Claims:What is claimed is:
1. A method of authenticating a computing device to enable a user to logon to an application, wherein a plurality of computing devices operable by the user (108) comprises the computing device, the method comprising:
enabling a first computing device (102) to generate a first key pair associated with the first computing device (102) upon receiving, from the first computing device (102), a request to register to a first application, wherein the request comprises user credentials and a unique identifier of the user operating the first computing device (102), wherein the first key pair comprises a private key and a public key forming a first key pair encrypted end-to-end;
receiving, from the first computing device (102), the public key comprised in the first key pair associated with the first computing device (102) and store in a database (202);
receiving a first authentication request to the first application from the first computing device (102), wherein the first authentication request is signed by the private key associated with the first computing device (102);
authenticating the first authentication request to enable the user to access the first application if the private key maps with the public key of the first computing device (102) stored in the database (202);
triggering a phone lock, on the first computing device (102), upon receiving a second authentication request comprising the unique identifier of the user (108), from a second computing device (104), to access the first application that is executing on the second computing device (104); and
authenticating the second authentication request to enable the user (108) to access the first application on the second computing device (104) if the user unlocks the phone lock on the first computing device (102).

2. The method of claim 1, wherein the private key and the public key in the first key pair are mathematically related values generated based on a public key cryptography standard.

3. The method of claim 1, further comprising authenticating a third authentication request to enable the user (108) to access a second application executing on any of the first computing device (102) or the second computing device (104) associated with the first key pair.

4. The method of claim 3, further comprising, before authenticating any of the second authentication request or the third authentication request, enabling the second computing device (104) to store the private key associated with the first computing device (102) on a database of the second computing device (104) when the user (108) unlocks the phone lock on the first computing device (102) in response to the second authentication request or the third authentication request.

5. The method of claim 1, further comprising, upon receiving the second authentication request from the second computing device (104), determining whether the second computing device (104) is a trusted device or not,
if the second computing device (104) is a trusted device, triggering the phone lock, on the first computing device (102), for authenticating the second authentication request; or
if the second computing device (104) is not a trusted device, triggering one time password authentication to the first computing device (102) for authenticating the second authentication request.

6. The method of claim 5, wherein said determining comprises
providing a confirmation popup, on the first computing device (102), to enable the user (108) to add the second computing device (104) as the trusted device; and
adding the second computing device (104) as the trusted device on receipt of a confirmation from the user (108) confirming that the second computing device (104) is the trusted device.

7. A method of enabling authentication in a computing device, wherein a plurality of computing devices is operable by a user (108), the method comprising performing the steps of:
generating, using a first computing device (102), a first key pair to associate with the first computing device (102), upon receiving a response to a request sent from the first computing device (102) to register to a first application, wherein the request comprises user credentials and a unique identifier of the user (108) operating the first computing device (102), wherein the first key pair comprises a private key and a public key in forming the first key pair encrypted end-to-end;
sending, from the first computing device (102), the public key comprised in the first key pair associated with the first computing device (102) to enable storing of the first key pair in a database (202);
sending a first authentication request to the first application from the first computing device (102), wherein the first authentication request is signed by the private key associated with first computing device (102);
receiving a response to the first authentication request, the response comprising an indication indicating enabling the user (108) to access the first application if the private key maps with the public key of the first computing device (102) stored in the database (202);
sending a second authentication request comprising corresponding user credentials specified by the user (108) operating a second computing device (104) in a corresponding user interface comprised in the first application;
triggering a phone lock on the first computing device (102); and
enabling the access to the first application on the second computing device (104) on receiving a response to the second authentication request and the user (108) unlocking the phone lock on the first computing device (102).

8. A system for authenticating a computing device to enable a user (108) to logon to an application, wherein a plurality of computing devices operable by the user (108) comprises the computing device, the system comprising:
a server (106) that is communicatively coupled with the computing device operable by the user (108), wherein the server (106) comprises
a memory that stores a database (202) and a set of modules;
a processor in communication with the memory, the processor retrieving executing machine-readable program instructions from the memory which, when executed by the processor, enable the processor to:
enable a first computing device (102) to generate a first key pair associated with the first computing device (102) upon receiving, from the first computing device (102), a request to register to a first application, wherein the request comprises user credentials and a unique identifier of the user operating the first computing device (102), wherein the first key pair comprises a private key and a public key forming a first key pair encrypted end-to-end;
receive, from the first computing device (102), the public key comprised in the first key pair associated with the first computing device (102) and store in a database (202);
receive a first authentication request to the first application from the first computing device (102), wherein the first authentication request is signed by the private key associated with the first computing device (102);
authenticate the first authentication request to enable the user (108) to access the first application if the private key maps with the public key of the first computing device (102) stored in the database (202);
trigger a phone lock, on the first computing device (102), upon receiving a second authentication request comprising the unique identifier of the user (108), from a second computing device (104), to access the first application that is executing on the second computing device (104); and
authenticate the second authentication request to enable the user (108) to access the first application on the second computing device (104) if the user (108) unlocks the phone lock on the first computing device (102).

