Patent Issued for Quick-Logon For Computing Device (USPTO 10,282,531)

2019 MAY 22 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- According to news reporting originating from Alexandria, Virginia, by NewsRx journalists, a patent by the inventors Davey, Richard A. (San Antonio, TX); Bennett, Jr., Wilbert (San Antonio, TX), filed on February 27, 2017, was published online on May 20, 2019.

The assignee for this patent, patent number 10,282,531, is United Services Automobile Association (San Antonio, Texas, United States).

Reporters obtained the following quote from the background information supplied by the inventors: “The protection and security of customer information is vital from an organization’s perspective, not only to comply with applicable laws, but to earn and maintain customer trust. Enhanced security often comes at the cost of convenience for the user, such as by requiring the user to answer additional security questions. Various methods are used in authenticating a user attempting to access an account. Security analysts have identified three authentication factors that can be used in making a positive identification: ownership, knowledge, and inherence. Elements used to verify the first factor, ownership, may include a phone, a security token, or a software token. Elements used to verify the knowledge factor may include a password, username, personal identification number (PIN), or answers to security questions. Elements used to verify the inherence factor may include biometric data.

“Verifying two of the factors, ‘two-factor authentication’, is commonly used to authenticate a user. For example, many applications on mobile devices require the user to enter a PIN, satisfying the knowledge factor, on a particular mobile device, satisfying the ownership factor. In some mobile devices, the ownership factor is generally assumed to be satisfied because many mobile devices, such as smartphones, are particular to one person. Thus, an impersonator would be required not only to have the mobile device, but also to know the PIN in order to access the application. This enables users to simply input a PIN into an application on a mobile device to be authenticated.

“Personal computers (computing devices) pose additional complexities in authenticating users. Computing devices are commonly used by more than one person. Thus, it is not safe to assume that the identity of the computing device satisfies the ownership factor. Additionally, computing devices in general have been more easily compromised than other devices. Current solutions increase security, but are often inconvenient for users. For example, one solution includes providing users with some type of token, requiring the user to prove that the user has the token, such as by typing in a one-time code generated by the token in combination with a username/password/PIN. Other solutions focus on the knowledge factor such as by requiring the user to answer additional security questions.”

In addition to obtaining background information on this patent, NewsRx editors also obtained the inventors’ summary information for this patent: “Disclosed herein are methods and systems for verifying a user’s identity on a computing device using two-factor authentication. More particularly, the system can use a personal identification number input by a user, together with one or more of a secure browsing feature, a device fingerprint, and a token generator to authenticate the user on the computer.

“When multiple embodiments are disclosed, still other embodiments of the present disclosure will become apparent to those skilled in the art from the following detailed description, which shows and describes illustrative embodiments of the disclosure. As will be realized, the disclosure is capable of modifications in various aspects, all without departing from the scope of the present disclosure. Accordingly, the drawings and detailed description are to be regarded as illustrative in nature and not restrictive.”

The claims supplied by the inventors are:

“What is claimed is:

“1. A method comprising: receiving, from a computing device associated with a user, a secure token to fulfill a first authentication request, wherein the secure token is generated by a token generator associated with the device, wherein the computing device provides the secure token without instruction from the user; verifying that the secure token matches the secure token generated by the token generator associated with the device; authenticating the user to engage in a first activity on a first channel without further interaction from the user in response to verification that the secure token matches the secure token generated by the token generator associated with the device; providing, to the user, access to the secure token in a human-readable format to fulfill a second authentication request; in response to the user requesting engagement in a second activity requiring a second level of authentication, requesting, from the user, the secure token to fulfill the second authentication request, wherein the secure token requested to fulfill the second authentication request is the same secure token that was used to fulfill the first authentication request, wherein the first activity is different than the second activity; requesting the user to speak aloud the secure token to fulfill the second authentication request; comparing one or more biometric characteristics of the user speaking the secure token aloud with one or more biometric characteristics stored in a user profile associated with the user; and authenticating the user to engage in the second activity on the first channel in response to verification that: the one or more biometric characteristics of the user matches the one or more biometric characteristics stored in the user profile, and the secure token spoken by the user matches the secure token generated by the token generator associated with the device.

“2. The method of claim 1, wherein the second activity requires a higher level of authentication than the first activity.

“3. The method of claim 1, wherein providing, to the user, access to the secure token comprises at least one of: displaying the secure token on a lock screen of the computing device or storing the secure token in an application installed on the computing device.

“4. The method of claim 1, wherein the secure token is dynamic, wherein the first channel is one of: a mobile application, a web portal, a chat room, a voice and data call, or a voice call.

“5. The method of claim 4, wherein providing, to the user, access to the secure token comprises providing a list of secure tokens with time indications, wherein the method further comprises requesting the secure token present at a particular time to fulfill the second authentication request.

“6. The method of claim 1, wherein the secure token is a quick response code, wherein the quick response code is physically presented to a second device.

“7. The method of claim 1, wherein authenticating the user comprises verifying an identity of the user, wherein verifying the identity of the user comprises: monitoring interactions of the user including browsing behavior with the computing device; determining whether the interactions of the user with the computing device matches, within a predetermined degree of tolerance, expected behavior within the user profile; verifying the identity of the user based on the interactions of the user matching the expected behavior within the user profile; and verifying that the computing device is pre-registered.

