Patent Issued for Multi-factor authentication systems and methods (USPTO 11765158): United Services Automobile Association
2023 OCT 05 (NewsRx) -- By a
The patent’s assignee for patent number 11765158 is
News editors obtained the following quote from the background information supplied by the inventors: “The present disclosure relates generally to systems and methods for electronic authentication of users. More specifically, the present disclosure relates to multi-factor authentication techniques that increase security by providing complex authentication of a user, while reducing inconvenience to the users being authenticated.
“As electronic technology becomes increasingly affordable and powerful, commerce is increasingly conducted electronically online. Modern businesses typically offer access to services and sensitive data via online portals (e.g., the Internet), which may be accessed from numerous sites across the globe. Because the data and/or services provided by these businesses may be quite valuable, nefarious individuals may attempt to impersonate a user from one of the access sites, in an effort to gain unauthorized access to the data and/or to initiate unauthorized service transactions. To curb these efforts, businesses may implement primary authentication processes, as well as secondary authentication processes. For example, certain modern businesses have traditionally asked for username/password combinations as a primary authentication method. Further, these businesses may ask a user for answers to personal questions, which may act as a secondary mechanism for authenticating the user. Unfortunately, these secondary mechanisms may be quite inconvenient for the users. For example, the login process may become more complex, requiring a user to remember and enter answers to secondary questions. This may be quite cumbersome and inefficient. Accordingly, improved techniques for multi-factor (e.g., secondary) authentication are desired.”
As a supplement to the background information on this patent, NewsRx correspondents also obtained the inventors’ summary information for this patent: “One or more specific embodiments of the present disclosure will be described below. In an effort to provide a concise description of these embodiments, all features of an actual implementation may not be described in the specification. It should be appreciated that in the development of any such actual implementation, as in any engineering or design project, numerous implementation-specific decisions must be made to achieve the developers’ specific goals, such as compliance with system-related and business-related constraints, which may vary from one implementation to another. Moreover, it should be appreciated that such a development effort might be complex and time consuming, but would nevertheless be a routine undertaking of design, fabrication, and manufacture for those of ordinary skill having the benefit of this disclosure.
“Present embodiments are generally directed toward improved systems and methods of multi-factor authentication for performance of electronic actions (e.g., accessing electronic data and/or modifying electronic data). Specifically, as will be described in detail below, the techniques discussed herein may enable multiple factors of authentication to occur, while reducing a user input burden. Present embodiments address post-Internet issues that have arisen with respect to protecting against unauthorized access/modification to data and with respect to inefficiencies of traditional authentication techniques that have become overly cumbersome in efforts to address more sophisticated threats.
“More specifically, in accordance with present embodiments, a user and/or user identifier requesting the performance of electronic actions at a client computer may provide authenticating information to illustrate that the user and/or user identifier is permitted for action performance via data and device associations that may avoid requiring a user to perform multiple password entries. An electronic device other than the client may be associated with the user and/or user identifier. Information related to and/or provided from this electronic device may be used to provide a secondary authentication of the user and/or user identifier, resulting in a multi-factor authentication that may occur without secondary user input.
“Multi-Factor Authentication
“Turning first to a discussion of an overall multi-factor authentication system, FIG. 1 is a schematic representation of a multi-factor authentication system 100, in accordance with an embodiment. FIG. 2 is a flowchart, illustrating a process 200 for implementing multi-factor authentication using the system 100 of FIG. 1, in accordance with an embodiment. For clarity, FIGS. 1 and 2 will be discussed together.”
The claims supplied by the inventors are:
“1. A tangible, non-transitory, computer-readable medium, comprising computer-readable instructions that, when executed by one or more processors of a computer, cause the computer to: automatically identify one or more secondary devices communicatively coupled to, but different than, a client system that will access a secured remote computer system, by: receiving an indication of one or more electronic devices communicatively coupled to the client system; and identifying the one or more electronic devices as the one or more secondary devices; and register at least a subset of the one or more secondary devices as a trusted device associated with a user for subsequent authentication of the user.
“2. The tangible, non-transitory, computer-readable medium of claim 1, comprising computer-readable instructions that, when executed by one or more processors of the computer, cause the computer to: identify the one or more secondary devices based upon the one or more secondary devices being electronically paired with the client system.
“3. The tangible, non-transitory, computer-readable medium of claim 2, comprising computer-readable instructions that, when executed by one or more processors of the computer, cause the computer to: identify the one or more secondary devices based upon the one or more secondary devices being electronically paired with another secondary device electronically paired with the client system.
“4. The tangible, non-transitory, computer-readable medium of claim 1, wherein the client system comprises a previously identified trusted device.
“5. The tangible, non-transitory, computer-readable medium of claim 1, comprising computer-readable instructions that, when executed by one or more processors of the computer, cause the computer to: authenticate primary authentication information supplied by client system; and register the at least subset of the one or more secondary devices only after authenticating the primary authentication information.
“6. The tangible, non-transitory, computer-readable medium of claim 1, comprising computer-readable instructions that, when executed by one or more processors of the computer, cause the computer to: receive the indication of the one or more electronic devices communicatively coupled to the client system via a polling of the client system.
“7. The tangible, non-transitory, computer-readable medium of claim 1, comprising computer-readable instructions that, when executed by one or more processors of the computer, cause the computer to: receive the indication of the one or more electronic devices communicatively coupled to the client system via one or more applications of the one or more electronic devices communicatively coupled to the client system.