9. The system of claim 8, wherein the processor is configured to authenticate a third authentication request to enable the user (108) to access a second application executing on any of the first computing device (102) or the second computing device (104) associated with the first key pair.

10. The system of claim 9, wherein the processor is configured to, before authenticating any of the second authentication request or the third authentication request, enable the second computing device (104) to store the private key associated with the first computing device (102) on a database of the second computing device (104) when the user (108) unlocks the phone lock on the first computing device (102) in response to the second authentication request or the third authentication request.

11. The system of claim 8, wherein the processor is configured to, upon receiving the second authentication request from the second computing device (104), determine whether the second computing device (104) is a trusted device or not,
if the second computing device (104) is a trusted device, wherein the processor is configured to trigger the phone lock, on the first computing device (102), for authenticating the second authentication request; or
if the second computing device (104) is not a trusted device, wherein the processor is configured to trigger one time password authentication to the first computing device (102) for authenticating the second authentication request.

12. The system of claim 11, wherein the processor determines whether the second computing device (104) is a trusted device or not by:
providing a confirmation popup, on the first computing device (102), to enable the user (108) to add the second computing device (104) as the trusted device; and
adding the second computing device (104) as the trusted device on receipt of a confirmation from the user (108) confirming that the second computing device (104) is the trusted device.

