GB2555941A - A method and system for authenticating a device - Google Patents

A method and system for authenticating a device Download PDF

Info

Publication number
GB2555941A
GB2555941A GB1715134.1A GB201715134A GB2555941A GB 2555941 A GB2555941 A GB 2555941A GB 201715134 A GB201715134 A GB 201715134A GB 2555941 A GB2555941 A GB 2555941A
Authority
GB
United Kingdom
Prior art keywords
code
audio
message
access point
wireless access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB1715134.1A
Other versions
GB201715134D0 (en
GB2555941B (en
Inventor
John Jones Daniel
Andrew Nesfield James
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Asio Ltd
Original Assignee
Asio Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Asio Ltd filed Critical Asio Ltd
Priority to GB2109212.7A priority Critical patent/GB2598190B/en
Publication of GB201715134D0 publication Critical patent/GB201715134D0/en
Publication of GB2555941A publication Critical patent/GB2555941A/en
Application granted granted Critical
Publication of GB2555941B publication Critical patent/GB2555941B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/062Pre-authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/50Secure pairing of devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery
    • H04W48/10Access restriction or access information delivery, e.g. discovery data delivery using broadcasted information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/65Environment-dependent, e.g. using captured environmental data

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)
  • Telephone Function (AREA)

Abstract

A method for authenticating a device with a wireless access point, including the steps of: transmitting a message to the device for generation of a code in audio from a speaker at the device; processing an audio signal received from the device to extract the code; verifying the code to authenticate the device, at least in part; and in response to the authentication, providing access to network services to the device via the access point, such as internet access. The code is derived from the message, which may include a seed for a pseudo-random number generator, and/or a user interface module configured to generate the audio. The audio may be audible or ultrasonic. The code may be generated by applying a hash function to the MAC address of the device. The message may trigger captive portal functionality.

