Patent Issued for Methods and systems for authentication of new users (USPTO 11122038): United Services Automobile Association
2021 SEP 30 (NewsRx) -- By a
Patent number 11122038 is assigned to
The following quote was obtained by the news editors from the background information supplied by the inventors: “Closed-loop authentication refers to a mechanism whereby one or more users must verify the purported identity of a new user before the new user is authenticated for access a company’s databases and/or networks. Conventionally, the company verifies the new user’s identity is when the new user uploads (or otherwise provides) a verification document (e.g., picture ID or some other supporting documents proving eligibility of the user to have the account). A system administrator may then contact one or more existing users to verify the new user’s credentials. For some companies, new users are required to be physically present so that the administrator can ensure the new user’s identity in person. Although this type of authentication process may be effective, this process may be problematic if the company does not have a physical location that is convenient for the user to visit.
“As the processing power of computers allow for greater computer functionality and the Internet technology era allows for interconnectivity between computing systems, users have developed an expectation that authentication can be entirely conducted online and without any human intervention. As a result, many existing network solutions authenticate new users by requiring the new users to provide answers to personal questions, for which the answers are only apparent to the new users. Non-limiting examples of these questions may include date and place of birth, social security number, or address of the new user. The answers are then subsequently verified when the new user sends identifying information.
“The above-mentioned method suffers from three problems. First, the authentication process still requires subsequent correspondence with new users and still involves human interactions, which may lead to human inaccuracies and errors. Second, the authentication process is a timely and tedious process. And third, as identity theft has become more prevalent in recent years, the answers to the identification questions may be easily stolen or illegally obtainable by a fraudster. As a result, a new account may be created using a stolen identity or by correct answers obtained using improper methods (e.g., security breaches and/or cyber-attacks). This unlawful use of user’s identity may lead to financial and other losses for the companies.”
In addition to the background information obtained for this patent, NewsRx journalists also obtained the inventors’ summary information for this patent: “For the aforementioned reasons, there is a need in the art for a timely and secure method to authenticate new users and to verify their identity in a reliable manner. The systems and methods disclosed herein are intended to address the shortcomings in the art mentioned above and provide additional or alternative benefits as well. More specifically, the systems and methods described herein enable a new user to set up an account with a company upon a registered user of the company vouching the new user to enable authentication of the new user prior to setting up of the account of the new user with the company.
“In an embodiment, a decentralized authentication method comprises upon displaying a graphical user interface comprising one or more input fields, receiving, by a server from a computing device, an authentication request to access a network, the authentication request comprising at least an attribute associated with a new user operating the computing device, wherein the attribute is inputted by the new user via the one or more input field within the graphical user interface; querying, by the server, a database to identify a plurality of existing users and their respective user devices, wherein the database is configured to store one or more attributes of a set of existing users, wherein each existing user within the set of existing users is an authenticated existing user with access to the network, wherein the plurality of existing users is a subset of the set of existing users; wherein each existing user within the plurality of existing users shares at least one attribute received via the authentication request, and wherein a reputation score corresponding to each existing user within the plurality of existing users satisfies a reputation score threshold; transmitting, by the server, a verification message to each user device of each existing user within the plurality of existing users; in response to transmitting the verification messages, receiving, by the server, a plurality of responses from the plurality of existing user devices operated by the plurality of existing users, each response indicating whether each existing user verifies the attributes inputted by the new user; when a number of responses verifying the attribute inputted by the new user satisfies a threshold, authenticating, by the server, new user by granting the computing device accesses to the network.
“In another embodiment, a computer system for decentralized authentication, the computer system comprises a computing device operated by a new user, wherein the new user is not an authenticated user; a set of user devices operated by a set of existing users, wherein each existing user within the set of existing users is an authenticated existing user with access to a network; a server communicatively coupled with the computing device and the set of user devices, the server configured to upon displaying a graphical user interface comprising one or more input fields, receive, from the computing device, an authentication request to access the network, the authentication request comprising at least an attribute associated with the new user operating the computing device, wherein the attribute is inputted by the new user via the one or more input field within the graphical user interface; query a database to identify a plurality of existing users and their respective user devices, wherein the database is configured to store one or more attributes of the set of existing users, wherein the plurality of existing users is a subset of the set of existing users; wherein each existing user within the plurality of existing users shares at least one attribute with the new user, and wherein a reputation score corresponding to each existing user within the plurality of existing users satisfies a reputation score threshold; transmit a verification message to each user device of each existing user within the plurality of existing users; in response to transmitting the verification messages, receive a plurality of responses from the plurality of existing user devices operated by the plurality of existing users, each response indicating whether each existing user verifies the attributes inputted by the new user; when a number of responses verifying the attribute inputted by the new user satisfies a threshold, authenticate the new user by granting the computing device accesses to the network.
“In another embodiment, a computer system of a company may receive a request from a user to set up an account with the company. The request may include information about a person having a personal and/or social relationship with the new user where the person is a registered user of the company. The computer system may verify with various internal platforms that an account exists for the registered user cited in the request with the company. If an account exists, the computer system generates a reputation score for the registered user based on one or more data features associated with the registered user. The computer system may also determine a type and length of the relationship between the new user and the registered user based on various internal and external personal, financial, and social data sources. The computer system may then determine whether the registered user is eligible to vouch for the new user based on the reputation score of the vouching user and/or type and length of the relationship between the user and the registered user. If the register user is eligible to vouch for the new user, the computer system may transmit a request to the registered user to confirm the identity of the user and relationship with the new user. Upon receiving the confirmation from the registered user, the computer system may generate the account of the new user.