13. The system as claimed in claim 8, wherein the first computing device (102) is configured to:
generate, a first key pair to associate with the first computing device (102), upon receiving a response to a request sent to register to a first application, wherein the request comprises user credentials and a unique identifier of the user (108) operating the first computing device (102), wherein the first key pair comprises a private key and a public key in forming the first key pair encrypted end-to-end;
send the public key comprised in the first key pair associated with the first computing device (102) to enable storing of the first key pair in a database (202);
send a first authentication request to the first application, wherein the first authentication request is signed by the private key associated with first computing device (102);
receive a response to the first authentication request, wherein the response comprising an indication indicating enabling the user (108) to access the first application if the private key maps with the public key of the first computing device (102) stored in the database (202);
send a second authentication request comprising corresponding user credentials specified by the user (108) operating a second computing device (104) in a corresponding user interface comprised in the first application;
trigger a phone lock on the first computing device (102); and
enabling the access to the first application on the second computing device (104) on receiving a response to the second authentication request and the user (108) unlocking the phone lock on the first computing device (102). , Description:BACKGROUND
Technical Field
[0001] The embodiments herein generally relate to authenticating a computing device, and more specifically to a method for authenticating a computing device to logon to an application.
[0002] Description of the Related Art
[0003] Authentication is important because it enables entity to keep their networks secure by permitting only authenticated users to access its protected resources. Password authentication is one of the most conventional authentication approaches that involves a user inputting a unique ID and key that are then checked against stored credentials at each authentication attempt. One time passwords (OTPs) are an authentication method commonly used as part of two-factor identification (2FA) and multi-factor authentication (MFA). OTPs are unique passwords that are only valid for a single login session for a defined period of time. OTPs have a success rate of 70% as the authentication fails if the OTP is not received. OTP verification costs around 15-25 paisa per authentication.
[0004] The whole world is at the receiving ends of forgotten passwords and never-received OTPs in countless instances. 1 out of 3 purchases are abandoned, cybercrime worth skyrockets to more than 6 trillion USD. Some of the drawbacks associated with the existing solutions for authentication includes (i) abandoned transactions due to forgotten passwords, (ii) recurring cost of sending OTPs, (iii) time taken to enter Passwords and OTPs, (iv) data breaches caused by compromised weak and reused passwords. Google and Facebook authentication systems do not provide data autonomy as they store the consumer’s data which may lead to data breaching.
[0005] Existing systems and methods for authenticating computing devices are cumbersome and tedious with poor user experience. It further leads to decrease in conversion rate with the need to remember the password or wait for OTPs to arrive. The iterative and time consuming process of exisiting systems is often not enjoyed by the user and leads to dropping in the number of users over time.
[0006] Therefore, there arises a need to address the aforementioned technical drawbacks in existing technologies to enable authentication in computing devices to enable users to logon to an application.
SUMMARY
In view of the foregoing, an embodiment herein provides a method of authenticating a computing device to enable a user to logon to an application. A plurality of computing devices operable by the user includes the computing device. The method includes the steps of (i) enabling a first computing device to generate a first key pair associated with the first computing device upon receiving, from the first computing device, a request to register to a first application, wherein the request comprises user credentials and a unique identifier of the user operating the first computing device, wherein the first key pair comprises a private key and a public key forming a first key pair encrypted end-to-end; (ii) receiving, from the first computing device, the public key comprised in the first key pair associated with the first computing device and store in a database; (iii) receiving a first authentication request to the first application from the first computing device, wherein the first authentication request is signed by the private key associated with the first computing device; (iv) authenticating the first authentication request to enable the user to access the first application if the private key maps with the public key of the first computing device stored in the database; (v) triggering a phone lock, on the first computing device, upon receiving a second authentication request comprising the unique identifier of the user, from a second computing device, to access the first application that is executing on the second computing device; and (vi) authenticating the second authentication request to enable the user to access the first application on the second computing device if the user unlocks the phone lock on the first computing device.
[0007] In some embodiments, the private key and the public key in the first key pair are mathematically related values generated based on a public key cryptography standard.
[0008] In some embodiments, the method includes authenticating a third authentication request to enable the user to access a second application executing on any of the first computing device or the second computing device associated with the first key pair.
[0009] In some embodiments, the method includes. before authenticating any of the second authentication request or the third authentication request, enabling the second computing device to store the private key associated with the first computing device on a database of the second computing device when the user unlocks the phone lock on the first computing device in response to the second authentication request or the third authentication request.
[0010] In some embodiments, the method includes, upon receiving the second authentication request from the second computing device, determining whether the second computing device is a trusted device or not. If the second computing device is a trusted device, the method includes triggering the phone lock, on the first computing device, for authenticating the second authentication request. If the second computing device is not a trusted device, the method includes triggering one time password authentication to the first computing device for authenticating the second authentication request.
