Patent Issued for Efficient startup and logon (USPTO 11783020): United Services Automobile Association

2023 OCT 27 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- From Alexandria, Virginia, NewsRx journalists report that a patent by the inventors Buckingham, Thomas Bret (Fair Oaks Ranch, TX, US), Casillas, Debra Randall (Helotes, TX, US), Fernandez, Gabriel Carlos (San Antonio, TX, US), Johnson, Zakery Layne (Santa Clara, UT, US), Mortensen, Maland Keith (San Antonio, TX, US), Rangarajan, Sudarshan (San Antonio, TX, US), Shelton, John (San Antonio, TX, US), filed on February 22, 2022, was published online on October 10, 2023.

The patent’s assignee for patent number 11783020 is United Services Automobile Association (San Antonio, Texas, United States).

News editors obtained the following quote from the background information supplied by the inventors: “In the area of computer security, a login or logon refers to credentials necessary to obtain access to a computer system, enterprise service (e.g., e-mail, data management systems, etc.), or other restricted area. Logging in or on is the process by which individual access to a computer system is controlled by identifying and authenticating the user through the credentials presented by the user. In many cases, the user supplies a username and a password. Depending on the level of security to the restricted area, the user may be asked to provide additional information such as a birthdate.

“After a user has logged in, the computer system may automatically perform checks on the hardware and software, load device drivers, and launch programs. The user can log off when the user no longer requires access to the system. Each time a user returns, a subsequent log in may be necessary.

“The drawings have not necessarily been drawn to scale. For example, the dimensions of some of the elements in the figures may be expanded or reduced to help improve the understanding of the embodiments of the present disclosure. Similarly, some components and/or operations may be separated into different blocks or combined into a single block for the purposes of discussion of some of the embodiments of the present disclosure. Moreover, while the disclosure is amenable to various modifications and alternative forms, specific embodiments have been shown by way of example in the drawings and are described in detail below. The intention, however, is not to limit the disclosure to the particular embodiments described. On the contrary, the disclosure is intended to cover all modifications, equivalents, and alternatives falling within the scope of the disclosure as defined by the appended claims.”

As a supplement to the background information on this patent, NewsRx correspondents also obtained the inventors’ summary information for this patent: “Various embodiments of the disclosure generally relate to authentication. More specifically, some embodiments of the disclosure relate to efficient startup and logon systems and methods.

“Embodiments of the disclosure describe physical presence awareness via virtual identity. In some embodiments, a mobile device (e.g., mobile phone or RFID card) may be used to make a system virtually and wirelessly aware of the physical presence of the user to automatically initiate virtual processes on enterprise devices. The disclosure describes efficient startup and logon processes designed to reduce inefficiencies. Various embodiments may provide one or more of the following technological improvements: 1) improved efficiency in startup procedures; 2) improved authentication techniques and systems within an enterprise system; 3) improved security and confidentiality by reducing transmission of passwords, social security numbers, account numbers, and other confidential information; 4) improved user experience by removal or reduction of security prompts without loss of security; 5) reduction of employee non-productive time by improving startup processes and user authentication and verification techniques; and/or 6) improving automated user and device identification and/or verification.

“Traditionally, a user provides a username and password to logon to an enterprise device and/or system. After the user is logged onto the enterprise device or system, startup processes are initialized. Initialization or startup processes may include checking hardware and software to determine whether all components are functioning properly, loading an operating system, loading device drivers, and launching startup programs. Depending on factors such as speed of the central processing unit and number of applications to load, startup processes may take a significant amount of time (e.g., several minutes) to complete before the user can begin using the device resulting in a loss of productive work time and user frustration. In some cases, the user may attempt to launch or use certain applications before the startup processes are complete, which may result in the failure of some processes to launch, an error message to the user, or simply non-responsiveness from the device.

“In contrast, as described in the disclosure, start-up processes may be initialized when a physical presence of the user is detected so that when the user physically arrives at the device, the start-up processes are in process or completed. The physical presence of the user may be detected by a network of detectors. The network of detectors may include a geo-fence, a badge reader (e.g., radio frequency identification (“RFID”), near-field communications (“NFC”), Bluetooth, BlueTooth low energy (BlueTooth-LE), ultra high frequency (“UHF”) or other short-range communications), a license plate reader, a biometric reader, etc. Once a physical presence of the user has been detected, the detector(s) may transmit a message to a server indicating the physical presence of the user. The server may check a profile associated with the user to determine the enterprise device(s) and the startup processes for the user and send a message to the enterprise device to begin the startup sequence. When the user arrives at the enterprise device and logs in, the enterprise device will have completed, or nearly completed, all start-up sequences and the enterprise device will be ready to use.

“To detect the physical presence of the user, the system may use a series of detectors or only one detector. For example, the user may present a badge at a gate at a work environment (e.g., the badge reader is the detector). Information that the user has badged in may be sent to the server to determine the identity of the user. An additional detector may collect an image of the user’s face and send the image to the server. The server may compare facial characteristics of the image with previously stored facial characteristics of the user to verify the identity of the user. Then, the server may send the startup message to the enterprise device.”

The claims supplied by the inventors are:

“1. A computerized method comprising: receiving, at a first device, a command to initiate startup processes on the first device, wherein the command is sent in response to a detection of a presence of a second device associated with a user; in response to receiving the command to initiate the startup processes, launching at least one application on the first device; receiving, at the first device, verification of authentication credentials; providing, to the user, access to the first device upon receiving the verification of the authentication credentials, wherein the startup processes are initiated prior to the verification of the authentication credentials; determining the presence of the second device is not detected; and in response to determining the presence of the second device is not detected, denying access to the first device.

