公开(公告)号：US12225091B2

公开(公告)日：2025-02-11

申请号：US18243970

申请日：2023-09-08

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ariel Gordon ,  Sakshi Tiwari ,  Aaron Kyle Damashek

IPC: H04L67/00 ,  G06K7/14 ,  H04L9/40 ,  H04L67/141

Abstract: Disclosed in some examples, are methods, systems, devices, and machine-readable mediums that use one or more images (e.g., Quick-Response (QR) codes) displayed by a first application to both provide the location to obtain a second application and to copy a session from the first application to the second application once downloaded. In some examples, a session comprises an authentication session such that, when the session is copied, the user is logged into a network-based service within the second application with a same account as the user is already logged into with first application.

公开(公告)号：US20210037004A1

公开(公告)日：2021-02-04

申请号：US16525089

申请日：2019-07-29

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ariel Gordon ,  Yordan I. Rouskov

IPC: H04L29/06

Abstract: Methods, systems and computer program products are provided for signing into multiple accounts with a single gesture. Multiple sessions may be generated for multiple user identities based on a single authentication gesture, such as providing a phone number or email and a texted or emailed one-time code or providing a fast online identity (FIDO) key and an unlock gesture. Resources, such as applications, need not, but may be multi-identity aware to support signing into multiple accounts with a single gesture. Users may utilize their multiple identities without any additional sign-ins. Resources or session managers may receive multiple session artifacts concurrently or separately without additional sign-ins. Resources may indicate a capability to receive multiple session artifacts, for example, in registration or call parameters. Multiple identities may be revealed only after verification, for example, to prevent divulging identities to third parties aware of usernames such as phone numbers and email addresses.

公开(公告)号：US11792279B1

公开(公告)日：2023-10-17

申请号：US17956502

申请日：2022-09-29

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ariel Gordon ,  Sakshi Tiwari ,  Aaron Kyle Damashek

IPC: H04L67/00 ,  H04L9/40 ,  G06K7/14 ,  H04L67/141

CPC classification number: H04L67/34 ,  G06K7/1417 ,  H04L63/08 ,  H04L67/141

Abstract: Disclosed in some examples, are methods, systems, devices, and machine-readable mediums that use one or more images (e.g., Quick-Response (QR) codes) displayed by a first application to both provide the location to obtain a second application and to copy a session from the first application to the second application once downloaded. In some examples, a session comprises an authentication session such that, when the session is copied, the user is logged into a network-based service within the second application with a same account as the user is already logged into with first application.

公开(公告)号：US10898811B2

公开(公告)日：2021-01-26

申请号：US16204999

申请日：2018-11-29

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： Ariel Gordon ,  Sarat Chandra Subramaniam ,  Benjamin Richard Vincent

IPC: H04L29/06 ,  A63F13/71

Abstract: Authenticating an E-tournament identity using personal identity credentials. A method includes determining that a gaming device is configured for use in an E-tournament. The method further includes receiving from the device, user personal identity credentials. As a result, the method further includes, signing in to an E-tournament identity using the personal identity credentials.

公开(公告)号：US10862681B2

公开(公告)日：2020-12-08

申请号：US15479197

申请日：2017-04-04

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ariel Gordon ,  John H. Forrest ,  Jason Walter

IPC: G06F7/04 ,  G06F15/16 ,  H04L29/06 ,  H04L9/08 ,  G06F21/41 ,  G06F21/33 ,  G06F21/31

Abstract: An identity provider IP service provides an optimized sign out experience for a user accessing a single account service. The IP service designates a first account of a service as signed in based on first credentials provided by a user. The IP service provides a first security token for the first account to the service. Upon receiving a first sign out notification, the IP service determines whether the user wants to switch to a second account of the service. Upon determining that the user wants to switch to the second account, the IP service designates the second account as signed in based on second credentials provided by the user, provides a second security token for the second account to the service, and designates the first account as soft signed out so that the user can switch to the first account without re-providing the first credentials.