[0011] In some embodiments, the determining of whether the second computing device is a trusted device or not includes (i) providing a confirmation popup, on the first computing device, to enable the user to add the second computing device as the trusted device and (ii) adding the second computing device as the trusted device on receipt of a confirmation from the user confirming that the second computing device is the trusted device.
[0012] According to the second aspect, a method for enabling authentication in a computing device is provided. A plurality of computing devices is operable by a user. The method includes performing the steps of: (i) generating, a first computing device, a first key pair to associate with the first computing device, when on receiving a response to a request sent from the first computing device to register to a first application, wherein the request comprises user credentials and a unique identifier of the user operating the first computing device, wherein the first key pair comprises a private key and a public key in forming the first key pair encrypted end-to-end; (ii) sending, from the first computing device, the public key comprised in the first key pair associated with the first computing device to enable storing of the first key pair in a database; (iii) sending a first authentication request to the first application from the first computing device, wherein the first authentication request is signed by the private key associated with first computing device; (iv) receiving a response to the first authentication request, wherein the response comprises an indication indicating enabling the user to access the first application if the private key maps with the public key of the first computing device stored in the database; (v) sending a second authentication request comprising corresponding user credentials specified by the user operating a second computing device in a corresponding user interface comprised in the first application; (vi) triggering a phone lock on the first computing device; and (vii) accessing the first application on the second computing device on receiving a response to the second authentication request and the user unlocking the phone lock on the first computing device.
[0013] According to a third aspect, a system for authenticating a computing device to enable a user to logon to an application is provided. The system comprises a plurality of computing devices operable by the user. The system includes a server that is communicatively coupled with the computing device operable by the user. The server includes a memory that stores a database and a set of modules, and a processor in communication with the memory. The processor retrieves executing machine-readable program instructions from the memory which, when executed by the processor, enable the processor to: (i) enable a first computing device to generate a first key pair associated with the first computing device upon receiving, from the first computing device, a request to register to a first application, wherein the request comprises user credentials and a unique identifier of the user operating the first computing device, the first key pair comprises a private key and a public key forming a first key pair encrypted end-to-end; (ii) receive, from the first computing device, the public key comprised in the first key pair associated with the first computing device and store in a database; (iii) receiving a first authentication request to the first application from the first computing device, wherein the first authentication request is signed by the private key associated with the first computing device; (iv) authenticating the first authentication request to enable the user to access the first application if the private key maps with the public key of the first computing device stored in the database; (v) triggering a phone lock, on the first computing device, upon receiving a second authentication request comprising the unique identifier of the user, from a second computing device, to access the first application that is executing on the second computing device; and (vi) authenticating the second authentication request to enable the user to access the first application on the second computing device if the user unlocks the phone lock on the first computing device.
[0014] In some embodiments, the processor is configured to authenticate a third authentication request to enable the user to access a second application executing on any of the first computing device or the second computing device associated with the first key pair.
[0015] In some embodiments, the processor is configured to authenticate, before authenticating any of the second authentication request or the third authentication request, enabling the second computing device to store the private key associated with the first computing device on a database of the second computing device when the user unlocks the phone lock on the first computing device in response to the second authentication request or the third authentication request.
[0016] In some embodiments, the processor is configured to, upon receiving the second authentication request from the second computing device, determines whether the second computing device is a trusted device or not. If the second computing device is a trusted device, the processor is configured to trigger the phone lock, on the first computing device, for authenticating the second authentication request. If the second computing device is not a trusted device, the processor is configured to trigger one time password authentication to the first computing device for authenticating the second authentication request.
[0017] In some embodiments, the processor is configured to determine whether the second computing device is a trusted device or not by (i) providing a confirmation popup, on the first computing device, to enable the user to add the second computing device as the trusted device and (ii) adding the second computing device as the trusted device on receipt of a confirmation from the user confirming that the second computing device is the trusted device.
[0018] In some embodiments, the first computing device is configured to: (i) generate, a first key pair to associate with a first computing device, when on receiving a response to a request to register to a first application, the request comprises user credentials and a unique identifier of the user operating the first computing device, wherein the first key pair comprises a private key and a public key in forming the first key pair encrypted end-to-end; (ii) send the public key comprised in the first key pair associated with the first computing device to enable storing of the first key pair in a database; (iii) send a first authentication request to the first application, wherein the first authentication request is signed by the private key associated with first computing device; (iv) receive a response to the first authentication request, wherein the response comprises an indication indicating enabling the user to access the first application if the private key maps with the public key of the first computing device stored in the database; (v) send a second authentication request comprising corresponding user credentials specified by the user operating a second computing device in a corresponding user interface comprised in the first application; (vi) trigger a phone lock on the first computing device; and (vii) enable the access to the first application on the second computing device on receiving a response to the second authentication request and the user unlocking the phone lock on the first computing device.
