-09

Applicant: salesforce.com, inc.

Inventor： Evan Tyler Grim ,  Josh Alexander

IPC: H04L29/06 ,  H04W12/06

Abstract: Techniques are disclosed relating to automating permission requests, e.g., in the context of multi-factor authentication. In some embodiments a mobile device receives permission requests that specify sets of one or more automation criteria. In some embodiments, the mobile device prompts a user for a response to permission requests when the criteria are not met and automatically responds to permission requests (e.g., without requiring user input) when the criteria are met. Disclosed techniques may increase authorization security while reducing user interaction for multi-factor authentication, in some embodiments.

公开(公告)号：US10659446B2

公开(公告)日：2020-05-19

申请号：US15621628

申请日：2017-06-13

Applicant: salesforce.com, inc.

Inventor： Josh Alexander ,  Seth Holloway ,  Evan Tyler Grim ,  Ian Glazer ,  William Charles Mortimore, Jr.

IPC: G06F7/04 ,  H04L29/06 ,  H04W12/06

Abstract: Techniques are disclosed relating to contextual authentication across different applications based on user communications. In some embodiments, a user is preauthenticated to certain actions on a second application based on the user's communication via a first application. The user's communication via a first application provides contextual information that may be used to preauthenticate a request to perform an action on the second application. Contextual information may include the user's communication itself and/or communications characteristics that are determined from the user's communications. In some embodiments, the degree of preauthentication progressively increases or decreases with the degree of use on the first application; that is, the user is preauthenticated to greater or fewer portions of an authentication procedure, to perform greater or fewer actions, or to perform actions more or less critical to security, as additional information regarding the user's communication on the first application becomes available. In some embodiments, preauthentication may be revoked as additional contextual information becomes available on the first application.