Patent Issued for Public authentication systems and methods (USPTO 11722482): United Services Automobile Association
2023 AUG 25 (NewsRx) -- By a
The patent’s inventors are
This patent was filed on
From the background information supplied by the inventors, news correspondents obtained the following quote: “The present disclosure relates generally to systems and methods for electronic authentication of users. More specifically, the present disclosure relates to multi-factor authentication techniques that increase security by providing complex authentication of a user, while reducing inconvenience to the users being authenticated.
“As electronic technology becomes increasingly affordable and powerful, commerce is increasingly conducted electronically online. Modern businesses typically offer access to services and sensitive data via online portals (e.g., the Internet), which may be accessed from numerous sites across the globe. Because the data and/or services provided by these businesses may be quite valuable, nefarious individuals may attempt to impersonate a user from one of the access sites, in an effort to gain unauthorized access to the data and/or to initiate unauthorized service transactions. To curb these efforts, businesses may implement primary authentication processes, as well as secondary authentication processes. For example, certain modern businesses have traditionally asked for username/password combinations as a primary authentication method. Further, these businesses may ask a user for answers to personal questions, which may act as a secondary mechanism for authenticating the user. Unfortunately, these secondary mechanisms may be quite inconvenient for the users. For example, the login process may become more complex, requiring a user to remember and enter answers to secondary questions. This may be quite cumbersome and inefficient. Accordingly, improved techniques for multi-factor (e.g., secondary) authentication are desired.”
Supplementing the background information on this patent, NewsRx reporters also obtained the inventors’ summary information for this patent: “One or more specific embodiments of the present disclosure will be described below. In an effort to provide a concise description of these embodiments, all features of an actual implementation may not be described in the specification. It should be appreciated that in the development of any such actual implementation, as in any engineering or design project, numerous implementation-specific decisions must be made to achieve the developers’ specific goals, such as compliance with system-related and business-related constraints, which may vary from one implementation to another. Moreover, it should be appreciated that such a development effort might be complex and time consuming, but would nevertheless be a routine undertaking of design, fabrication, and manufacture for those of ordinary skill having the benefit of this disclosure.
“Present embodiments are generally directed toward improved systems and methods of multi-factor authentication for performance of electronic actions (e.g., accessing electronic data and/or modifying electronic data). Specifically, as will be described in detail below, the techniques discussed herein may enable multiple factors of authentication to occur, while reducing a user input burden. Present embodiments address post-Internet issues that have arisen with respect to protecting against unauthorized access/modification to data and with respect to inefficiencies of traditional authentication techniques that have become overly cumbersome in efforts to address more sophisticated threats.
“More specifically, in accordance with present embodiments, a user and/or user identifier requesting the performance of electronic actions at a client computer may provide authenticating information to illustrate that the user and/or user identifier is permitted for action performance via data and device associations that may avoid requiring a user to perform multiple password entries. An electronic device other than the client may be associated with the user and/or user identifier. Information related to and/or provided from this electronic device may be used to provide a secondary authentication of the user and/or user identifier, resulting in a multi-factor authentication that may occur without secondary user input.
“Multi-Factor Authentication
“Turning first to a discussion of an overall multi-factor authentication system, FIG. 1 is a schematic representation of a multi-factor authentication system 100, in accordance with an embodiment. FIG. 2 is a flowchart, illustrating a process 200 for implementing multi-factor authentication using the system 100 of FIG. 1, in accordance with an embodiment. For clarity, FIGS. 1 and 2 will be discussed together.”
The claims supplied by the inventors are:
“1. A system, comprising: an intermediary device; a secondary device coupled to the intermediary device, the secondary device configured to provide data access authentication information that may be used to determine whether to fulfil a data access request; and an electronic data access system configured to: receive the data access request from a client system; receive the data access authentication information of the secondary device; determine whether to fulfill the data access request based upon the data access authentication information; in response to determining to fulfill the data access request, provide access to data specified by the data access request; and otherwise in response to determining not to fulfill the data access request, refrain from providing access to the data specified by the data access request.
“2. The system of claim 1, wherein the data access authentication information comprises a pairing status between the intermediary device and the secondary device, wherein the secondary device is configured to provide the data access authentication information by being paired with the intermediary device.
“3. The system of claim 1, wherein the data access authentication information comprises a cookie, a token, a characteristic associated with the secondary device, or any combination thereof.
“4. The system of claim 3, wherein the characteristic comprises a media access control (MAC) address associated with the secondary device.
“5. The system of claim 3, wherein the characteristic comprises a location associated with the secondary device.
“6. The system of claim 1, wherein the electronic data access system is configured to identify that the data access authentication information may be used to determine whether to fulfil the data access request based upon the intermediary device being associated with an account authorized to access the data and the secondary device being associated with the intermediary device.
“7. The system of claim 6, wherein the intermediary device is associated with the account via a registration process and the secondary device is automatically registered with the account based upon the virtue of registration of the intermediary device.