[0019] The system provides one step authentication and makes it convenient for the users. The system/method allows multiple logins by the user without the pain of passwords and OTPs. The system uses a strong public key cryptography based standards and users’ personal mobile devices (e.g. biometric) ensuring only trusted users and trusted devices can access the application, thereby preventing credential theft and the exploitation of known software vulnerabilities. The system/method does not save user inputs including personal data of the user. Further, the user inputs are end-to-end encrypted hence more trustable & secure. The system/method provides one-third reduction of existing authentication cost. The system/method eradicates the possibility of phishing by removing the need of OTP & passwords.
[0020] These and other aspects of the embodiments herein will be better appreciated and understood when considered in conjunction with the following description and the accompanying drawings. It should be understood, however, that the following descriptions, while indicating preferred embodiments and numerous specific details thereof, are given by way of illustration and not of limitation. Many changes and modifications may be made within the scope of the embodiments herein without departing from the spirit thereof, and the embodiments herein include all such modifications.
BRIEF DESCRIPTION OF THE DRAWINGS
[0021] The embodiments herein will be better understood from the following detailed description with reference to the drawings, in which:
[0022] FIG. 1 is a block diagram of a system for authenticating a computing device to enable a user to logon to an application according to some embodiments herein;
[0023] FIG. 2 is a block diagram of a server of FIG. 1 according to some embodiments herein;
[0024] FIG. 3 illustrates a workflow of a system of authenticating a computing device to enable a user to logon to an application according to some embodiments herein;
[0025] FIG. 4 illustrates a process flow of determining trustability of computing devices operable by the user using the system of FIG. 1 according to some embodiments herein;
[0026] FIG. 5 illustrates functional capabilities of the system for authenticating a computing device to enable a user to logon to an application according to some embodiments herein;
[0027] FIGS. 6A and 6B are flow diagrams that illustrate a method of authenticating a computing device to enable a user to logon to an application according to some embodiments herein;
[0028] FIGS. 7A and 7B are flow diagrams that illustrate a method for enabling authentication in a first computing device according to some embodiments herein;
[0029] FIG. 8 illustrates an exploded view of the computing devices of FIG.1 according to some embodiments herein; and
[0030] A representative hardware environment for practicing the embodiments herein is depicted in FIG. 9, with reference to FIGS. 1 through 8.
DETAILED DESCRIPTION OF THE DRAWINGS
[0031] The embodiments herein and the various features and advantageous details thereof are explained more fully with reference to the non-limiting embodiments that are illustrated in the accompanying drawings and detailed in the following description. Descriptions of well-known components and processing techniques are omitted so as to not unnecessarily obscure the embodiments herein. The examples used herein are intended merely to facilitate an understanding of ways in which the embodiments herein may be practiced and to further enable those of skill in the art to practice the embodiments herein. Accordingly, the examples should not be construed as limiting the scope of the embodiments herein.
[0032] As mentioned, there remains a need for a system and method to enable authentication in computing devices to enable users to logon to an application. The embodiments herein achieve this by proposing a system and method for enabling authentication in computing devices using device based keys and local screen locks. Referring now to the drawings, and more particularly to FIGS. 1 through 9, where similar reference characters denote corresponding features consistently throughout the figures, there are shown preferred embodiments.
[0033] FIG. 1 is a block diagram of a system for authenticating a computing device to enable a user to logon to an application according to some embodiments herein. The system view includes a first computing device 102, a second computing device 104, a server 106 and a user 108. The server 106 is communicatively connected to the first computing device 102, and the second computing device 104 operable by the user 108 through a network 110. In some embodiments, the first computing device 102 and the second computing device 104 may be a mobile phone, a kindle, a PDA (Personal Digital Assistant), a tablet, a computer, an electronic notebook, or a smartphone. In some embodiments, the network 110 is a wired network. In some embodiments, the network 110 is a wireless network. In some embodiments, the network 110 is a combination of a wired network and a wireless network. In some embodiments, the network 110 is the Internet.
[0034] The server 106 enables the first computing device 102 to generate a first key pair associated with the first computing device 102 upon receiving, from the first computing device 102, a request to register to a first application. The request includes user credentials and a unique identifier of the user 108 operating the first computing device 102. The first key pair includes a private key and a public key forming a first key pair encrypted end-to-end. The server 106 receives, from the first computing device 102, the public key comprised in the first key pair associated with the first computing device 102 and store in a database of the server 106. The server 106 receives a first authentication request to the first application from the first computing device 102. The first authentication request is signed by the private key associated with the first computing device 102. The server 106 authenticates the first authentication request to enable the user 108 to access the first application if the private key maps with the public key of the first computing device 102 stored in the database. The server 106 triggers a phone lock, on the first computing device 102, upon receiving a second authentication request comprising the unique identifier of the user 108, from the second computing device 104, to access the first application that is executing on the second computing device 104. The server 106 authenticates the second authentication request to enable the user 108 to access the first application on the second computing device 104 if the user 108 unlocks the phone lock on the first computing device 102.
[0035] In some embodiments, the server 106 is configured to authenticate a third authentication request to enable the user to access a second application executing on any of the first computing device 102 or the second computing device 104 associated with the first key pair.
