Patent Issued for Mutli-factor authentication systems and methods (USPTO 11329979): United Services Automobile Association
2022 MAY 27 (NewsRx) -- By a
The patent’s inventors are
This patent was filed on
From the background information supplied by the inventors, news correspondents obtained the following quote: “The present disclosure relates generally to systems and methods for electronic authentication of users. More specifically, the present disclosure relates to multi-factor authentication techniques that increase security by providing complex authentication of a user, while reducing inconvenience to the users being authenticated.
“As electronic technology becomes increasingly affordable and powerful, commerce is increasingly conducted electronically online. Modern businesses typically offer access to services and sensitive data via online portals (e.g., the Internet), which may be accessed from numerous sites across the globe. Because the data and/or services provided by these businesses may be quite valuable, nefarious individuals may attempt to impersonate a user from one of the access sites, in an effort to gain unauthorized access to the data and/or to initiate unauthorized service transactions. To curb these efforts, businesses may implement primary authentication processes, as well as secondary authentication processes. For example, certain modern businesses have traditionally asked for username/password combinations as a primary authentication method. Further, these businesses may ask a user for answers to personal questions, which may act as a secondary mechanism for authenticating the user. Unfortunately, these secondary mechanisms may be quite inconvenient for the users. For example, the login process may become more complex, requiring a user to remember and enter answers to secondary questions. This may be quite cumbersome and inefficient. Accordingly, improved techniques for multi-factor (e.g., secondary) authentication are desired.”
Supplementing the background information on this patent, NewsRx reporters also obtained the inventors’ summary information for this patent: “One or more specific embodiments of the present disclosure will be described below. In an effort to provide a concise description of these embodiments, all features of an actual implementation may not be described in the specification. It should be appreciated that in the development of any such actual implementation, as in any engineering or design project, numerous implementation-specific decisions must be made to achieve the developers’ specific goals, such as compliance with system-related and business-related constraints, which may vary from one implementation to another. Moreover, it should be appreciated that such a development effort might be complex and time consuming, but would nevertheless be a routine undertaking of design, fabrication, and manufacture for those of ordinary skill having the benefit of this disclosure.
“Present embodiments are generally directed toward improved systems and methods of multi-factor authentication for performance of electronic actions (e.g., accessing electronic data and/or modifying electronic data). Specifically, as will be described in detail below, the techniques discussed herein may enable multiple factors of authentication to occur, while reducing a user input burden. Present embodiments address post-Internet issues that have arisen with respect to protecting against unauthorized access/modification to data and with respect to inefficiencies of traditional authentication techniques that have become overly cumbersome in efforts to address more sophisticated threats.
“More specifically, in accordance with present embodiments, a user and/or user identifier requesting the performance of electronic actions at a client computer may provide authenticating information to illustrate that the user and/or user identifier is permitted for action performance via data and device associations that may avoid requiring a user to perform multiple password entries. An electronic device other than the client may be associated with the user and/or user identifier. Information related to and/or provided from this electronic device may be used to provide a secondary authentication of the user and/or user identifier, resulting in a multi-factor authentication that may occur without secondary user input.
“Multi-Factor Authentication
“Turning first to a discussion of an overall multi-factor authentication system, FIG. 1 is a schematic representation of a multi-factor authentication system 100, in accordance with an embodiment. FIG. 2 is a flowchart, illustrating a process 200 for implementing multi-factor authentication using the system 100 of FIG. 1, in accordance with an embodiment. For clarity, FIGS. 1 and 2 will be discussed together.”
The claims supplied by the inventors are:
“1. A tangible, non-transitory, computer-readable medium, comprising computer-readable instructions that, when executed by one or more processors of a computer, cause the computer to: automatically identify one or more secondary devices communicatively coupled to, but different than, a client system that will access a secured remote computer system, by: polling, via a client device, for an indication of one or more electronic devices communicatively coupled to the client device; identifying the one or more electronic devices as the one or more secondary devices; generate secondary authentication information based upon one or more attributes of the one or more secondary devices; and associate the secondary authentication information with a user identifier, such that user identifier can be subsequently authenticated based upon the secondary authentication information.
“2. The computer-readable medium of claim 1, comprising computer-readable instructions that, when executed by the one or more processors of the computer, cause the computer to: provide a graphical user interface that requests identification of the one or more secondary devices should be associated with the user identifier via a user input; receive the user input, wherein the user input indicates that a subset of the one or more secondary devices that should not be associated with the user identifier; and in response to receiving the user input, generate the secondary authentication information, wherein the secondary authentication information comprises identification information for one or more secondary devices other than the subset of the one or more secondary devices.
“3. The computer-readable medium of claim 1, wherein the one or more electronic devices are coupled via Bluetooth communications, Wi-fi communications, near field communications (NFC), universal serial bus (USB) communications, or any combination thereof.
“4. The computer-readable medium of claim 1, wherein the one or more attributes of the one or more secondary devices, comprises a media access control (MAC) address of the one or more secondary devices.
“5. The computer-readable medium of claim 1, wherein the one or more attributes of the one or more secondary devices, comprises an indication of software on the one or more secondary devices.
“6. The computer-readable medium of claim 1, wherein the one or more attributes of the one or more secondary devices, comprises a serial number of the one or more secondary devices.
“7. The computer-readable medium of claim 1, wherein the one or more attributes of the one or more secondary devices, comprises a reference to a cookie or token stored on the one or more secondary devices.