公开(公告)号：US10397199B2

公开(公告)日：2019-08-27

申请号：US15375034

申请日：2016-12-09

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ariel Gordon ,  Benjamin Richard Vincent ,  Stuart Lup-Sing Kwan

IPC: H04L29/06 ,  G06F21/41 ,  G06Q40/02

Abstract: A system for creating an account with an identity provider. The system receives a request to create an identity provider account with the identity provider for use in logging onto a third-party system. The system generates one or more display pages for providing an integrated-consent user experience. The integrated-consent user experience includes a display page for collecting both new-account information and scope-of-consent information whereby a user consents to share information with the third-party system. After the user provides the new-account information that includes user credentials for the identity provider account and consents to share account information of the identity provider account with the third-party system, the system creates the identity provider account for the user. When the user subsequently signs in to the third-party system using the user credentials for the identity provider account, the third-party system accesses account information of the identity provider account based on the scope-of-consent information.

公开(公告)号：US10284492B2

公开(公告)日：2019-05-07

申请号：US15233883

申请日：2016-08-10

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ariel Gordon ,  Steven James Ball ,  Benjamin Richard Vincent

IPC: H04L12/927 ,  H04W4/80 ,  H04L12/911 ,  H04L29/06 ,  H04N21/41 ,  H04N21/414 ,  H04W4/33

Abstract: A method and system for controlling casting to a media renderer is provided. A casting control system receives from a requesting device a request to cast media to the media renderer. In response to receiving the request, the casting control system identifies a gatekeeper for the media renderer and notifies the gatekeeper that a request has been received to cast media to the media renderer. After the casting control system receives from the gatekeeper an indication to grant or deny the request, the casting control system allows or denies the casting of the media to the media renderer.

公开(公告)号：US20180287794A1

公开(公告)日：2018-10-04

申请号：US15479197

申请日：2017-04-04

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ariel Gordon ,  John H. Forrest ,  Jason Walter

IPC: H04L9/08 ,  G06F21/41 ,  H04L29/06 ,  G06F21/33

Abstract: An identity provider IP service provides an optimized sign out experience for a user accessing a single account service. The IP service designates a first account of a service as signed in based on first credentials provided by a user. The IP service provides a first security token for the first account to the service. Upon receiving a first sign out notification, the IP service determines whether the user wants to switch to a second account of the service. Upon determining that the user wants to switch to the second account, the IP service designates the second account as signed in based on second credentials provided by the user, provides a second security token for the second account to the service, and designates the first account as soft signed out so that the user can switch to the first account without re-providing the first credentials.

公开(公告)号：US20180167371A1

公开(公告)日：2018-06-14

申请号：US15375034

申请日：2016-12-09

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ariel Gordon ,  Benjamin Richard Vincent ,  Stuart Lup-Sing Kwan

IPC: H04L29/06 ,  G06Q40/02

CPC classification number: H04L63/06 ,  G06F21/41 ,  G06Q40/02 ,  H04L63/0815 ,  H04L63/083

Abstract: A system for creating an account with an identity provider. The system receives a request to create an identity provider account with the identity provider for use in logging onto a third-party system. The system generates one or more display pages for providing an integrated-consent user experience. The integrated-consent user experience includes a display page for collecting both new-account information and scope-of-consent information whereby a user consents to share information with the third-party system. After the user provides the new-account information that includes user credentials for the identity provider account and consents to share account information of the identity provider account with the third-party system, the system creates the identity provider account for the user. When the user subsequently signs in to the third-party system using the user credentials for the identity provider account, the third-party system accesses account information of the identity provider account based on the scope-of-consent information.

公开(公告)号：US09843577B2

公开(公告)日：2017-12-12

申请号：US15365726

申请日：2016-11-30

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ariel Gordon ,  Samuel Devasahayam ,  Lu Zhao ,  Yordan Rouskov ,  Parmeshwar Miguel Sequeira Arewar ,  Venkatesh Gopalakrishnan ,  Sarat Chandra Subramaniam ,  Titus Constantin Miron

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/083 ,  H04L63/08 ,  H04L63/102 ,  H04L63/1416 ,  H04L67/02 ,  H04L67/14 ,  H04L69/28

Abstract: Embodiments are directed to revoking user sessions using signaling. In one scenario, an identity platform operating on a computer system receives an indication indicating that a user's login account has been compromised, where the user's login account has an associated login session and corresponding session artifact that is valid for a specified amount of time. The identity platform generates a signal indicating that the login session is no longer trusted and that the user is to be re-directed to the identity platform to re-authenticate and renew the session artifact and provides the generated signal to various relying parties including at least one relying party that is hosting the login session for the user.