[0036] In some embodiments, the server 106 is configured to authenticate, before authenticating any of the second authentication request or the third authentication request, enabling the second computing device 104 to store the private key associated with the first computing device 102 on a database of the second computing device 104 when the user unlocks the phone lock on the first computing device 102 in response to the second authentication request or the third authentication request.
[0037] In some embodiments, the server 106 is configured to, upon receiving the second authentication request from the second computing device 104, determines whether the second computing device 104 is a trusted device or not. If the second computing device 104 is a trusted device, the server 106 is configured to trigger the phone lock, on the first computing device 102, for authenticating the second authentication request 104. If the second computing device 104 is not a trusted device, the server 106 is configured to trigger one time password authentication to the first computing device 102 for authenticating the second authentication request.
[0038] In some embodiments, the server 106 is configured to determine whether the second computing device 104 is a trusted device or not by (i) providing a confirmation popup, on the first computing device 102, to enable the user to add the second computing device 104 as the trusted device and (ii) adding the second computing device 104 as the trusted device on receipt of a confirmation from the user confirming that the second computing device 104 is the trusted device.
[0039] In some embodiments, the first computing device 102 is configured to generate, a first key pair to associate with a first computing device, when on receiving a response to a request to register to a first application. The request comprises user credentials and a unique identifier of the user operating the first computing device. The first key pair comprises a private key and a public key in forming the first key pair encrypted end-to-end. the first computing device 102 is configured to send the public key comprised in the first key pair associated with the first computing device 102 to enable storing of the first key pair in a database. The first computing device 102 is configured to send a first authentication request to the first application. The first authentication request is signed by the private key associated with first computing device 102. The first computing device 102 is configured to receive a response to the first authentication request. The response comprises an indication indicating enabling the user to access the first application if the private key maps with the public key of the first computing device stored in the database. The first computing device 102 is configured to send a second authentication request comprising corresponding user credentials specified by the user operating a second computing device 104 in a corresponding user interface comprised in the first application. The first computing device 102 is configured to trigger a phone lock on the first computing device. The first computing device 102 is configured to enable the access to the first application on the second computing device 104 on receiving a response to the second authentication request and the user unlocking the phone lock on the first computing device 102.
[0040] FIG. 2 is a block diagram of the server 106 of FIG. 1 according to some embodiments herein. The server 106 includes a database 202, a first key pair generation module 204, a database generation module 206, a public key receiving module 208, a first authentication request receiving module 210, a first authentication request authentication module 212, a phone lock triggering module 214, and a second authentication request authentication module 216. The first key pair generation module 204 enables a first computing device to generate a first key pair associated with the first computing device upon receiving, from the first computing device, a request to register to a first application. The request includes user credentials and a unique identifier of the user operating the first computing device. The first key pair includes a private key and a public key forming a first key pair encrypted end-to-end. The database generation module 206 generates a database 202. The public key receiving module 208 receives from the first computing device, the public key comprised in the first key pair associated with the first computing device and store in the database 202. The first authentication request receiving module 210 receives a first authentication request to the first application from the first computing device. The first authentication request is signed by the private key associated with the first computing device. The first authentication request authentication module 212 authenticates the first authentication request to enable the user to access the first application if the private key maps with the public key of the first computing device stored in the database 202. The phone lock triggering module 214 triggers a phone lock, on the first computing device, upon receiving a second authentication request comprising the unique identifier of the user, from a second computing device, to access the first application that is executing on the second computing device. The second authentication request authentication module 216 authenticates the second authentication request to enable the user to access the first application on the second computing device if the user unlocks the phone lock on the first computing device.
[0041] FIG. 3 illustrates a workflow of a system of authenticating a computing device to enable a user to logon to an application according to some embodiments herein. At a step 302, the system enables a first computing device to generate a first key pair associated with the first computing device upon receiving a request to register to a first application from the first computing device by the user. The request comprises user credentials and a unique identifier of the user operating the first computing device. The first key pair comprises a private key and a public key forming a first key pair encrypted end-to-end. At a step 304, the private key comprised in the first key pair is stored in the first computing device of the user. At a step 306, the public key comprised in the first key pair associated with the first computing device is stored in a server including a database. At a step 308, a challenge is generated by the system upon receiving a first authentication request from the user. At a step 310, the challenge is signed by the private key associated with the first computing device and a signature is generated. At a step 312, the system verifies the user by validating the signature with the public key of the first computing device stored in the server.
