Patent Issued for Quick-logon for computing device (USPTO 11271918): United Services Automobile Association
2022 MAR 24 (NewsRx) -- By a
The patent’s inventors are
This patent was filed on
From the background information supplied by the inventors, news correspondents obtained the following quote: “The protection and security of customer information is vital from an organization’s perspective, not only to comply with applicable laws, but to earn and keep their customer’s trust. Enhanced security often comes at the cost of convenience for the user, such as by requiring the user to answer additional security questions or to provide a code generated from a token generator. Various methods are used in authenticating a user attempting to access an account. Security analysts have identified three authentication factors that can be used in making a positive identification: ownership, knowledge, and inherence. Elements used to verify the first factor, ownership, may include a phone, a security token, or a software token. Elements used to verify the knowledge factor may include a password, username, personal identification number (PIN) or answers to security questions. Elements used to verify the inherence factor may include biometric data.
“Verifying two of the factors, “two-factor authentication”, is commonly used to authenticate a user. For example, many applications on mobile devices require the user to enter a PIN, satisfying the knowledge factor, on a particular mobile device, satisfying the ownership factor. In some mobile devices, the ownership factor is generally assumed to be satisfied because many mobile devices such as smartphones are particular to one person. Thus an impersonator would be required not only to have the mobile device, but also to know the PIN in order to access the application. This enables users to simply input a PIN into an application on a mobile device to be authenticated.
“Personal computers (computing devices) pose additional complexities in authenticating users. Computing devices are commonly used by more than one person. Thus, it is not safe to assume that the identity of the computing device satisfies the ownership factor. Additionally, computing devices have been more easily compromised than other devices. Current solutions increase security, but are often inconvenient for users. For example, one solution includes providing users with some type of token, and requiring the user to prove that the user has the token such as by typing in a one-time code generated by the token, in combination with a username/password/PIN. Other solutions focus on the knowledge factor such as by requiring the user to answer additional security questions.”
Supplementing the background information on this patent, NewsRx reporters also obtained the inventors’ summary information for this patent: “Disclosed herein are methods and systems for verifying a user’s identity on a personal computer using two-factor authentication. More particularly, the system utilizes a personal identification number input by a user, together with one or more of a secure browsing feature, a device fingerprint, and a token generator to authenticate the user on the computer.
“While multiple embodiments are disclosed, still other embodiments of the present invention will become apparent to those skilled in the art from the following detailed description, which shows and describes illustrative embodiments of the invention. As will be realized, the invention is capable of modifications in various aspects, all without departing from the scope of the present invention. Accordingly, the drawings and detailed description are to be regarded as illustrative in nature and not restrictive.
“The drawings have not necessarily been drawn to scale. For example, the dimensions of some of the elements in the figures may be expanded or reduced to help improve the understanding of the embodiments of the present invention. Similarly, some components and/or operations may be separated into different blocks or combined into a single block for the purposes of discussion of some of the embodiments of the present invention. Moreover, while the invention is amenable to various modifications and alternative forms, specific embodiments have been shown by way of example in the drawings and are described in detail below. The intention, however, is not to limit the invention to the particular embodiments described. On the contrary, the invention is intended to cover all modifications, equivalents, and alternatives falling within the scope of the invention as defined by the appended claims.”
The claims supplied by the inventors are:
“1. A computer-implemented method comprising: installing an authentication system on a computing device associated with a user by: collecting information to identify the computing device, installing a token generator on the computing device, associating a key with the token generator, encrypting the key and embedding the encrypted key on the computing device, and associating the token generator with an identification number associated with the user; receiving a logon request at the computing device from the user, wherein the logon request comprises identifying information and a one-time code generated by the token generator; and in response to verifying the one-time code with a code associated with the token generator, the user to operate the computing device without further interaction with the user.
“2. The computer-implemented method of claim 1, wherein installing the authentication system further comprises: installing a secure browsing solution on the computing device and generating a device fingerprint of the computing device.
“3. The computer-implemented method of claim 1, wherein the token generator is removed after the user terminates a session.
“4. The computer-implemented method of claim 1, further comprising: prior to installing the authentication system on the computing device: verifying, using a first method of authentication, an identity of the user, requesting permission to install the authentication system onto the computing device, wherein the authentication system authenticates the user using a second method of authentication.
“5. The computer-implemented method of claim 1, wherein the identifying information comprises biometric data.
“6. The computer-implemented method of claim 1, wherein the method further comprises installing more than one token generator on the computing device, wherein each token generator is associated with a different user.
“7. The computer-implemented method of claim 1, wherein the method further comprises requesting irrelevant data to be included with the one-time code or the identifying information.