Description

(54) Title of the Invention: A method and system for authenticating a device Abstract Title: Authenticating with Access Point via Audio Signal (57) A method for authenticating a device with a wireless access point, including the steps of: transmitting a message to the device for generation of a code in audio from a speaker at the device; processing an audio signal received from the device to extract the code; verifying the code to authenticate the device, at least in part; and in response to the authentication, providing access to network services to the device via the access point, such as internet access. The code is derived from the message, which may include a seed for a pseudo-random number generator, and/or a user interface module configured to generate the audio. The audio may be audible or ultrasonic. The code may be generated by applying a hash function to the MAC address of the device. The message may trigger captive portal functionality.
Figure GB2555941A_D0001
FIG.3 >
At least one drawing originally filed was informal and the print reproduced here is taken from a later filed formal copy.
1/3 ^-100
11 17
Figure GB2555941A_D0002
FIG.1
2/3
200
11 17
Figure GB2555941A_D0003
FIG.2
3/3
11 17
Figure GB2555941A_D0004
FIG. 3
A Method and System for Authenticating a Device
Field of Invention
The present invention is in the field of device authentication for communications. More particularly, but not exclusively, the present invention relates to a method and system for authenticating a device with a wireless access point.
Background
Signing in to WiFi via a captive portal is a popular way for businesses and venues to provide internet access to users within their spaces without having a completely open WiFi network. Captive portals allow access to be controlled, or information to be gathered from users before granting them access to the internet or other network resources via the captive portal.
Captive portals today use pin numbers or short passphrases to grant access in commercial/hotel venues, the passwords are typically displayed inside a venue or provided by a member of staff. This is a relatively labour intensive process, both on the side of the venue having to display the login codes, or the user, having to use their device’s keyboard to input long passwords or navigate login forms.
There is a desire for an improved system to authenticate devices for use with a WiFi network.
Access to WiFi networks is provided a wireless access point. The wireless access point is often, but not always, provided with a network router in a single apparatus.
It is an object of the present invention to provide a method and system for authenticating a device with a wireless access point which overcomes the disadvantages of the prior art, or at least provides a useful alternative.
Summary of Invention
According to a first aspect of the invention there is provided a method for authenticating a device with a wireless access point, including: transmitting a message to the device for generation of a code in audio from a speaker at the device;
processing an audio signal received from the device to extract the code; verifying the code to authenticate the device, at least in part; and in response to the authentication, providing access to one or more network services to the device via the wireless access point; wherein the code is derived from the message.
The message may include the code.
The code may be derived from the message at the device.
The message may include a seed. The code may be derived using the seed within a pseudo-random number generator. The seed used within the pseudonumber generator may be first modified with a time value at the device.
The message may include one or more functions to derive the code.
The message may include an audio file encoding the code.
The message may include an encoder module and the encoder module, when executed on the device, may be configured to encode the code into a signal for generation in audio from the speaker at the device.
The one or more network services may include Internet services.
The audio signal may be received at a microphone at the wireless access point for the processing.
The audio signal may be received at a microphone at a second device. The second device may perform the processing or the audio signal may transmitted to the wireless access point for the processing.
The message may include a user interface module, and the user interface module, when executed on the device, may be configured to generate the code in audio from the speaker. The user interface module may be further configured to generate the code in audio automatically or the user interface module may be further configured to display a user interface element, receive selection of the user interface element by a user of the device, and, in response, to selection, generate the code in audio from the speaker.
The audio may be within an audible frequency range.
The audio may be within an ultrasonic frequency range.
The method may further include the step of: prior to transmitting the message, generating the code. The code may be generated using a pseudo-random number generator. The code may be generated by applying a hash function to, at least, the media access control (MAC) address of the device. The hash function may be applied to, at least, a time value.
One or more additional data may be received from the device. The one or more additional data may be also used to authenticate the device. The one or more additional data may be received in audio or the one or more additional data may be received over a wireless network between the wireless access point and the device. The one or more additional data may include information specifically related to the user of the device. The one or more additional data may include an identifier for the user of the device and/or a passcode for the wireless access point.
The access may be provided to the one or more network services until expiration of a defined time period or detection of an event.
Code may be verified, at least in part, by matching the code to a lookup table containing a media access control (MAC) address for the device.
The code may be verified, at least in part, by determining that the code is received within a defined time window after the message was transmitted to the device.
The code may be verified, at least in part, by matching the code to a hash of, at least, the media access control (MAC) address for the device.
The message may be configured to trigger the captive portal functionality at the device.
According to a further aspect of the invention there is provided a method for method for authenticating a device with a wireless access point by generating audio at the device.
According to a further aspect of the invention there is provided a system for authenticating a device with a wireless access point, comprising:
At least one processor; and A microphone;
wherein the system is configured to provide the method of the first aspect.
According to a further aspect of the invention there is provided a system for providing network services, comprising:
A device configured for receiving a message and generating a code derived from the message in audio from a speaker at the device;
At least one processor configured for processing an audio signal received from the device to extract the code and verifying the code to authenticate the device, at least in part;
A microphone configured for receiving audio signals from the device and providing audio signals to at least one processor; and A wireless access point configured for providing access to one or more network services to an authenticated device.
Other aspects of the invention are described within the claims.
Brief Description of the Drawings
Embodiments of the invention will now be described, by way of example only, with reference to the accompanying drawings in which:
Figure 1: shows a block diagram illustrating a system in accordance with an embodiment of the invention;
Figure 2: shows a flow diagram illustrating a method in accordance with an embodiment of the invention; and
Figure 3: shows a sequence diagram illustrating a method in accordance with an embodiment of the invention.
Detailed Description of Preferred Embodiments
The present invention provides a method and system for authenticating a device with a wireless access point.
The inventors have discovered a message can be transmitted to a device to generate a code in audio at the device. This code, when captured by a microphone, can be used to authenticate the device for a wireless access point so that the device can be provided with access to network services.
In Figure 1, a system 100 in accordance with an embodiment of the invention is shown.
A wireless access point 101 is shown. The wireless access point may be configured to broadcast a SSID (Service Set IDentifier) over a wireless protocol such as 802.11.
A processor 102 is shown.
A microphone 103 is shown. The processor and microphone may be collocated and connected via a communication bus or may be connected via a wired or wireless connection.
In one embodiment, the microphone and/or processor exist within the same apparatus as the wireless access point. In one embodiment, the microphone and/or processor exist within a second device. The second device may be configured to communicate with the wireless access point (e.g. via a wireless or wired connection), for example, to transmit received audio signals to the processor at the wireless access point or to transmit messages for wireless transmission by the wireless access point when the processor exists at the second device. The second device may be fixed or mobile.
A router 104 is shown. The router may be configured for mediating connections between devices across a network 105. The router and wireless access point may be collocated within the same apparatus.
A device 106 is shown. The device may include or be connected to a speaker 107. The device may be a mobile user device such as a portable computer, smartphone, or tablet.
The device 106 may include a processor and memory configured for executing an operating system. The device 106 and/or operating system may include a wireless communications module for receiving messages over a wireless protocol from, for example, the wireless access point. The operating system may be configured for providing a captive portal framework for providing wireless access for applications executing on the device 106.
The processor 102 may be configured for transmitting messages to devices (such as device 106), across, for example, a wireless protocol provided by the wireless access point. Each message may be configured for generating a code (that is, the code is derived from the message) in audio from a speaker at the receiving device. The processor may be further configured to process audio signals received from the device (e.g. via the microphone) to extract the code. The processor may be further configured to verify the code to authenticate the device, at least in part. The processor may be further configured to provide network services to the device via the wireless access point and/or the router and network.
It will be appreciated that the functionality of the processor 102 may exist within a plurality of processors which may be distributed within the system (for example, one processor at the wireless access point, another at a second device).
It will also be appreciated by those skilled in the art that the above embodiments of the invention may be deployed on different devices and in differing architectures.
The functionality of the device 106 and/or processor 102 may be implemented, at least in part, by computer software stored on an intangible computer-readable medium.
Referring to Figure 2, a method 200 for authenticating a device (such as device 106) with a wireless access point (e.g. 101) in accordance with an embodiment of the invention will be described.
In step 201, a message is transmitted to a device (e.g. 106) for generation of a code in audio from a speaker at the device. The message may be transmitted over a wireless protocol (such as 802.11) by, for example, a wireless access point (e.g. 101).
The message may include the code or a means (such as an algorithmic function) to create the code at the device. The means may be, for example, a function to generate the code from, for example, a seed and/or time value. The time value may be calculated from a time at the device (e.g. nearest 10 seconds to the current time). The function may be a pseudo-random number generator function and the seed for the pseudo-random number generator may be created from the time value or from a seed provided within the message.
The function may be a hash function. The function (e.g. the hash function) may utilise device and/or user identifier information to generate the code. For example, the device identifier information may be a media access control (MAC) address for the device.
Where the message includes the code, the code may be encoded within the message as a string or value, or it may be encoded within the message as an audio file for immediate playback at the device. The message may include an encoder module, such as instructions in Javascript, to encode the code into audio at the device, for example, by converting the code into an audible signal or an ultrasonic signal. The audible signal may be encoded as a series of musical tones (such as described in US Patent Publication No. 2012/084131A1). The signal may include header information, and/or error correction information. The message may include a user interface module for generating the code in audio from the speaker. The user interface module may generate the code automatically or it may wait for user actuation of a user interface element (e.g. a “Connect” button).
Where the message includes the code, it may be first created (e.g. at processor 102), for example, by a pseudo-random number generator, selected from a table of unused/expired codes, or generated from the MAC address of the device (i.e. by a hash function). The code may be stored and associated with the device for later verification.