“2. The computerized method of claim 1, further comprising: monitoring, by a network of detectors, for an indication of the presence of the second device associated with the user, wherein the network of detectors comprises a radio-frequency identification reader; scanning, by the radio-frequency identification reader, a badge of the user; and transmitting information scanned from the badge of the user, wherein the information scanned from the badge is used at least in part to detect the presence of the second device.

“3. The computerized method of claim 1, further comprising: sending a message to the second device notifying the user that the startup processes are complete.

“4. The computerized method of claim 1, further comprising: monitoring, by a network of detectors, for an indication of the presence of the second device, wherein a first detector in the network of detectors sends first information to identify an identity of the user, and wherein a second detector in the network of detectors sends second information to verify the identity of the user.

“5. The computerized method of claim 1, further comprising: determining a time to initiate the startup processes based on a physical location of the user, wherein the physical location of the user is determined by a physical location of the second device, wherein a server initializes the startup processes defined in a user profile.

“6. The computerized method of claim 1, further comprising: in response to completion of the startup processes, locking the first device in a name of the user.

“7. The computerized method of claim 1, wherein the startup processes are initialized a period of time after receiving the detection, wherein the period of time is defined in a user profile associated with the user, and wherein denying access to the first device includes locking the first device or logging the user off the first device.

“8. A non-transitory computer-readable medium storing instructions that, when executed by a computing system, cause the computing system to perform operations comprising: receiving, at a first device, a command to initiate startup processes on the first device, wherein the command is sent in response to a detection of a presence of a second device associated with a user; in response to receiving the command to initiate the startup processes, launching at least one application on the first device; receiving, at the first device, verification of authentication credentials; providing, to the user, access to the first device upon receiving the verification of the authentication credentials, wherein the startup processes are initiated prior to the verification of the authentication credentials; determining the presence of the second device is not detected; and in response to determining the presence of the second device is not detected, denying access to the first device.

“9. The non-transitory computer-readable medium of claim 8, wherein the operations further comprise: monitoring, by a network of detectors, for an indication of the presence of the second device associated with the user, wherein the network of detectors comprises a radio-frequency identification reader; scanning, by the radio-frequency identification reader, a badge of the user; and transmitting information scanned from the badge of the user, wherein the information scanned from the badge is used at least in part to detect the presence of the second device.

“10. The non-transitory computer-readable medium of claim 8, wherein the operations further comprise: sending a message to the second device notifying the user that the startup processes are complete.

“11. The non-transitory computer-readable medium of claim 8, wherein the operations further comprise: monitoring, by a network of detectors, for an indication of the presence of the second device, wherein a first detector in the network of detectors sends first information to identify an identity of the user, and wherein a second detector in the network of detectors sends second information to verify the identity of the user.

“12. The non-transitory computer-readable medium of claim 8, wherein the operations further comprise: determining a time to initiate the startup processes based on a physical location of the user, wherein the physical location of the user is determined by a physical location of the second device, wherein a server initializes the startup processes defined in a user profile.

“13. The non-transitory computer-readable medium of claim 8, wherein the operations further comprise: in response to completion of the startup processes, locking the first device in a name of the user.

“14. The non-transitory computer-readable medium of claim 8, wherein the startup processes are initialized a period of time after receiving the detection, wherein the period of time is defined in a user profile associated with the user, and wherein denying access to the first device includes locking the first device or logging the user off the first device.

“15. A system comprising: one or more processors; and one or more memories storing instructions that, when executed by the one or more processors, cause the system to perform a process comprising: receiving, at a first device, a command to initiate startup processes on the first device, wherein the command is sent in response to a detection of a presence of a second device associated with a user; in response to receiving the command to initiate the startup processes, launching at least one application on the first device; receiving, at the first device, verification of authentication credentials; providing, to the user, access to the first device upon receiving the verification of the authentication credentials, wherein the startup processes are initiated prior to the verification of the authentication credentials; determining the presence of the second device is not detected; and in response to determining the presence of the second device is not detected, denying access to the first device.

“16. The system according to claim 15, wherein the process further comprises: monitoring, by a network of detectors, for an indication of the presence of the second device associated with the user, wherein the network of detectors comprises a radio-frequency identification reader; scanning, by the radio-frequency identification reader, a badge of the user; and transmitting information scanned from the badge of the user, wherein the information scanned from the badge is used at least in part to detect the presence of the second device.

“17. The system according to claim 15, wherein the process further comprises: sending a message to the second device notifying the user that the startup processes are complete.

“18. The system according to claim 15, wherein the process further comprises: monitoring, by a network of detectors, for an indication of the presence of the second device, wherein a first detector in the network of detectors sends first information to identify an identity of the user, and wherein a second detector in the network of detectors sends second information to verify the identity of the user.

“19. The system according to claim 15, wherein the process further comprises: determining a time to initiate the startup processes based on a physical location of the user, wherein the physical location of the user is determined by a physical location of the second device, wherein a server initializes the startup processes defined in a user profile.

“20. The system according to claim 15, wherein the startup processes are initialized a period of time after receiving the detection, wherein the period of time is defined in a user profile associated with the user, and wherein denying access to the first device includes locking the first device or logging the user off the first device.”

For additional information on this patent, see: Buckingham, Thomas Bret. Efficient startup and logon. U.S. Patent Number 11783020, filed February 22, 2022, and published online on October 10, 2023. Patent URL (for desktop use only): https://ppubs.uspto.gov/pubwebapp/external.html?q=(11783020)&db=USPAT&type=ids

(Our reports deliver fact-based news of research and discoveries from around the world.)