“8. A non-transitory computer-readable storage medium coupled to one or more processors and having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations for authenticating a user session on a system, the operations comprising: installing an authentication system on a computing device associated with a user by: collecting information to identify the computing device, installing a token generator on the computing device, associating a key with the token generator, encrypting the key and embedding the encrypted key on the computing device, and associating the token generator with an identification number associated with the user; receiving a logon request at the computing device from the user, wherein the logon request comprises identifying information and a one-time code generated by the token generator; and in response to verifying the one-time code with a code associated with the token generator, the user to operate the computing device without further interaction with the user.
“9. The non-transitory computer-readable storage medium of claim 8, wherein installing the authentication system further comprises: installing a secure browsing solution on the computing device and generating a device fingerprint of the computing device.
“10. The non-transitory computer-readable storage medium of claim 8, wherein the token generator is removed after the user terminates a session.
“11. The non-transitory computer-readable storage medium of claim 8, wherein the operations further comprise: prior to installing the authentication system on the computing device: verifying, using a first method of authentication, an identity of the user, requesting permission to install the authentication system onto the computing device, wherein the authentication system authenticates the user using a second method of authentication.
“12. The non-transitory computer-readable storage medium of claim 8, wherein the identifying information comprises biometric data.
“13. The non-transitory computer-readable storage medium of claim 8, wherein the operations further comprise installing more than one token generator on the computing device, wherein each token generator is associated with a different user.
“14. The non-transitory computer-readable storage medium of claim 8, wherein the operations further comprise requesting irrelevant data to be included with the one-time code or the identifying information.
“15. A system, comprising: one or more processors; and a computer-readable storage device coupled to the one or more processors and having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations comprising: installing an authentication system on a computing device associated with a user by: collecting information to identify the computing device, installing a token generator on the computing device, associating a key with the token generator, encrypting the key and embedding the encrypted key on the computing device, and associating the token generator with an identification number associated with the user; receiving a logon request at the computing device from the user, wherein the logon request comprises identifying information and a one-time code generated by the token generator; and in response to verifying the one-time code with a code associated with the token generator, the user to operate the computing device without further interaction with the user.
“16. The system of claim 15, wherein installing the authentication system further comprises: installing a secure browsing solution on the computing device and generating a device fingerprint of the computing device.
“17. The system of claim 15, wherein the token generator is removed after the user terminates a session.
“18. The system of claim 15, wherein the operations further comprise: prior to installing the authentication system on the computing device: verifying, using a first method of authentication, an identity of the user, requesting permission to install the authentication system onto the computing device, wherein the authentication system authenticates the user using a second method of authentication.
“19. The system of claim 15, wherein the operations further comprise installing more than one token generator on the computing device, wherein each token generator is associated with a different user.
“20. The system of claim 15, wherein the operations further comprise requesting irrelevant data to be included with the one-time code or the identifying information.”
For the URL and additional information on this patent, see:
(Our reports deliver fact-based news of research and discoveries from around the world.)
Research Conducted at McGill University Has Provided New Information about Bayesian Analysis (A Bayesian Approach To Modeling Multivariate Multilevel Insurance Claims In the Presence of Unsettled Claims): Bayesian Analysis
Patent Issued for Method and system for onboarding users for financial institutions using virtual reality and augmented reality (USPTO 11270509): Signzy Technologies Private Limited
Advisor News
- Women say their advisors respect them, but talk down to them
- How PEPs compare with traditional 401(k)s
- Allianz studies why 42% of Americans retire sooner than expected
- Why advisors should be talking about life settlements
- Millennials are ready to bring their advisor to the family table
More Advisor NewsAnnuity News
- NAIC regulators continue pushing for annuity illustration updates
- Wink: Flat first-quarter annuity sales fall just short of $100B
- 26North Re Agrees to Acquire 100% of Independent Insurance Group
- Matthew Michelini named Athene president, with an eye on annuity growth
- Lincoln Financial Announces Executive Leadership Transitions
More Annuity NewsHealth/Employee Benefits News
- More Hoosiers go uninsured – and to the ER
- State Health Plan provider network plan could lower NC costs for some members, raise them for others
- SENATOR TONY HWANG RESPONDS TO PROPOSED DOUBLE-DIGIT INSURANCE RATE INCREASE REQUESTS; ENCOURAGES PUBLIC PARTICIPATION
- WARNOCK FORCES VOTE ON TRANSPARENCY SURROUNDING MEDICAID COVERAGE LOSS
- Researchers at University of Illinois Release New Data on Insurance (State sanctions may not affect Medicaid managed care): Insurance
More Health/Employee Benefits NewsLife Insurance News
- AM Best Affirms Credit Ratings of CVS Health Corporation’s Aetna Inc. Subsidiaries
- AM Best Assigns Issue Credit Ratings to The Northwestern Mutual Life Insurance Company’s New Surplus Notes
- Prudential announces more layoffs as insurer continues to restructure
- Pradip Patiath Joins Securian Financial Board of Directors
- Over $107 million in life insurance benefits located for Tennesseans in 2025
More Life Insurance News