Patent Issued for Internet of things device based authentication (USPTO 11783021): United Services Automobile Association
2023 OCT 30 (NewsRx) -- By a
The assignee for this patent, patent number 11783021, is
Reporters obtained the following quote from the background information supplied by the inventors: “The prevalence of Internet-of-Things (IoT) devices has changed the way people interact with technology and the way people operate their lives. A home can include many Internet connected devices such as lights, doorbell, thermostat, security system, and/or lock. An Internet connected vehicle can be considered an IoT device that can communicate with another IoT device via the Internet. Thus, an Internet connected car can automatically request an Internet connected garage door to open when the car determines that it is within a certain distance of a destination. Similarly, a phone can be considered an IoT device that can obtain information from or send information to an IoT device. For example, if a person has left his or her house but cannot remember whether the Internet connected garage door has been closed, the person can use his or her phone to obtain this information and can even close the garage door via the phone.
“The techniques introduced here may be better understood by referring to the following Detailed Description in conjunction with the accompanying drawings, in which like reference numerals indicate identical or functionally similar elements. Moreover, while the technology is amenable to various modifications and alternative forms, specific embodiments have been shown by way of example in the drawings and are described in detail below. The intention, however, is not to limit the technology to the particular embodiments described. On the contrary, the technology is intended to cover all modifications, equivalents, and alternatives falling within the scope of the technology as defined by the appended claims.”
In addition to obtaining background information on this patent, NewsRx editors also obtained the inventors’ summary information for this patent: “Internet-of-Things (IoT) devices can be used to perform authentication related operations because at least one IoT device can be found in a person’s home, office, and/or vehicle and because a server performing an authentication operation can communicate with IoT devices via the Internet. This patent document describes at least two example authentication techniques to determine whether a person is authenticated to perform a sensitive operation requested by the person. A “sensitive operation” may include an operation for which an authentication should be performed to determine whether a person requesting the operation is authorized to perform that operation. Some examples of sensitive operation include accessing a mobile application, performing a bank wire-transfer via a website, engaging in a phone call or a web chat regarding a person’s account or potential products for the person, or requesting sensitive personal information about a bank account.
“In a first example of an authentication technique, an organization can authenticate a user by sending the user a request to take an action related to one of the user’s IoT devices and then monitoring data from the IoT device to verify that the user took the requested action. Some examples of an action performed on an IoT device may include a person opening and then closing an Internet connected garage door, a person unlocking and then locking an Internet connected home lock, or a person speaking a command to an Internet connected home speaker. If a server determines that a person has performed an action on an IoT device based on an instruction provided to that person, then the server can allow the person to perform an operation requested by the person. In some implementations, the data can be further analyzed to authenticate the user or authenticate the user to a higher level. For example, if the user speaks a command into an Internet connected home speaker or stands in front of his or her video-collecting doorbell, voice biometrics or facial recognition, respectively, could be used to further authenticate the user.
“In a second example of an authentication technique, an organization can authenticate the user by a server of the organization sending a command to one of the user’s IoT devices and asking the user to identify the command that was sent. Some examples of an action performed by an IoT device may include a server instructing an Internet connected door to open and then close, a server instructing an Internet connected lock to unlock and then lock, or a server instructing an Internet connected light bulb to turn off and then turn on. In this example, if a server determines that a person has accurately identified an action performed by an IoT device, then the server can allow the person to perform an operation requested by the person.”
The claims supplied by the inventors are:
“1. A system for authenticating a user using a device, the system comprising: a server configured to: receive, via a user device associated with the user, an indication of an operation requested by the user; retrieve a user profile associated with the user, wherein the user profile includes a first electronic device and a second electronic device registered with the user, wherein the first electronic device and the second electronic device are located at a premises of the user and connected to a local network at a premises of the user; select the first electronic device and the second electronic device at the premises to authenticate the user, wherein the user device is different from the first electronic device and the second electronic device; send, to the user device, a first message to authenticate the user, wherein the first message instructs the user to operate the first electronic device to perform a first action at the premises, and operate the second electronic device to perform a second action at the premises, wherein the first action and the second action are performed in a predetermined order; capture, via a camera, image data of the first action and the second action occurring; determine, based on the image data, the first action and the second action occurred in the predetermined order at the premises of the user; and in response to the first action and the second action occurring in the predetermined order, authenticate the user to perform the operation requested by the user.
“2. The system of claim 1, wherein the first message comprises an option for the user to perform a third action using a third electronic device, wherein information included in a second message indicates a selection of the first action.
“3. The system of claim 2, wherein the first action and the third action are arranged in an order based on a level of interaction required by the user with the first electronic device and the third electronic device, respectively.
“4. The system of claim 1, wherein the first action includes turning on or off the first electronic device, sending a command to the first electronic device, increasing or decreasing a setting on the first electronic device, or removing an item from the first electronic device.
“5. The system of claim 1, wherein the first action includes sending a picture of the user using the first electronic device or sending an audio clip a voice of the user using the first electronic device, wherein the server is configured to receive the picture or audio clip, and wherein the server is configured to authenticate the user to perform the operation requested by the user in response to the second action being same as the first action and in response to determining that the received picture or audio clip matches a previously stored picture or audio clip of the user.
“6. The system of claim 1, wherein the user profile includes an accessibility record that indicate, for the first electronic device and the second electronic device, a list of one or more actions available to authenticate the user.
“7. The system of claim 1, wherein the first electronic device is determined based on user preference or based on a communication status between the server and the first electronic device.