“8. The system of claim 1, comprising: a plurality of intermediary devices; and a plurality of secondary devices, coupled to the plurality of intermediary devices, wherein each of the plurality of secondary devices is configured to provide a portion of the data access authentication information.
“9. The system of claim 1, wherein the intermediary device comprises smart phone, a vehicle, a wearable device, a home automation system, or any combination thereof and the secondary device comprises an electronic device in communication with the smart phone, the vehicle, the wearable device, the home automation system, or the any combination thereof.
“10. The system of claim 1, wherein the data access request comprises a request to access user-specific financial records.
“11. A method, comprising: receiving a data access request from a client system; receiving data access authentication information from a secondary device coupled to an intermediary device, the secondary device configured to provide data access authentication information that may be used to determine whether to fulfil a data access request; determining whether to fulfill the data access request based upon the data access authentication information; in response to determining to fulfill the data access request, providing access to data specified by the data access request; and otherwise in response to determining not to fulfill the data access request, refraining from providing access to the data specified by the data access request.
“12. The method of claim 11, wherein the data access authentication information comprises a cookie, a token, a characteristic associated with the secondary device, or any combination thereof.
“13. The method of claim 11, wherein the data access authentication information comprises a pairing status between the intermediary device and the secondary device.
“14. The method of claim 11, wherein the intermediary device comprises a smart phone, a vehicle, a wearable device, or a home automation system.
“15. The method of claim 11, comprising: identifying that the data access authentication information may be used to determine whether to fulfil the data access request based upon the intermediary device being associated with an account authorized to access the data and the secondary device being associated with the intermediary device.
“16. A tangible, non-transitory, machine-readable medium, comprising machine-readable instructions that, when executed, cause one or more processors to: receive a data access request from a client system; receive data access authentication information from a secondary device coupled to an intermediary device, the secondary device configured to provide data access authentication information that may be used to determine whether to fulfil a data access request; determine whether to fulfill the data access request based upon the data access authentication information; in response to determining to fulfill the data access request, provide access to data specified by the data access request; and otherwise in response to determining not to fulfill the data access request, refrain from providing access to the data specified by the data access request.
“17. The machine-readable medium of claim 16, comprising instructions that, when executed, cause the one or more processors to: identify that the data access authentication information may be used to determine whether to fulfil the data access request based upon the intermediary device being associated with an account authorized to access the data and the secondary device being associated with the intermediary device.
“18. The machine-readable medium of claim 16, comprising instructions that, when executed, cause the one or more processors to: identify a pairing status between the intermediary device and the secondary device; and use the pairing status as the data access authentication information.
“19. The machine-readable medium of claim 16, comprising instructions that, when executed, cause the one or more processors to determine a confidence factor for authenticating the data access request based on data access authentication information of a number of plurality of secondary devices.
“20. The machine-readable medium of claim 16, wherein the data access authentication information comprises a cookie, a token, a characteristic associated with the secondary device, or any combination thereof; and wherein the intermediary device comprises a smart phone, a vehicle, a wearable device, a home automation system, or any combination thereof.”
For the URL and additional information on this patent, see:
(Our reports deliver fact-based news of research and discoveries from around the world.)
Patent Issued for Personal information assistant computing system (USPTO 11721340): Allstate Insurance Company
Patent Issued for Systems and methods for adaptive learning to replicate peak performance of human decision making (USPTO 11720900): United Services Automobile Association
Advisor News
- Nationwide Financial Services President John Carter to retire at year end
- FINRA, FBI warn about generative AI and finances
- Prudential study: Babies born today will likely need nearly $2M to retire
- Economy performing better than expected, Morningstar says
- Advisors have more optimism post-election
More Advisor NewsAnnuity News
- Prudential Financial to Reinsure $7B Japanese Whole Life Block with Prismic Life
- Nationwide Financial Services President John Carter to retire at year end
- Pension Rights Center: PRT deals could lead to ‘nationwide catastrophe’ regulated
- Allianz Life Retirement Solutions Now Available Through Morgan Stanley
- Midland Advisory Focused on Growing Registered Investment Advisor Channel Presence
More Annuity NewsHealth/Employee Benefits News
- Insider named as new CEO for UnitedHealthcare insurance business
- FastTrack and RGA Partner to Bring Digital Workflow Automation and Claims System Technology to RGA Clients
- Stock market today: Wall Street mixed in premarket as airlines drag and insurance companies rise
- Voya launches innovative new permanent life insurance offering through the workplace
- Council Reviews Health Care Options at Special Meeting
More Health/Employee Benefits NewsLife Insurance News
- Prudential Financial and Dai-ichi Life to Pursue Strategic Partnership
- AM Best Removes From Under Review With Positive Implications and Upgrades Credit Ratings of ShelterPoint Insurance Company and ShelterPoint Life Insurance Company
- Prudential inks $7 billion reinsurance deal with Bermuda-based reinsurer
- Securian Financial Announces Chief Financial Officer Transition
- Voya launches innovative new permanent life insurance offering through the workplace
More Life Insurance News