“In another embodiment, the computer system of the company may use a decentralized communication method to verify one or more attributes associated with the new user. For instance, the computer system may identify one or more existing users who may be eligible to verify the identity of the new user, contact them in a decentralized manner, and upon receiving a positive responses from a pre-determined quorum of the existing users that satisfies a pre-determined threshold, authenticate the new user.”
The claims supplied by the inventors are:
“1. A decentralized authentication method comprising: upon displaying a graphical user interface comprising one or more input fields, receiving, by a server from a computing device, an authentication request to access a network, the authentication request comprising a first attribute associated with a new user operating the computing device, the first attribute inputted by the new user via the one or more input field within the graphical user interface; querying, by the server, a database to identify a subset of existing users from a set of existing users that have a second attribute that matches the first attribute associated with the new user and a reputation score of each existing user in the subset of existing users satisfies a reputation score threshold, wherein the set of existing users corresponds to user devices and each existing user is authenticated for access to the network, wherein the reputation score corresponds to a value of a second attribute of each existing user; transmitting, by the server, a verification message to each user device corresponding to each existing user within the subset of existing users, the verification message requesting verification that the new user is associated with the first attribute; in response to transmitting the verification messages, receiving, by the server, a plurality of responses from the subset of existing users, each response verifying the first attribute inputted by the new user; and when a number of responses verifying the first attribute inputted by the new user satisfies a threshold, authenticating, by the server, the new user and granting the computing device access to the network.
“2. The method of claim 1, further comprising: selecting, by the server, social media data of each user from a group consisting of social media profile, social media messages, social media activities, social media contact information, social media friend list, and social media events to generate the reputation score for each existing user.
“3. The method of claim 1, further comprising: verifying, by the server, a relationship between the new user and at least one existing user based on social network data associated to the existing user and the new user.
“4. The method of claim 1, wherein the user devices are further selected based on a relationship between each existing user and the new user.
“5. The method of claim 4, where the relationship corresponds to a physical address of the computing device and a user device operated by at least one existing user.
“6. The method of claim 5, wherein the physical address is detected, by the server, based at least upon one of global positioning system technology, Wi-Fi positioning technology, Bluetooth technology, and Radio Frequency signal technology.
“7. The method of claim 4, wherein the relationship corresponds to a relationship between a first identifier of the computing device and a second identifier of at least one user device operated by at least one existing user within the plurality subset of existing users.
“8. The method of claim 7, wherein the first and the second identifiers are IP addresses of each device.
“9. The method of claim 1, further comprising: updating, by the server, reputation score of at least one existing user based on the new user.
“10. The method of claim 1, wherein the server prompts the new user to input a third attribute.
“11. A computer system for decentralized authentication, the computer system comprising: a computing device operated by a new user who is not authenticated; a set of user devices operated by a set of existing users, wherein each existing user within the set of existing users is authenticated for access to a network; a database comprising records of the set of existing users and corresponding user devices; a server communicatively coupled with the computing device and the set of user devices, the server configured to: upon displaying a graphical user interface comprising one or more input fields, receive, from the computing device, an authentication request to access the network, the authentication request comprising a first attribute associated with the new user operating the computing device, wherein the first attribute is inputted by the new user via the one or more input fields within the graphical user interface; query a database to identify a subset of existing users from the set of existing users that have a second attribute that matches the first attribute associated with the new user and a reputation score of each existing user in the subset of existing users satisfies a reputation score threshold, wherein the reputation score corresponds to a value of a second attribute of each existing user; transmit a verification message to each user device corresponding to each existing user within the subset of existing users, the verification message requesting verification that the new user is associated with the first attribute; in response to transmitting the verification messages, receive a plurality of responses from the subset of existing users, each response verifying the first attribute inputted by the new user; and when a number of responses verifying the first attribute inputted by the new user satisfies a threshold, authenticate the new user and granting the computing device access to the network.
“12. The computer system of claim 11, wherein the server is further configured to: select social media data of each user from a group consisting of social media profile, social media messages, social media activities, social media contact information, social media friend list, and social media events to generate the reputation score for each existing user.
“13. The computer system of claim 11, wherein the server is further configured to: verify a relationship between the new user and at least one existing user based on social network data associated to the existing user and the new user.
“14. The computer system of claim 11, wherein the set of user devices are further selected based on a relationship between each existing user and the new user.
“15. The computer system of claim 14, where the relationship corresponds to a physical address of the computing device and a user device operated by at least one existing user.
“16. The computer system of claim 15, wherein the physical address is detected, by the server, based at least upon one of global positioning system technology, Wi-Fi positioning technology, Bluetooth technology, and Radio Frequency signal technology.
“17. The computer system of claim 14, wherein the relationship corresponds to a relationship between a first identifier of the computing device and a second identifier of at least one user device operated by at least one existing user within the subset of existing users.
“18. The computer system of claim 17, wherein the first and the second identifiers are IP addresses of each device.
“19. The computer system of claim 11, wherein the server is further configured to: update reputation score of at least one existing user based on the new user.
“20. The computer system of claim 11, wherein the server prompts the new user to input a third attribute.”
URL and more information on this patent, see: Fernandez,
(Our reports deliver fact-based news of research and discoveries from around the world.)
Studies from U.S. Environmental Protection Agency (EPA) Describe New Findings in Risk Management (A Framework That Considers the Impacts of Time, Cost, and Uncertainty In the Determination of the Cost Effectiveness of Toxicity-testing …): Risk Management
Patent Issued for Methods and systems providing central management of distributed de-identification and tokenization software for sharing data (USPTO 11120144): Datavant Inc.
Advisor News
Annuity News
Health/Employee Benefits News
Life Insurance News