Abstract: A method for extended authentication sessions on an electronic device may include an authentication service computer program executed by an authentication service electronic device: receiving a customer identifier for a customer and a unique identifier for a mobile electronic device; authenticating the customer based on the customer identifier and the unique identifier for the mobile electronic device; setting a device cookie that is specific to the mobile electronic device on the mobile electronic device; and providing the device cookie and a client secret to an OAuth services backend, wherein the OAuth services backend validates the customer identifier and client secret and generates a first token and a second token, the first token having an expiration that is shorter than that of the second token. The mobile electronic device is configured to receive and store the first token and the second token.

Abstract: A method for extended authentication sessions on an electronic device may include an authentication service computer program executed by an authentication service electronic device: receiving a customer identifier for a customer and a unique identifier for a mobile electronic device; authenticating the customer based on the customer identifier and the unique identifier for the mobile electronic device; setting a device cookie that is specific to the mobile electronic device on the mobile electronic device; and providing the device cookie and a client secret to an OAuth services backend, wherein the OAuth services backend validates the customer identifier and client secret and generates a first token and a second token, the first token having an expiration that is shorter than that of the second token. The mobile electronic device is configured to receive and store the first token and the second token.