“8. A system for authenticating a user using a device, the system comprising: a server configured to: receive, via a user device associated with the user, an indication of an operation requested by the user; retrieve a user profile associated with the user, wherein the user profile includes a first electronic device and a second electronic device registered with the user, wherein the first electronic device and the second electronic device are located at a premises of the user and connected to a local network at the premises of the user; select the first electronic device and the second electronic device at the premises to authenticate the user, wherein the user device is different from the first electronic device and the second electronic device; send, to the user device, a first message to authenticate the user, wherein the first message instructs the user to operate the first electronic device to perform a first action at the premises, and operate the second electronic device to perform a second action at the premises, wherein the first action and the second action are performed in a predetermined order; capture, via a camera, image data of the first action and the second action occurring; determine, based on the image data, the first action and the second action occurred in the predetermined order at the premises of the user; and in response to the first action and the second action occurring in the predetermined order, authenticate the user to perform the operation requested by the user.
“9. The system of claim 8, wherein the first action includes turning on or off the first electronic device, sending a command to the first electronic device, or increasing or decreasing a setting on the first electronic device.
“10. The system of claim 8, wherein the user profile includes an accessibility record that indicate, for the first electronic device and the second electronic device, a list of one or more actions available to authenticate the user.
“11. The system of claim 8, wherein the first electronic device is determined based on user preference or based on a communication status between the server and the first electronic device.
“12. A method of authenticating a user using a device, the method comprising: receiving, via a user device associated with the user, an indication of an operation requested by the user; retrieving a user profile associated with the user, wherein the user profile includes a first electronic device and a second electronic device registered with the user, wherein the first electronic device and the second electronic device are located at a premises of the user and connected to a local network at the premises of the user; selecting the first electronic device and the second electronic device at the premises to authenticate the user, wherein the user device is different from the first electronic device and the second electronic device; sending, to the user device, a first message to authenticate the user, wherein the first message instructs the user to operating the first electronic device to perform a first action at the premises, and operating the second electronic device to perform a second action at the premises, wherein the first action and the second action are performed in a predetermined order; capturing, via a camera, image data of the first action and the second action occurring; determining, based on the image data, the first action and the second action occurred in the predetermined order at the premises of the user; and in response to the first action and the second action occurring in the predetermined order, authenticating the user to perform the operation requested by the user.
“13. The method of claim 12, wherein the first message comprises an option for the user to perform a third action using a third electronic device, wherein information included in a second message indicates a selection of the first action.
“14. The method of claim 13, wherein the first action and the third action are arranged in an order based on a level of interaction required by the user with the first electronic device and the third electronic device, respectively.
“15. The method of claim 12, wherein the first action includes turning on or off the first electronic device, sending a command to the first electronic device, increasing or decreasing a setting on the first electronic device, or removing an item from the first electronic device.
“16. The method of claim 12, wherein the first action includes sending a picture of the user using the first electronic device or sending an audio clip of a voice of the user using the first electronic device, wherein the method further includes receiving the picture or audio clip, and wherein the user is authenticated to perform the operation requested by the user in response to the second action being same as the first action and in response to determining that the received picture or audio clip matches a previously stored picture or audio clip of the user.
“17. The method of claim 12, wherein the user profile includes an accessibility record that indicate, for the first electronic device and the second electronic device, a list of one or more actions available to authenticate the user.
“18. The method of claim 12, wherein the first electronic device is determined based on user preference or based on a communication status between a server and the first electronic device.
“19. The method of claim 12, wherein the first electronic device is determined based on a communication status between a server and the first electronic device.
“20. The method of claim 12, wherein the first electronic device is determined based on user preference and a communication status between a server and the first electronic device.”
For more information, see this patent: Buentello,
(Our reports deliver fact-based news of research and discoveries from around the world.)
Patent Issued for Agent-facilitated claims damage estimation (USPTO 11783428): Allstate Insurance Company
Patent Issued for System and method for intermediary mapping and de-identification of non-standard datasets (USPTO 11782956): Privacy Analytics Inc.
Advisor News
- House panel votes to raise certain taxes, transfer money to offset Medicaid shortfall
- Iowa House backs temporary tax hike to fill Medicaid gap
- Iowa Medicaid temporary tax plan draws sharp public opposition
- Charitable giving planning can strengthen advisor/client relationships
- New $6K deduction could provide tax planning window for retirees
More Advisor NewsAnnuity News
- We can help find a loved one’s life insurance policy
- 2025: A record-breaking year for annuity sales via banks and BDs
- Lincoln Financial launches two new FIAs
- Great-West Life & Annuity Insurance Company trademark request filed
- The forces shaping life and annuities in 2026
More Annuity NewsHealth/Employee Benefits News
- CT leaders debate how to fix health care: Blunt federal cuts, up reimbursement or kill private health care?
- When health insurance costs $2,500 per month, families make tough choices
- In U.S. Health Insurance Market, Consolidation Of Insurers Is Increasing Premiums
- Health insurance jargon can be frustrating and confusing – here's how to navigate it
- Minnesota Blue Cross CEO steps down from Sutter Health board over conflict of interest
More Health/Employee Benefits NewsLife Insurance News
- Murray Giles Hulse
- New individual life premium hits record-setting $17.5B in 2025
- Maryland orders Cigna to halt underpaying doctors or give cause
- Insurers optimistic about their investments in 2026
- AM Best Affirms Credit Ratings of PVI Insurance Corporation
More Life Insurance News