Patent Issued for Multi-factor authentication systems and methods (USPTO 11765158): United Services Automobile Association
2023 OCT 05 (NewsRx) -- By a
The patent’s assignee for patent number 11765158 is
News editors obtained the following quote from the background information supplied by the inventors: “The present disclosure relates generally to systems and methods for electronic authentication of users. More specifically, the present disclosure relates to multi-factor authentication techniques that increase security by providing complex authentication of a user, while reducing inconvenience to the users being authenticated.
“As electronic technology becomes increasingly affordable and powerful, commerce is increasingly conducted electronically online. Modern businesses typically offer access to services and sensitive data via online portals (e.g., the Internet), which may be accessed from numerous sites across the globe. Because the data and/or services provided by these businesses may be quite valuable, nefarious individuals may attempt to impersonate a user from one of the access sites, in an effort to gain unauthorized access to the data and/or to initiate unauthorized service transactions. To curb these efforts, businesses may implement primary authentication processes, as well as secondary authentication processes. For example, certain modern businesses have traditionally asked for username/password combinations as a primary authentication method. Further, these businesses may ask a user for answers to personal questions, which may act as a secondary mechanism for authenticating the user. Unfortunately, these secondary mechanisms may be quite inconvenient for the users. For example, the login process may become more complex, requiring a user to remember and enter answers to secondary questions. This may be quite cumbersome and inefficient. Accordingly, improved techniques for multi-factor (e.g., secondary) authentication are desired.”
As a supplement to the background information on this patent, NewsRx correspondents also obtained the inventors’ summary information for this patent: “One or more specific embodiments of the present disclosure will be described below. In an effort to provide a concise description of these embodiments, all features of an actual implementation may not be described in the specification. It should be appreciated that in the development of any such actual implementation, as in any engineering or design project, numerous implementation-specific decisions must be made to achieve the developers’ specific goals, such as compliance with system-related and business-related constraints, which may vary from one implementation to another. Moreover, it should be appreciated that such a development effort might be complex and time consuming, but would nevertheless be a routine undertaking of design, fabrication, and manufacture for those of ordinary skill having the benefit of this disclosure.
“Present embodiments are generally directed toward improved systems and methods of multi-factor authentication for performance of electronic actions (e.g., accessing electronic data and/or modifying electronic data). Specifically, as will be described in detail below, the techniques discussed herein may enable multiple factors of authentication to occur, while reducing a user input burden. Present embodiments address post-Internet issues that have arisen with respect to protecting against unauthorized access/modification to data and with respect to inefficiencies of traditional authentication techniques that have become overly cumbersome in efforts to address more sophisticated threats.
“More specifically, in accordance with present embodiments, a user and/or user identifier requesting the performance of electronic actions at a client computer may provide authenticating information to illustrate that the user and/or user identifier is permitted for action performance via data and device associations that may avoid requiring a user to perform multiple password entries. An electronic device other than the client may be associated with the user and/or user identifier. Information related to and/or provided from this electronic device may be used to provide a secondary authentication of the user and/or user identifier, resulting in a multi-factor authentication that may occur without secondary user input.
“Multi-Factor Authentication
“Turning first to a discussion of an overall multi-factor authentication system, FIG. 1 is a schematic representation of a multi-factor authentication system 100, in accordance with an embodiment. FIG. 2 is a flowchart, illustrating a process 200 for implementing multi-factor authentication using the system 100 of FIG. 1, in accordance with an embodiment. For clarity, FIGS. 1 and 2 will be discussed together.”
The claims supplied by the inventors are:
“1. A tangible, non-transitory, computer-readable medium, comprising computer-readable instructions that, when executed by one or more processors of a computer, cause the computer to: automatically identify one or more secondary devices communicatively coupled to, but different than, a client system that will access a secured remote computer system, by: receiving an indication of one or more electronic devices communicatively coupled to the client system; and identifying the one or more electronic devices as the one or more secondary devices; and register at least a subset of the one or more secondary devices as a trusted device associated with a user for subsequent authentication of the user.
“2. The tangible, non-transitory, computer-readable medium of claim 1, comprising computer-readable instructions that, when executed by one or more processors of the computer, cause the computer to: identify the one or more secondary devices based upon the one or more secondary devices being electronically paired with the client system.
“3. The tangible, non-transitory, computer-readable medium of claim 2, comprising computer-readable instructions that, when executed by one or more processors of the computer, cause the computer to: identify the one or more secondary devices based upon the one or more secondary devices being electronically paired with another secondary device electronically paired with the client system.
“4. The tangible, non-transitory, computer-readable medium of claim 1, wherein the client system comprises a previously identified trusted device.
“5. The tangible, non-transitory, computer-readable medium of claim 1, comprising computer-readable instructions that, when executed by one or more processors of the computer, cause the computer to: authenticate primary authentication information supplied by client system; and register the at least subset of the one or more secondary devices only after authenticating the primary authentication information.
