Patent Issued for Block chain authentication systems and methods (USPTO 11615386): United Services Automobile Association
2023 APR 14 (NewsRx) -- By a
The patent’s inventors are
This patent was filed on
From the background information supplied by the inventors, news correspondents obtained the following quote: “The present disclosure relates generally to systems and methods for electronic authentication of users. More specifically, the present disclosure relates to multi-factor authentication techniques that increase security by providing complex authentication of a user, while reducing inconvenience to the users being authenticated.
“As electronic technology becomes increasingly affordable and powerful, commerce is increasingly conducted electronically online. Modern businesses typically offer access to services and sensitive data via online portals (e.g., the Internet), which may be accessed from numerous sites across the globe. Because the data and/or services provided by these businesses may be quite valuable, nefarious individuals may attempt to impersonate a user from one of the access sites, in an effort to gain unauthorized access to the data and/or to initiate unauthorized service transactions. To curb these efforts, businesses may implement primary authentication processes, as well as secondary authentication processes. For example, certain modern businesses have traditionally asked for username/password combinations as a primary authentication method. Further, these businesses may ask a user for answers to personal questions, which may act as a secondary mechanism for authenticating the user. Unfortunately, these secondary mechanisms may be quite inconvenient for the users. For example, the login process may become more complex, requiring a user to remember and enter answers to secondary questions. This may be quite cumbersome and inefficient. Accordingly, improved techniques for multi-factor (e.g., secondary) authentication are desired.”
Supplementing the background information on this patent, NewsRx reporters also obtained the inventors’ summary information for this patent: “One or more specific embodiments of the present disclosure will be described below. In an effort to provide a concise description of these embodiments, all features of an actual implementation may not be described in the specification. It should be appreciated that in the development of any such actual implementation, as in any engineering or design project, numerous implementation-specific decisions must be made to achieve the developers’ specific goals, such as compliance with system-related and business-related constraints, which may vary from one implementation to another. Moreover, it should be appreciated that such a development effort might be complex and time consuming, but would nevertheless be a routine undertaking of design, fabrication, and manufacture for those of ordinary skill having the benefit of this disclosure.
“Present embodiments are generally directed toward improved systems and methods of multi-factor authentication for performance of electronic actions (e.g., accessing electronic data and/or modifying electronic data). Specifically, as will be described in detail below, the techniques discussed herein may enable multiple factors of authentication to occur, while reducing a user input burden. Present embodiments address post-Internet issues that have arisen with respect to protecting against unauthorized access/modification to data and with respect to inefficiencies of traditional authentication techniques that have become overly cumbersome in efforts to address more sophisticated threats.
“More specifically, in accordance with present embodiments, a user and/or user identifier requesting the performance of electronic actions at a client computer may provide authenticating information to illustrate that the user and/or user identifier is permitted for action performance via data and device associations that may avoid requiring a user to perform multiple password entries. An electronic device other than the client may be associated with the user and/or user identifier. Information related to and/or provided from this electronic device may be used to provide a secondary authentication of the user and/or user identifier, resulting in a multi-factor authentication that may occur without secondary user input.
“Multi-Factor Authentication
“Turning first to a discussion of an overall multi-factor authentication system, FIG. 1 is a schematic representation of a multi-factor authentication system 100, in accordance with an embodiment. FIG. 2 is a flowchart, illustrating a process 200 for implementing multi-factor authentication using the system 100 of FIG. 1, in accordance with an embodiment. For clarity, FIGS. 1 and 2 will be discussed together.”
The claims supplied by the inventors are:
“1. A tangible, non-transitory, computer-readable medium, comprising computer-readable instructions that, when executed by one or more processors, cause the one or more processors to: receive primary authentication information from a client device; authenticate the primary authentication information; in response to authenticating the primary authentication information, identify one or more secondary devices that are paired with the client device; and register secondary device identification information corresponding to the one or more secondary devices with a user profile associated with the primary authentication information based upon the one or more secondary devices being paired with the client device; wherein the secondary device identification information provides secondary authentication information for a subsequent electronic data action request associated with the user profile.
“2. The computer-readable medium of claim 1, wherein the one or more secondary devices are paired with the client device via Bluetooth, near field communications (NFC), or universal serial bus (USB).
“3. The computer-readable medium of claim 1, comprising computer-readable instructions that, when executed by the one or more processors, cause the one or more processors to: receive the subsequent electronic data action request associated with the user profile; in response to receiving the subsequent electronic data action request, retrieve the secondary authentication information registered with the user profile; receive secondary device data corresponding to a secondary device at a time of receiving the subsequent electronic data action request; authenticate the secondary device data based upon the secondary authentication information; and facilitate the subsequent electronic data action request based at least in part upon authenticating the secondary device data.
“4. The computer-readable medium of claim 3, wherein the secondary device data corresponding to the secondary device is received in response to the secondary device being electronically paired with the client device at the time of receiving the subsequent electronic data action request.
“5. The computer-readable medium of claim 3, wherein the secondary device data comprises a unique identifier of the secondary device.
“6. The computer-readable medium of claim 3, wherein the secondary device data comprises a location of the secondary device.
“7. The computer-readable medium of claim 3, wherein the secondary device data comprises a cookie, token, or both stored on the secondary device.
“8. The computer-readable medium of claim 3, comprising computer-readable instructions that, when executed by the one or more processors, causes the one or more processors to: receive a first dataset associated with a first electronic data action request from the client device, the one or more secondary devices, or both; register the first dataset associated with the first electronic data action request in the user profile based on authorizing the subsequent electronic data action request; receive a second dataset associated with a second electronic data action request from the client device, the one or more secondary devices, or the user profile; and authorize the second electronic data action request based upon an amount of overlap between the first dataset registered in the user profile and the second dataset exceeding a threshold value.