“8. The tangible, non-transitory, computer-readable medium of claim 1, comprising computer-readable instructions that, when executed by one or more processors of the computer, cause the computer to: reduce an amount of user input required for the subsequent authentication of the user by supplying data from the trusted device.
“9. The tangible, non-transitory, computer-readable medium of claim 1, comprising computer-readable instructions that, when executed by one or more processors of the computer, cause the computer to: perform the subsequent authentication of the user; and in response to performing the subsequent authentication of the user, perform an electronic data action corresponding to the user.
“10. A computer-implemented method, comprising: automatically identifying one or more secondary devices communicatively coupled to, but different than, a client system that will access a secured remote computer system, by: receiving an indication of one or more electronic devices communicatively coupled to the client system; and identifying the one or more electronic devices as the one or more secondary devices; and registering at least a subset of the one or more secondary devices as a trusted device associated with a user for subsequent authentication of the user.
“11. The computer-implemented method of claim 10, comprising: identifying the one or more secondary devices based upon: the one or more secondary devices being electronically paired with the client system; the one or more secondary devices being electronically paired with another secondary device electronically paired with the client system; or both.
“12. The computer-implemented method of claim 10, wherein the client system comprises a previously identified trusted device.
“13. The computer-implemented method of claim 10, comprising: authenticating primary authentication information supplied by client system; and registering the at least subset of the one or more secondary devices only after authenticating the primary authentication information.
“14. The computer-implemented method of claim 10, comprising: receiving the indication of the one or more electronic devices communicatively coupled to the client system via: a polling of the client system; one or more applications of the one or more electronic devices communicatively coupled to the client system; or both.
“15. The computer-implemented method of claim 10, comprising: reducing an amount of user input required for the subsequent authentication of the user by supplying data from the trusted device.
“16. The computer-implemented method of claim 10, comprising: performing the subsequent authentication of the user; and in response to performing the subsequent authentication of the user, performing an electronic data action corresponding to the user.
“17. A system, comprising: a client system; and a backend system, configured to: automatically identify one or more secondary devices communicatively coupled to, but different than, the client system that will access a secured remote computer system, by: receiving an indication of one or more electronic devices communicatively coupled to the client system; and identifying the one or more electronic devices as the one or more secondary devices; and register at least a subset of the one or more secondary devices as a trusted device associated with a user for subsequent authentication of the user.
“18. The system of claim 17, wherein the backend system is configured to: identify the one or more secondary devices based upon: the one or more secondary devices being electronically paired with the client system; the one or more secondary devices being electronically paired with another secondary device electronically paired with the client system; or both.
“19. The system of claim 17, wherein the backend system is configured to: authenticate primary authentication information supplied by client system; and register the at least subset of the one or more secondary devices only after authenticating the primary authentication information.
“20. The system of claim 17, wherein the backend system is configured to: receive the indication of the one or more electronic devices communicatively coupled to the client system via: a polling of the client system; one or more applications of the one or more electronic devices communicatively coupled to the client system; or both.”
For additional information on this patent, see:
(Our reports deliver fact-based news of research and discoveries from around the world.)
Patent Issued for Adaptive statistical data de-identification based on evolving data streams (USPTO 11762835): International Business Machines Corporation
Patent Issued for Systems and methods for using tokenized and dynamic physical checks (USPTO 11763272): United Services Automobile Association
Advisor News
- How smart investments prepare clients for inflation
- Amid slew of corporate tax ideas, Newsom chose one likely to hit people’s premiums
- The biggest risk to your clients’ financial plans isn’t market volatility
- Initiative looks at how caregiving impacts workplace benefits
- Will rising retirement needs spark an annuity boom?
More Advisor NewsAnnuity News
- Globe Life Inc. (NYSE: GL) Records 52-Week High Thursday Morning
- Fortitude Re Completes $500 Million FABN Issuance
- Reframing retirement income for greater certainty
- Jackson Introduces Dow Jones Industrial Average Index Option, Flexible Premiums, Six-Year Rate Guarantee in Latest Registered Index-Linked Annuity Launch
- Senior Market Sales® Fortifies Annuity Reach With Acquisition of Retirement Planning Firm Stratton & Company
More Annuity NewsHealth/Employee Benefits News
- 'I just live in fear every day': Vancouver woman struggles to manage on Social Security Disability Insurance benefits
- Seniors with UnitedHealth Medicare Advantage may lose access to Fairview hospitals, clinics
- Report finds high denial rates at UnitedHealth, two other Medicare Advantage plans
- PHISHING ATTACK PUT VHC HEALTH PATIENTS' MEDICAL RECORDS, PERSONAL INFORMATION AT RISK
- Heights School Board Presses Trenton On Soaring Costs
More Health/Employee Benefits NewsLife Insurance News
- AM Best Affirms Issue Credit Ratings of Weston2038 LLC’s Credit-Linked Notes
- Globe Life Inc. (NYSE: GL) Records 52-Week High Thursday Morning
- Greg Lindberg moves to halt $1.65B restitution order, claims he ‘overpaid’
- Fidelity Investments® to Expand Target Date Lineup With Launch of Guaranteed Income Solution
- KBRA Releases Research – Private Credit: Much Ado About Nothing – Perspectives on Columbia Business School Paper About Private Ratings
More Life Insurance News