“6. The tangible, non-transitory, computer-readable medium of claim 1, comprising computer-readable instructions that, when executed by one or more processors of the computer, cause the computer to: receive the indication of the one or more electronic devices communicatively coupled to the client system via a polling of the client system.
“7. The tangible, non-transitory, computer-readable medium of claim 1, comprising computer-readable instructions that, when executed by one or more processors of the computer, cause the computer to: receive the indication of the one or more electronic devices communicatively coupled to the client system via one or more applications of the one or more electronic devices communicatively coupled to the client system.
“8. The tangible, non-transitory, computer-readable medium of claim 1, comprising computer-readable instructions that, when executed by one or more processors of the computer, cause the computer to: reduce an amount of user input required for the subsequent authentication of the user by supplying data from the trusted device.
“9. The tangible, non-transitory, computer-readable medium of claim 1, comprising computer-readable instructions that, when executed by one or more processors of the computer, cause the computer to: perform the subsequent authentication of the user; and in response to performing the subsequent authentication of the user, perform an electronic data action corresponding to the user.
“10. A computer-implemented method, comprising: automatically identifying one or more secondary devices communicatively coupled to, but different than, a client system that will access a secured remote computer system, by: receiving an indication of one or more electronic devices communicatively coupled to the client system; and identifying the one or more electronic devices as the one or more secondary devices; and registering at least a subset of the one or more secondary devices as a trusted device associated with a user for subsequent authentication of the user.
“11. The computer-implemented method of claim 10, comprising: identifying the one or more secondary devices based upon: the one or more secondary devices being electronically paired with the client system; the one or more secondary devices being electronically paired with another secondary device electronically paired with the client system; or both.
“12. The computer-implemented method of claim 10, wherein the client system comprises a previously identified trusted device.
“13. The computer-implemented method of claim 10, comprising: authenticating primary authentication information supplied by client system; and registering the at least subset of the one or more secondary devices only after authenticating the primary authentication information.
“14. The computer-implemented method of claim 10, comprising: receiving the indication of the one or more electronic devices communicatively coupled to the client system via: a polling of the client system; one or more applications of the one or more electronic devices communicatively coupled to the client system; or both.
“15. The computer-implemented method of claim 10, comprising: reducing an amount of user input required for the subsequent authentication of the user by supplying data from the trusted device.
“16. The computer-implemented method of claim 10, comprising: performing the subsequent authentication of the user; and in response to performing the subsequent authentication of the user, performing an electronic data action corresponding to the user.
“17. A system, comprising: a client system; and a backend system, configured to: automatically identify one or more secondary devices communicatively coupled to, but different than, the client system that will access a secured remote computer system, by: receiving an indication of one or more electronic devices communicatively coupled to the client system; and identifying the one or more electronic devices as the one or more secondary devices; and register at least a subset of the one or more secondary devices as a trusted device associated with a user for subsequent authentication of the user.
“18. The system of claim 17, wherein the backend system is configured to: identify the one or more secondary devices based upon: the one or more secondary devices being electronically paired with the client system; the one or more secondary devices being electronically paired with another secondary device electronically paired with the client system; or both.
“19. The system of claim 17, wherein the backend system is configured to: authenticate primary authentication information supplied by client system; and register the at least subset of the one or more secondary devices only after authenticating the primary authentication information.
“20. The system of claim 17, wherein the backend system is configured to: receive the indication of the one or more electronic devices communicatively coupled to the client system via: a polling of the client system; one or more applications of the one or more electronic devices communicatively coupled to the client system; or both.”
For additional information on this patent, see:
(Our reports deliver fact-based news of research and discoveries from around the world.)
Patent Issued for Adaptive statistical data de-identification based on evolving data streams (USPTO 11762835): International Business Machines Corporation
Patent Issued for Systems and methods for using tokenized and dynamic physical checks (USPTO 11763272): United Services Automobile Association
Advisor News
- CFP Board announces CEO leadership transition
- State Street study looks at why AUM in model portfolios is increasing
- Supreme Court to look at ERISA rules in upcoming Cornell case
- FPA announces passing of CEO, succession plan
- Study: Do most affluent investors prefer a single financial services provider?
More Advisor NewsAnnuity News
Health/Employee Benefits News
- Plainfield Mayor Addresses "Misinformation" Regarding Retired Firefighers' Health Benefits
- Senator files bill to "Empower Texans with Health Care Transparency and Shopping Incentives"
- Dozens of people died in Arizona sober living homes as state officials fumbled Medicaid fraud response
- Opinion | The Cost Of Health Insurance In Connecticut Could Skyrocket If Congress Does Not Act
- Health centers brace for possibility of limited funds
More Health/Employee Benefits NewsLife Insurance News
- 10 reasons we must embrace the Northwestern Life Insurance building in Minneapolis
- AM Best Revises Outlooks to Stable for Lincoln National Corporation and Most of Its Subsidiaries
- Aflac Northern Ireland: Helping Children, Caregivers and the Community
- AM Best Affirms Credit Ratings of Well Link Life Insurance Company Limited
- Top 8 trends that will impact insurance in 2025
More Life Insurance News