The message may be configured to trigger captive portal functionality at the device.
The message may be transmitted in response to the device connecting to the wireless access point and/or attempting to connect to network services via the wireless access point. The wireless access point may activate a captive portal by, for example, a HTTP redirect, an ICMP redirect or a DNS redirect.
In step 202, an audio signal received from the device may be processed (e.g. at processor 102) to extract the code. For example, the audio signal may be decoded from audio and the code retrieved. It will be appreciated that the code may be encrypted within the audio signal (for example, via a key provided within the message). The code may be encrypted via PKI (Public Key Infrastructure) such as RSA or via a symmetric key system such DES. The audio signal may be received at a microphone (e.g. 103).
In embodiments, one or more additional data is received from the device. The additional data may be extracted from the audio signal or may be received via an alternative channel such as via a wireless protocol channel constructed between the device and the wireless access point. The additional data may include:
• a name of the user of the device • a user password • a generic passcode for the wireless access point • identifying information for the user (i.e. a room number)
In step 203, the code may be verified to authenticate the device. One or more of the additional data may also be verified to authenticate the device.
Verification of the code may include:
• ensuring the code has not expired (e.g. it may be time-limited following transmission);
• ensuring the code matches the associated device (e.g. via a table lookup); and/or • ensuring the code matches a function (e.g. a seed/time value fed to a pseudo-random number generator or a hash function of the MAC address of the device).
Verification (of the code and/or additional data) may authenticate the device for different levels of access to network services.
In step 204, in response to the authentication, access may be provided to one or more network services via the wireless access point. Access may be timeor event-limited. The network services may be provided via a router and may include Internet access.
In embodiments, when the device first connects to the wireless access point, the wireless access point may store the device’s MAC address in a look-up table. The wireless access point may then generate a code and associate it with that MAC address in lookup table, and the message sent to the device can include that code. Alternatively, the wireless access point may hash the MAC address and associate it with the MAC address in the lookup table and the message sent to the device can then include a function to generate the code by hashing the recipient device’s MAC address. When the wireless access point ultimately receives the code from the device, it can match the code to the lookup table to locate the associated MAC address and provide access to network services to the device connected to it with that MAC address.
Referring to Figure 3, a method and system in accordance with an embodiment of the invention will be described. In this embodiment, the system will be termed the Chirp Captive Portal.
301. The user selects the Chirp Captive Portal’s wifi network
302. The Captive Portal login screen is displayed on the user’s phone (this is usually done automatically by the OS).
This login screen contains an identifying code that identifies the login session. This code may be displayed to the user or hidden. It is encoded via an audio protocol (such as described in US Patent Publication No. 2012/084131A1) with the ability for this audio to be played from the login screen.
303. The user presses a button, submits an information form or otherwise takes an action to play the encoded audio. This could also be done without any user interaction.
304. A microphone on the router picks up the audio being played and decodes the unique code
In this way the router can be sure that the device it is granting access to is physically close to its microphone. This limits the danger of this captive portal being used by people outside of the venue where the router is installed.
305. The captive portal looks up the device identified by the unique code it has decoded and grants that specific device access to the Internet
It can be seen that, in some embodiments, the device requiring access does not need to be online or have any other software installed. All the necessary components for logging in via sound may be transferred by the captive portal itself, meaning that the device requesting access can be completely offline at the point of connection to the portal.
In some embodiments, the sound played by the device could be delivered by the captive portal as a complete sound file (such as WAV), or as source code (such as JavaScript) which can then be used to synthesize the audio.
In some embodiments, the microphone could be in a different location to the router itself (i.e. the wifi hardware and the microphone do not need to be in the same case/product).
In some embodiments, the captive portal could grant access to other network resources, not only the Internet.
Potential advantages of some embodiments of the present invention include:
• Ease of use - for controlled wifi networks, instead of entering a PIN within a captive portal or entering a WPA2 password, the user may merely actuate a button (or, in embodiments, may not need to take any action at all if the audio plays automatically);
• Means of inferring proximity between the device and the hardware router (or wireless access point) - because audio is used, users will not be able to login from adjacent rooms or buildings (even if the range of the wifi network extends to these locations) as the audio from their devices will not be detected at the microphone (e.g. which in some embodiments, is located at the wireless access point);
• Requires no installation on the user’s device - the audio needed to login is provided by the captive portal on the login page; and • Devices requesting access via the captive portal are not required to have any network access prior to or (in some embodiments) during negotiating access with the portal (i.e. mobile device could login to the captive portal even if it was in airplane mode).
While the present invention has been illustrated by the description of the embodiments thereof, and while the embodiments have been described in considerable detail, it is not the intention of the applicant to restrict or in any way limit the scope of the appended claims to such detail. Additional advantages and modifications will readily appear to those skilled in the art. Therefore, the invention in its broader aspects is not limited to the specific details, representative apparatus and method, and illustrative examples shown and described. Accordingly, departures may be made from such details without departure from the spirit or scope of applicant’s general inventive concept.