“8. The computer-readable medium of claim 1, comprising computer-readable instructions that, when executed by the one or more processors of the computer, cause the computer to: identify a paired set of one or more devices communicatively coupled to, but different than, the one or more secondary devices; and generate secondary authentication information based upon one or more attributes of the paired set of one or more devices.
“9. The computer-readable medium of claim 8, comprising computer-readable instructions that, when executed by the one or more processors of the computer, cause the computer to: identify the paired set of one or more devices by recursively polling for paired electronic devices.
“10. A computer-implemented method, comprising: automatically identifying one or more secondary devices communicatively coupled to, but different than, a client system that will access a secured remote computer system, by: polling, via a client device, for an indication of one or more electronic devices communicatively coupled to the client device; identifying the one or more electronic devices as the one or more secondary devices; generating secondary authentication information based upon one or more attributes of the one or more secondary devices; and associating the secondary authentication information with a user identifier, such that user identifier can be subsequently authenticated based upon the secondary authentication information.
“11. The computer-implemented method of claim 10, comprising: providing a graphical user interface that requests identification of the one or more secondary devices should be associated with the user identifier via a user input; receiving the user input, wherein the user input indicates that a subset of the one or more secondary devices that should not be associated with the user identifier; and in response to receiving the user input, generating the secondary authentication information, wherein the secondary authentication information comprises identification information for one or more secondary devices other than the subset of the one or more secondary devices.
“12. The computer-implemented method of claim 10, wherein the one or more electronic devices are coupled via Bluetooth communications, Wi-fi communications, near field communications (NFC), universal serial bus (USB) communications, or any combination thereof.
“13. The computer-implemented method of claim 10, wherein the one or more attributes of the one or more secondary devices, comprises a media access control (MAC) address of the one or more secondary devices, an indication of software on the one or more secondary devices, a serial number of the one or more secondary devices, a reference to a cookie or token stored on the one or more secondary devices, or any combination thereof.
“14. The computer-implemented method of claim 10, comprising: identifying a paired set of one or more devices communicatively coupled to, but different than, the one or more secondary devices; and generating the secondary authentication information based upon one or more attributes of the paired set of one or more devices.
“15. The computer-implemented method of claim 14, comprising: identifying the paired set of one or more devices by recursively polling for paired electronic devices.
“16. A system, comprising: a secured computer system; a client system, configured to access the secured computer system; one or more secondary devices communicatively coupled to, but different than, the client system; wherein the client system is configured to: automatically identify the one or more secondary devices, by polling, via the client system, for an indication of one or more electronic devices communicatively coupled to the client system; and identifying the one or more electronic devices as the one or more secondary devices; and generate secondary authentication information based upon one or more attributes of the one or more secondary devices; and wherein the secured computer system is configured to: receive the secondary authentication information from the client system; and associate the secondary authentication information with a user identifier, such that user identifier can be subsequently authenticated based upon the secondary authentication information.
“17. The system of claim 16, comprising: a paired set of one or more devices communicatively coupled to, but different than, the one or more secondary devices; wherein the client system is configured to identify the paired set of one or more devices; and generate the secondary authentication information based upon one or more attributes of the paired set of one or more devices.”
For the URL and additional information on this patent, see:
(Our reports deliver fact-based news of research and discoveries from around the world.)
“Graphical Representations Of Time-Ordered Data” in Patent Application Approval Process (USPTO 20220147238): Patent Application
“Systems And Methods For Analyzing Vehicle Sensor Data Via A Blockchain” in Patent Application Approval Process (USPTO 20220147505): Patent Application
Advisor News
- How smart investments prepare clients for inflation
- Amid slew of corporate tax ideas, Newsom chose one likely to hit people’s premiums
- The biggest risk to your clients’ financial plans isn’t market volatility
- Initiative looks at how caregiving impacts workplace benefits
- Will rising retirement needs spark an annuity boom?
More Advisor NewsAnnuity News
- Globe Life Inc. (NYSE: GL) Records 52-Week High Thursday Morning
- Fortitude Re Completes $500 Million FABN Issuance
- Reframing retirement income for greater certainty
- Jackson Introduces Dow Jones Industrial Average Index Option, Flexible Premiums, Six-Year Rate Guarantee in Latest Registered Index-Linked Annuity Launch
- Senior Market Sales® Fortifies Annuity Reach With Acquisition of Retirement Planning Firm Stratton & Company
More Annuity NewsHealth/Employee Benefits News
- Report finds high denial rates at UnitedHealth, two other Medicare Advantage plans
- PHISHING ATTACK PUT VHC HEALTH PATIENTS' MEDICAL RECORDS, PERSONAL INFORMATION AT RISK
- Heights School Board Presses Trenton On Soaring Costs
- Brain In-Com brings week of TBI advocacy
- Investigators at Chongqing Medical University Zero in on Science (The impact of China’s employee basic medical insurance outpatient pooling scheme on outpatient healthcare utilization among middle-aged adults): Science
More Health/Employee Benefits NewsLife Insurance News
- AM Best Affirms Issue Credit Ratings of Weston2038 LLC’s Credit-Linked Notes
- Globe Life Inc. (NYSE: GL) Records 52-Week High Thursday Morning
- Greg Lindberg moves to halt $1.65B restitution order, claims he ‘overpaid’
- Fidelity Investments® to Expand Target Date Lineup With Launch of Guaranteed Income Solution
- KBRA Releases Research – Private Credit: Much Ado About Nothing – Perspectives on Columbia Business School Paper About Private Ratings
More Life Insurance News