[0042] FIG. 4 illustrates a process flow of determining trustability of computing devices operable by the user using the system of FIG. 1 according to some embodiments herein. At a step 402, a request to register to a first application is received from the first computing device is obtained. The request comprises user credentials and a unique identifier of the user operating the first computing device. At a step 404, a first computing device is enabled to generate a first key pair associated with the first computing device upon receiving a request to register to a first application from the first computing device by the user. The first key pair comprises a private key and a public key forming a first key pair encrypted end-to-end. The private key comprised in the first key pair is stored in the first computing device of the user. The public key comprised in the first key pair associated with the first computing device is stored in a database. At a step 406, the first authentication request to enable an existing user to access the first application is authenticated if the private key maps with the public key of the first computing device stored in the database. At a step 408, a phone lock is triggered on the first computing device upon receiving a second authentication request comprising the unique identifier of the user, from a second computing device, to access the first application that is executing on the second computing device. If the second computing device is not a trusted device, an OTP flow is triggered at a step 410 and the private key gets dropped at a step 412.
[0043] FIG. 5 illustrates the functional capabilities of the system for authenticating a computing device to enable a user to logon to an application according to some embodiments herein. At 502, the functional capability of the system includes login authentication, verify challenge using FIDO authenticators on the computing device of the user. At 504, the system provides Email service, Notification service (NS). The functional capability of system includes a subscriber panel that includes dashboard to manage projects, manage subscription and billing and manage registration APIs. At 506, the functional capability of system includes an admin panel that includes dashboard to manage subscribers, manage subscription and billing and manage rules and permissions.
[0015] FIGS. 6A and 6B are flow diagrams that illustrate a method of authenticating a computing device to enable a user to logon to an application according to some embodiments herein. A plurality of computing devices is operable by the user. At step 602, the method includes enabling a first computing device to generate a first key pair associated with the first computing device upon receiving, from the first computing device, a request to register to a first application. The request comprises user credentials and a unique identifier of the user operating the first computing device. The first key pair comprises a private key and a public key forming a first key pair encrypted end-to-end. At step 604, the method includes receiving, from the first computing device, the public key comprised in the first key pair associated with the first computing device and store in a database. At step 606, the method includes receiving a first authentication request to the first application from the first computing device. The first authentication request is signed by the private key associated with the first computing device. At step 608, the method includes authenticating the first authentication request to enable the user to access the first application if the private key maps with the public key of the first computing device stored in the database. At step 610, the method includes triggering a phone lock, on the first computing device, upon receiving a second authentication request comprising the unique identifier of the user, from a second computing device, to access the first application that is executing on the second computing device. At step 612, the method includes authenticating the second authentication request to enable the user to access the first application on the second computing device if the user unlocks the phone lock on the first computing device.
[0016] In some embodiments, the method enables to maintain and check user account activity. The method may obtain one time login details as there is no private key needed for a new device. The method enables a small confirmation popup that may be popped asking if the user wants to add this second computing device in the list of trusted devices. When the user clicks yes option, then the device is listed as trusted devices and next time when user uses the same computing device to login, the user doesn’t have to enter all the details but enjoy the trouble-free experience. However, if the user clicks no option, then that computing device won’t be listed. When the user uses the same device to login, the user may be asked for full credentials. Moreover, if the user wants to remove a particular trusted device, then the user can simply go to a dashboard and remove that particular device from the list of trusted devices.
[0017] FIGS. 7A and 7B are flow diagrams that illustrate a method for enabling authentication using a first computing device according to some embodiments herein. A plurality of computing devices is operable by a user. At step 702, the method includes generating a first key pair to associate with a first computing device, upon receiving a response to a request sent from the first computing device to register to a first application. The request includes user credentials and a unique identifier of the user operating the first computing device. The first key pair comprises a private key and a public key in forming the first key pair encrypted end-to-end. At step 704, the method includes sending, from the first computing device, the public key comprised in the first key pair associated with the first computing device to enable storing of the first key pair in a database. At step 706, the method includes sending a first authentication request to the first application from the first computing device. The first authentication request is signed by the private key associated with first computing device. At step 708, the method includes receiving a response to the first authentication request. The response includes an indication indicating enabling the user to access the first application if the private key maps with the public key of the first computing device stored in the database. At step 710, the method includes sending a second authentication request comprising corresponding user credentials specified by the user operating a second computing device in a corresponding user interface comprised in the first application. At step 712, the method includes triggering a phone lock on the first computing device. At step 714, the method includes enabling the access to the first application on the second computing device on receiving a response to the second authentication request and the user unlocking the phone lock on the first computing device.
[0018] In an example embodiment, the method for implementation to enable authentication in a computing device includes the following steps:
[0019] Step 1: Login to system (e.g. sawo application) console - dev.sawolabs.com.
[0020] Step 2: Create a new project and copy the Application program interface (API) key.
[0021] Step 3: On the source, create a container for system component inside body tag