Claims (24)

  1. Claims
    1. A method for authenticating a device with a wireless access point, including:
    transmitting a message to the device for generation of a code in audio from a speaker at the device;
    processing an audio signal received from the device to extract the code;
    verifying the code to authenticate the device, at least in part; and in response to the authentication, providing access to one or more network services to the device via the wireless access point;
    wherein the code is derived from the message.
  2. 2. A method as claimed in claim 1, wherein the message includes the code.
  3. 3. A method as claimed in any one of the preceding claims, wherein the code is derived from the message at the device.
  4. 4. A method as claimed in any one of the preceding claims, wherein the message includes a seed.
  5. 5. A method as claimed in claim 4, wherein the code is derived using the seed within a pseudo-random number generator.
  6. 6. A method as claimed in any one of the preceding claims, wherein the seed used within the pseudo-number generator is first modified with a time value at the device.
  7. 7. A method as claimed in any one of the preceding claims, wherein the message includes one or more functions to derive the code.
  8. 8. A method as claimed in any one of the preceding claims, wherein the message includes an audio file encoding the code.
  9. 9. A method as claimed in any one of the preceding claims, wherein the
    5 message includes an encoder module and the encoder module, when executed on the device, is configured to encode the code into a signal for generation in audio from the speaker at the device.
  10. 10. A method as claimed in any one of the preceding claims, wherein the
    10 one or more network services include Internet services.
  11. 11. A method as claimed in any one of the preceding claims, wherein the audio signal is received at a microphone at the wireless access point for the processing.
  12. 12. A method as claimed in any one of the preceding claims, wherein the audio signal is received at a microphone at a second device.
  13. 13. A method as claimed in claim 12, wherein the second device performs
    20 the processing.
  14. 14. A method as claimed in claim 12, wherein the audio signal is transmitted to the wireless access point for the processing.
    25 15. A method as claimed in any one of the preceding claims, wherein the message includes a user interface module, and the user interface module, when executed on the device, is configured to generate the code in audio from the speaker.
    30 16. A method as claimed in claim 15, wherein the user interface module is further configured to generate the code in audio automatically.
    17. A method as claimed in claim 15, wherein the user interface module is further configured to display a user interface element, receive selection of the user interface element by a user of the device, and, in response, to selection, generate the code in audio from the speaker.
    18. A method as claimed in any one of the preceding claims, wherein the
    5 audio is within an audible frequency range.
    19. A method as claimed in any one of the preceding claims, wherein the audio is within an ultrasonic frequency range.
    10 20. A method as claimed in any one of the preceding claims, further including:
    prior to transmitting the message, generating the code.
    21. A method as claimed in any one of the preceding claims, wherein the
  15. 15 code is generated using a pseudo-random number generator.
    22. A method as claimed in claim 21, wherein the code is generated by applying a hash function to, at least, the media access control (MAC) address of the device.
    23. A method as claimed in any one of the preceding claims, wherein the hash function is applied to, at least, a time value.
    24. A method as claimed in any one of the preceding claims, wherein one
    25 or more additional data is received from the device.
    25. A method as claimed in claim 24, wherein the one or more additional data are also used to authenticate the device.
    30 26. A method as claimed in any one of claims 24 to 25, wherein the one or more additional data are received in audio.
    27. A method as claimed in any one of claims 24 to 25, wherein the one or more additional data are received over a wireless network between the wireless access point and the device.
    5 28. A method as claimed in any one of claims 24 to 27, wherein the one or more additional data include information specifically related to the user of the device.
    29. A method as claimed in any one of claims 24 to 28, wherein the one or
    10 more additional data include an identifier for the user of the device.
    30. A method as claimed in any one of claims 24 to 29, wherein the one or more additional data include a passcode for the wireless access point.
    15 31. A method as claimed in any one of the preceding claims, wherein the access is provided to the one or more network services until expiration of a defined time period or detection of an event.
    32. A method as claimed in any one of the preceding claims, wherein code
  16. 20 is verified, at least in part, by matching the code to a lookup table containing a media access control (MAC) address for the device.
    33. A method as claimed in any one of the preceding claims, wherein the code is verified, at least in part, by determining that the code is
  17. 25 received within a defined time window after the message was transmitted to the device.
    34. A method as claimed in any one of the preceding claims, wherein the code is verified, at least in part, by matching the code to a hash of, at
  18. 30 least, the media access control (MAC) address for the device.
  19. 35. A method as claimed in any one of the preceding claims, wherein the message is configured to trigger the captive portal functionality at the device.
  20. 36. A method for authenticating a device with a wireless access point by generating audio at the device.
    5
  21. 37. A system for authenticating a device with a wireless access point, comprising:
    At least one processor; and A microphone;
    wherein the system is configured to provide the method of any 10 one of claims 1 to 36.
  22. 38. A system for providing network services, comprising:
    A device configured for receiving a message and generating a code derived from the message in audio from a speaker at the
    15 device;
    At least one processor configured for processing an audio signal received from the device to extract the code and verifying the code to authenticate the device, at least in part;
    A microphone configured for receiving audio signals from the 20 device and providing audio signals to at least one processor;
    and
    A wireless access point configured for providing access to one or more network services to an authenticated device.
    25
  23. 39. Software configured for performing the method of any one of claims 1 to 36 when executing on one or more processors.
  24. 40. A tangible computer-readable medium configured for storing the software of claim 39.
    Intellectual
    Property
    Office
    Application No: GB 1715134.1 Examiner: Mr Owen Cundy
GB1715134.1A 2016-09-19 2017-09-19 A method and system for authenticating a device Active GB2555941B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB2109212.7A GB2598190B (en) 2016-09-19 2017-09-19 A method and system for authenticating a device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GBGB1615926.1A GB201615926D0 (en) 2016-09-19 2016-09-19 A method and system for authenticating a device