“8. A non-transitory computer-readable storage medium embodying a set of instructions that, when executed by one or more processors, cause a machine to: receive, from a computing device associated with a user, a secure token to fulfill a first authentication request, wherein the secure token is generated by a token generator associated with the device, wherein the computing device provides the secure token without instruction from the user; verify that the secure token matches the secure token generated by the token generator associated with the device; authenticate the user to engage in a first activity on a first channel without further interaction from the user in response to verification that the secure token matches the secure token generated by the token generator associated with the device; provide, to the user, access to the secure token in a human-readable format to fulfill a second authentication request; in response to the user requesting engagement in a second activity requiring a second level of authentication, request, from the user, the secure token to fulfill the second authentication request, wherein the secure token requested to fulfill the second authentication request is the same secure token that was used to fulfill the first authentication request, wherein the first activity is different than the second activity; request the user to speak aloud the secure token to fulfill the second authentication request; compare one or more biometric characteristics of the user speaking the secure token aloud with one or more biometric characteristics stored in a user profile associated with the user; and authenticate the user to engage in the second activity on the first channel in response to verification that: the one or more biometric characteristics of the user matches the one or more biometric characteristics stored in the user profile, and the secure token spoken by the user matches the secure token generated by the token generator associated with the device.

“9. The non-transitory computer-readable storage medium of claim 8, wherein the second activity requires a higher level of authentication than the first activity.

“10. The non-transitory computer-readable storage medium of claim 8, wherein the instructions that, when executed by the one or more processors, cause the machine to provide, to the user, access to the secure token further cause the machine to perform at least one of: display the secure token on a lock screen of the computing device or store the secure token in an application installed on the computing device.

“11. The non-transitory computer-readable storage medium of claim 8, wherein the secure token is dynamic, wherein the instructions that, when executed by the one or more processors, cause the machine to provide, to the user, access to the secure token further cause the machine to provide a list of secure tokens with time indications, wherein the instructions, when executed by the one or more processors, further cause the machine to request the secure token present at a particular time to fulfill the second authentication request.

“12. The non-transitory computer-readable storage medium of claim 8, wherein the first channel is one of: a mobile application, a web portal, a chat room, a voice and data call, or a voice call.

“13. The non-transitory, computer-readable medium of claim 8, wherein the instructions, when executed by the one or more processors, further cause the machine to: provide a list of secure tokens with time indications; and request the secure token present at a particular time to fulfill the second authentication request.

“14. The non-transitory, computer-readable medium of claim 8, wherein the instructions, when executed by the one or more processors, further cause the machine to: verify an identity of the user to authenticate the user, wherein verifying the identity of the user comprises: monitoring interactions of the user including browsing behavior with the computing device; determining whether the interactions of the user with the computing device matches, within a predetermined degree of tolerance, expected behavior within the user profile; verifying the identity of the user based on the interactions of the user matching the expected behavior within the user profile; and verifying that the computing device is pre-registered.

“15. A call routing system comprising: one or more processors; and a computer readable storage medium having instructions stored thereon, which when executed by the one or more processors, cause the call routing system to: receive, from a computing device associated with a user, a secure token to fulfill a first authentication request, wherein the secure token is generated by a token generator associated with the device, wherein the computing device provides the secure token without instruction from the user; verify that the secure token matches the secure token generated by the token generator associated with the device; authenticate the user to engage in a first activity on a first channel without further interaction from the user in response to verification that the secure token matches the secure token generated by the token generator associated with the device; provide, to the user, access to the secure token in a human-readable format to fulfill a second authentication request; in response to the user requesting engagement in a second activity requiring a second level of authentication, request, from the user, the secure token to fulfill the second authentication request, wherein the secure token requested to fulfill the second authentication request is the same secure token that was used to fulfill the first authentication request, wherein the first activity is different than the second activity; request the user to speak aloud the secure token to fulfill the second authentication request; compare one or more biometric characteristics of the user speaking the secure token aloud with one or more biometric characteristics stored in a user profile associated with the user; and authenticate the user to engage in the second activity on the first channel in response to verification that: the one or more biometric characteristics of the user matches the one or more biometric characteristics stored in the user profile, and the secure token spoken by the user matches the secure token generated by the token generator associated with the device.

“16. The call routing system of claim 15, wherein the second activity requires a higher level of authentication than the first activity.

“17. The call routing system of claim 15, wherein the instructions, when executed by the one or more processors, further cause the call routing system to: provide a list of secure tokens with time indications; and request the secure token present at a particular time to fulfill the second authentication request.

“18. The call routing system of claim 15, wherein the instructions, when executed by the one or more processors, further cause the call routing system to: verify an identity of the user to authenticate the user, wherein verifying the identity of the user comprises: monitoring interactions of the user including browsing behavior with the computing device; determining whether the interactions of the user with the computing device matches, within a predetermined degree of tolerance, expected behavior within the user profile; verifying the identity of the user based on the interactions of the user matching the expected behavior within the user profile; and verifying that the computing device is pre-registered.”

For more information, see this patent: Davey, Richard A.; Bennett, Jr., Wilbert. Quick-Logon For Computing Device. U.S. Patent Number 10,282,531, filed February 27, 2017, and published online on May 20, 2019. Patent URL: http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.htm&r=1&f=G&l=50&s1=10,282,531.PN.&OS=PN/10,282,531RS=PN/10,282,531

(Our reports deliver fact-based news of research and discoveries from around the world.)