“9. The computer-readable medium of claim 8, wherein the first dataset and the second dataset comprise information indicative of a time, a location, or a function of the client device making the first electronic data action request or the second electronic data action request.
“10. The computer-readable medium of claim 3, comprising computer-readable instructions that, when executed by the one or more processors, causes the one or more processors to: register client device identification information corresponding to the client device with the user profile in response to receiving the primary authentication information from the client device, wherein the client device identification information provides the secondary authentication information for the subsequent electronic data action request.
“11. The computer-readable medium of claim 3, comprising computer-readable instructions that, when executed by the one or more processors, cause the one or more processors to: identify one or more trusted secondary devices associated with the user profile; identify an association between the one or more trusted secondary devices and an additional secondary device; register secondary device identification information corresponding to the additional secondary device with the user profile based on the association; and add the additional secondary device as one of the one or more trusted secondary devices associated with the user profile; wherein the secondary device identification information corresponding to the additional secondary device provides the secondary authentication information for the subsequent electronic data action request.
“12. The computer-readable medium of claim 11, wherein the one or more trusted secondary devices are previously registered secondary devices.
“13. The computer-readable medium of claim 11, wherein the association between the one or more trusted secondary devices and the additional secondary device and is made via wi-fi, Bluetooth, near field communications (NFC), or universal serial bus (USB).
“14. The computer-readable medium of claim 11, comprising computer-readable instructions that, when executed by the one or more processors, cause the one or more processors to: add a number of additional secondary devices to the user profile as the one or more trusted secondary devices associated with the user profile based on a plurality of respective associations with the one or more trusted secondary devices; and increase an authentication confidence factor based on the number of additional secondary devices added to the user profile increasing, wherein the authentication confidence factor is indicative of a likelihood that a user is authorized to perform the subsequent electronic data action request.
“15. The computer-readable medium of claim 1, comprising computer-readable instructions that, when executed by the one or more processors, cause the one or more processors to send a request to confirm that the secondary device identification information should be associated with the user profile.
“16. An authentication system for electronic data, comprising: a client device; one or more secondary devices paired to the client device; and a computing device managing a user profile, configured to: receive primary authentication information from the client device; authenticate the primary authentication information; identify that the one or more secondary devices is paired to the client device in response to authenticating the primary authentication information; and register secondary device identification information corresponding to the one or more secondary devices with the user profile based upon the one or more secondary devices being paired with the client device; wherein the secondary device identification information provides secondary authentication information for a subsequent electronic data action request.
“17. The authentication system of claim 16, wherein the authentication system is configured to: receive the subsequent electronic data action request associated with the user profile; retrieve the secondary authentication information registered with the user profile in response to receiving the subsequent electronic data action request; receive secondary device data corresponding to one or more secondary devices at a time of receiving the subsequent electronic data action request; authenticate the secondary device data based upon the secondary authentication information associated with the user profile; and authorize the subsequent electronic data action request based at least in part upon authenticating the secondary device data.
“18. The authentication system of claim 16, wherein the authentication system is configured to: determine that the client device is a public device; and receive the primary authentication information from the one or more secondary devices associated with the user profile instead of from the public device.
“19. A computer-implemented method for multi-factor authorization, comprising: receiving primary authentication information from a client device; authenticating the primary authentication information; determining that a secondary device is paired to the client device in response to authenticating the primary authentication information; receiving secondary device identifying data associated with the secondary device; and registering the secondary device identifying data as secondary authentication information for a subsequent electronic data action request with a user profile based upon the secondary device being paired with the client device.
“20. The computer-implemented method of claim 19, comprising: receiving the subsequent electronic data action request associated with the user profile from a device; retrieving the secondary authentication information registered with the user profile; receiving device data from the device at a time of receiving the subsequent electronic data action request; authenticating the device data with the secondary authentication information registered in the user profile; and authorizing the subsequent electronic data action request based at least in part on authenticating the device data.”
For the URL and additional information on this patent, see:
(Our reports deliver fact-based news of research and discoveries from around the world.)
Patent Issued for Selectively shared vehicle-based telematics (USPTO 11615478): Allstate Insurance Company
Was your home, car flooded? Here's what to do before, after filing an insurance claim [Miami Herald]
Advisor News
- Study finds more households move investable assets across firms
- Could workplace benefits help solve America’s long-term care gap?
- The best way to use a tax refund? Create a holistic plan
- CFP Board appoints K. Dane Snowden as CEO
- TIAA unveils ‘policy roadmap’ to boost retirement readiness
More Advisor NewsAnnuity News
- $80k surrender charge at stake as Navy vet, Ameritas do battle in court
- Sammons Institutional Group® Launches Summit LadderedSM
- Protective Expands Life & Annuity Distribution with Alfa Insurance
- Annuities: A key tool in battling inflation
- Pinnacle Financial Services Launches New Agent Website, Elevating the Digital Experience for Independent Agents Nationwide
More Annuity NewsHealth/Employee Benefits News
- Providers fear illness uptick
- JAN. 30, 2026: NATIONAL ADVOCACY UPDATE
- Advocates for elderly target utility, insurance costs
- National Health Insurance Service Ilsan Hospital Describes Findings in Gastric Cancer (Incidence and risk factors for symptomatic gallstone disease after gastrectomy for gastric cancer: a nationwide population-based study): Oncology – Gastric Cancer
- Reports from Stanford University School of Medicine Highlight Recent Findings in Mental Health Diseases and Conditions (PERSPECTIVE: Self-Funded Group Health Plans: A Public Mental Health Threat to Employees?): Mental Health Diseases and Conditions
More Health/Employee Benefits NewsLife Insurance News