Publications (3)

Publication Number Publication Date
GB201715134D0 GB201715134D0 (en) 2017-11-01
GB2555941A true GB2555941A (en) 2018-05-16
GB2555941B GB2555941B (en) 2021-08-11

Family

ID=57288530

Family Applications (4)

Application Number Title Priority Date Filing Date
GBGB1615926.1A Ceased GB201615926D0 (en) 2016-09-19 2016-09-19 A method and system for authenticating a device
GB2202914.4A Active GB2602895B (en) 2016-09-19 2017-09-19 A method and system for authenticating a device
GB2109212.7A Active GB2598190B (en) 2016-09-19 2017-09-19 A method and system for authenticating a device
GB1715134.1A Active GB2555941B (en) 2016-09-19 2017-09-19 A method and system for authenticating a device

Family Applications Before (3)

Application Number Title Priority Date Filing Date
GBGB1615926.1A Ceased GB201615926D0 (en) 2016-09-19 2016-09-19 A method and system for authenticating a device
GB2202914.4A Active GB2602895B (en) 2016-09-19 2017-09-19 A method and system for authenticating a device
GB2109212.7A Active GB2598190B (en) 2016-09-19 2017-09-19 A method and system for authenticating a device

Country Status (2)

Country Link
GB (4) GB201615926D0 (en)
WO (1) WO2018051144A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11188294B2 (en) 2019-02-28 2021-11-30 Sonos, Inc. Detecting the nearest playback device
CN113748689A (en) 2019-02-28 2021-12-03 搜诺思公司 Playback switching between audio devices
US11388596B2 (en) * 2019-09-03 2022-07-12 International Business Machines Corporation Secure transmittal of wireless local area network access codes

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110277023A1 (en) * 2010-05-10 2011-11-10 Intel Corporation Audible authentication for wireless network enrollment
EP2624616A1 (en) * 2010-09-27 2013-08-07 YAMAHA Corporation Communication terminal, wireless device, provider server, and wireless communication system
WO2015032196A1 (en) * 2013-09-04 2015-03-12 华为技术有限公司 Method for mobile network to automatically establish connection, and terminal
US20150141005A1 (en) * 2013-11-20 2015-05-21 Qualcomm Incorporated Using Sensor Data to Provide Information For Proximally-Relevant Group Communications