[0022] Step 4:

var config = {
// should be same as the id of the container created on 3rd
Step
containerID: " system -container",
// can be one of 'email' or 'phone_number_sms'
identifierType: "phone_number_sms",
// Add the API key copied from 2nd step
apiKey: "",
// Add a callback here to handle the payload sent by sdk
onSuccess: (payload) => {
console.log(payload)
},
};
var system = new system (config);
system.showForm();

[0023] Step 5: Recommended: Verify the payload sent by sdk from the backend.
Python example:
import requests
data = {
'user_id': payload_sent_from_sdk['user_id']
}
res =
requests.post('http://api.sawolabs.com/api/v1/userverify/ ', data=data)
# Match the verification token in response with sdk payload
if res.status_code == 200:
response_data = res.json()
if response_data['verification_token'] == payload_sent_from_sdk['verification_token']:
[0015] The method can be implemented any platforms that includes a login page to access the contents of any website or application (e.g. iOS or android applications). Retail websites/ applications, OTT platforms, ticketing websites/ applications are the major sectors where method can be implemented. The method replaces monotonous OTP authentication to software development kits (SDK) key based swift authentication. The method provides one-tap login for mobile/web Apps secured by asymmetric cryptography based on the FIDO protocol. The method provides safer and easier way to authenticate, which is standardized across multiple platforms through creating cryptographic keys and storing them in the computing devices’ secure storage, then using cryptographic functions to check the requests produced by the key, to authenticate account access. The method provides a device based authentication solution which provides security from attackers and may not authenticate from anywhere other than user’s device. For extra security, these keys may be protected using computing device based PIN, pattern or lock. The method greatly reduces the authentication cost, for instance, 4paisa - 9paisa depending on the authentication volume for applications & websites. The method improves the user experience and leads to increase in conversion rate without the need to remember the password or wait for OTPs to arrive.
[0016] FIG. 8 illustrates an exploded view of the computing devices of FIG. 1 according to some embodiments herein. The computing devices having a memory 802 having a set of computer instructions, a bus 804, a display 806, a speaker 808, and a processor 810 capable of processing a set of instructions to perform any one or more of the methodologies herein, according to an embodiment herein. The processor 810 may also enable digital content to be consumed in the form of a video for output via one or more displays 806 or audio for output via speaker and/or earphones 808. The processor 810 may also carry out the methods described herein and in accordance with the embodiments herein.
[0017] The embodiments herein may include a computer program product configured to include a pre-configured set of instructions, which when performed, can result in actions as stated in conjunction with the methods described above. In an example, the pre-configured set of instructions can be stored on a tangible non-transitory computer readable medium or a program storage device. In an example, the tangible non-transitory computer readable medium can be configured to include the set of instructions, which when performed by a device, can cause the device to perform acts similar to the ones described here. Embodiments herein may also include tangible and/or non-transitory computer-readable storage media for carrying or having computer executable instructions or data structures stored thereon.
[0018] Generally, program modules utilized herein include routines, programs, components, data structures, objects, and the functions inherent in the design of special-purpose processors, etc. that perform particular tasks or implement particular abstract data types. Computer executable instructions, associated data structures, and program modules represent examples of the program code means for executing steps of the methods disclosed herein. The particular sequence of such executable instructions or associated data structures represents examples of corresponding acts for implementing the functions described in such steps.
[0019] The embodiments herein can include both hardware and software elements. The embodiments that are implemented in software include but are not limited to, firmware, resident software, microcode, etc.
[0020] A data processing system suitable for storing and/or executing program code will include at least one processor coupled directly or indirectly to memory elements through a system bus. The memory elements can include local memory employed during actual execution of the program code, bulk storage, and cache memories which provide temporary storage of at least some program code in order to reduce the number of times code must be retrieved from bulk storage during execution.
[0021] Input/output (I/O) devices (including but not limited to keyboards, displays, pointing devices, etc.) can be coupled to the system either directly or through intervening I/O controllers. Network adapters may also be coupled to the system to enable the data processing system to become coupled to other data processing systems or remote printers or storage devices through intervening private or public networks. Modems, cable modem and Ethernet cards are just a few of the currently available types of network adapters.
[0022] A representative hardware environment for practicing the embodiments herein is depicted in FIG. 9, with reference to FIGS. 1 through 8. This schematic drawing illustrates a hardware configuration of a server/computer system/ computing device in accordance with the embodiments herein. The computing device includes at least one processing device 10 and a cryptographic processor 11. The special-purpose CPU 10 and the cryptographic processor (CP) 11 may be interconnected via system bus 14 to various devices such as a random access memory (RAM) 15, read-only memory (ROM) 16, and an input/output (I/O) adapter 17. The I/O adapter 17 can connect to peripheral devices, such as disk units 12 and tape drives 13, or other program storage devices that are readable by the system. The computing device can read the inventive instructions on the program storage devices and follow these instructions to execute the methodology of the embodiments herein. The computing device further includes a user interface adapter 20 that connects a keyboard 18, mouse 19, speaker 25, microphone 23, and/or other user interface devices such as a touch screen device (not shown) to the bus 14 to gather user input. Additionally, a communication adapter 21 connects the bus 14 to a data processing network 26, and a display adapter 22 connects the bus 14 to a display device 24, which provides a graphical user interface (GUI) 30 of the output data in accordance with the embodiments herein, or which may be embodied as an output device such as a monitor, printer, or transmitter, for example. Further, a transceiver 27, a signal comparator 28, and a signal converter 29 may be connected with the bus 14 for processing, transmission, receipt, comparison, and conversion of electric or electronic signals.
[0023] The foregoing description of the specific embodiments will so fully reveal the general nature of the embodiments herein that others can, by applying current knowledge, readily modify and/or adapt for various applications such specific embodiments without departing from the generic concept, and, therefore, such adaptations and modifications should and are intended to be comprehended within the meaning and range of equivalents of the disclosed embodiments. It is to be understood that the phraseology or terminology employed herein is for the purpose of description and not of limitation. Therefore, while the embodiments herein have been described in terms of preferred embodiments, those skilled in the art will recognize that the embodiments herein can be practiced with modification within the spirit and scope of the appended claims.