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7533735B2 (en) * 2002-02-15 2009-05-19 Qualcomm Corporation Digital authentication over acoustic channel
EP2334111B1 (en) * 2009-12-14 2012-08-01 Research In Motion Limited Authentication of mobile devices over voice channels
GB2546025B (en) 2010-10-01 2017-08-23 Asio Ltd A Transaction authenticating device and method
US20120214416A1 (en) * 2011-02-23 2012-08-23 Jonathan Douglas Kent Methods and apparatuses for communication between devices
US20150004935A1 (en) * 2013-06-26 2015-01-01 Nokia Corporation Method and apparatus for generating access codes based on information embedded in various signals
US9722984B2 (en) * 2014-01-30 2017-08-01 Netiq Corporation Proximity-based authentication
EP3275117A4 (en) * 2015-03-23 2018-02-21 Telefonaktiebolaget LM Ericsson (PUBL) Methods and user device and authenticator device for authentication of the user device
CN106921650B (en) * 2016-12-21 2021-01-19 创新先进技术有限公司 Cross-device login method, system and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110277023A1 (en) * 2010-05-10 2011-11-10 Intel Corporation Audible authentication for wireless network enrollment
EP2624616A1 (en) * 2010-09-27 2013-08-07 YAMAHA Corporation Communication terminal, wireless device, provider server, and wireless communication system
WO2015032196A1 (en) * 2013-09-04 2015-03-12 华为技术有限公司 Method for mobile network to automatically establish connection, and terminal
US20150141005A1 (en) * 2013-11-20 2015-05-21 Qualcomm Incorporated Using Sensor Data to Provide Information For Proximally-Relevant Group Communications

Also Published As

Publication number Publication date
GB2602895A (en) 2022-07-20
GB202109212D0 (en) 2021-08-11
GB2602895B (en) 2022-11-16
GB201715134D0 (en) 2017-11-01
GB2598190A (en) 2022-02-23
GB2555941B (en) 2021-08-11
GB2598190B (en) 2022-07-20
GB202202914D0 (en) 2022-04-13
WO2018051144A1 (en) 2018-03-22
GB201615926D0 (en) 2016-11-02

Similar Documents

Publication Publication Date Title
US11074033B2 (en) Access control and validation using sonic tones
US10958645B2 (en) Ad hoc one-time pairing of remote devices using online audio fingerprinting
Soriente et al. HAPADEP: human-assisted pure audio device pairing
US10074374B2 (en) Ad hoc one-time pairing of remote devices using online audio fingerprinting
JP5385941B2 (en) Audible authentication for enrollment in wireless networks
Blue et al. 2ma: Verifying voice commands via two microphone authentication
US11671825B2 (en) Method and system for authenticating a device
US20160072803A1 (en) System and method for authentication across devices
KR20060018808A (en) Information processing device, access control processing method, and computer program
CN104883720A (en) Object network access method, object network access guiding and control methods, and corresponding terminals
US20080195867A1 (en) Authenticating security parameters
CN111726886A (en) Network configuration method and device and electronic equipment
CN104955044B (en) Target network access and its guidance method and its corresponding terminal
WO2017206524A1 (en) Electronic device control method, terminal and control system
KR20100007100A (en) Method for processing communication based on voice over internet protocol using bio key and apparatus for the same
WO2022033278A1 (en) Ims data channel-based communication method and device
JP2022530136A (en) Hardware authentication token by remote collation
GB2555941A (en) A method and system for authenticating a device
US8898470B2 (en) Method and apparatus for performing security communication
GB2595836A (en) A method and system for authenticating a device
JP5973683B1 (en) Authentication server, user terminal, content server, control method therefor, and computer program
US11323263B2 (en) Sharing of secret information for accessing a wireless computing network
EP3790280B1 (en) System and methods of device pairing
JP2023509806A (en) MOBILE NETWORK ACCESS SYSTEM, METHOD, STORAGE MEDIUM AND ELECTRONIC DEVICE
CN112242977A (en) Data transmission method and data transmission system

Legal Events

Date Code Title Description
732E Amendments to the register in respect of changes of name or changes affecting rights (sect. 32/1977)

Free format text: REGISTERED BETWEEN 20200702 AND 20200708