Patent Issued for Quick-logon for computing device (USPTO 11709921): United Services Automobile Association
2023 AUG 10 (NewsRx) -- By a
Patent number 11709921 is assigned to
The following quote was obtained by the news editors from the background information supplied by the inventors: “The protection and security of customer information is vital from an organization’s perspective, not only to comply with applicable laws, but to earn and maintain customer trust. Enhanced security often comes at the cost of convenience for the user, such as by requiring the user to answer additional security questions. Various methods are used in authenticating a user attempting to access an account. Security analysts have identified three authentication factors that can be used in making a positive identification: ownership, knowledge, and inherence. Elements used to verify the first factor, ownership, may include a phone, a security token, or a software token. Elements used to verify the knowledge factor may include a password, username, personal identification number (PIN), or answers to security questions. Elements used to verify the inherence factor may include biometric data.
“Verifying two of the factors, “two-factor authentication”, is commonly used to authenticate a user. For example, many applications on mobile devices require the user to enter a PIN, satisfying the knowledge factor, on a particular mobile device, satisfying the ownership factor. In some mobile devices, the ownership factor is generally assumed to be satisfied because many mobile devices, such as smartphones, are particular to one person. Thus, an impersonator would be required not only to have the mobile device, but also to know the PIN in order to access the application. This enables users to simply input a PIN into an application on a mobile device to be authenticated.
“Personal computers (computing devices) pose additional complexities in authenticating users. Computing devices are commonly used by more than one person. Thus, it is not safe to assume that the identity of the computing device satisfies the ownership factor. Additionally, computing devices in general have been more easily compromised than other devices. Current solutions increase security, but are often inconvenient for users. For example, one solution includes providing users with some type of token, requiring the user to prove that the user has the token, such as by typing in a one-time code generated by the token in combination with a username/password/PIN. Other solutions focus on the knowledge factor such as by requiring the user to answer additional security questions.”
In addition to the background information obtained for this patent, NewsRx journalists also obtained the inventors’ summary information for this patent: “Disclosed herein are methods and systems for verifying a user’s identity on a computing device using two-factor authentication. More particularly, the system can use a personal identification number input by a user, together with one or more of a secure browsing feature, a device fingerprint, and a token generator to authenticate the user on the computer.
“When multiple embodiments are disclosed, still other embodiments of the present disclosure will become apparent to those skilled in the art from the following detailed description, which shows and describes illustrative embodiments of the disclosure. As will be realized, the disclosure is capable of modifications in various aspects, all without departing from the scope of the present disclosure. Accordingly, the drawings and detailed description are to be regarded as illustrative in nature and not restrictive.
“The drawings have not necessarily been drawn to scale. For example, the dimensions of some of the elements in the figures may be expanded or reduced to help improve the understanding of the embodiments of the present disclosure. Similarly, some components and/or operations may be separated into different blocks or combined into a single block for the purposes of discussion of some of the embodiments of the present disclosure. Moreover, while the disclosure is amenable to various modifications and alternative forms, specific embodiments have been shown by way of example in the drawings and are described in detail below. The intention, however, is not to limit the disclosure to the particular embodiments described. On the contrary, the disclosure is intended to cover all modifications, equivalents, and alternatives falling within the scope of the disclosure as defined by the appended claims.”
The claims supplied by the inventors are:
“1. A method comprising: receiving, from a computing device associated with a user, a secure token to fulfill a first authentication request, wherein the secure token is generated by a user-specific token generator operating on the computing device, wherein the user-specific token generator is associated with an identity of the user and is in a human-readable format; in response to verification that the secure token was generated by the user-specific token generator associated with the identity of the user, authenticating the user to engage in a first activity on a first channel; in response to receiving from the user a second authentication request to engage in a second activity, requesting, from the user, the secure token present at a particular time to fulfill the second authentication request, wherein the secure token requested to fulfill the second authentication request to engage in the second activity is the same secure token that was used to fulfill the first authentication request, wherein the second activity having a different level of authentication than the first activity; and in response to verification that the secure token provided by the user for the second authentication was generated by the user-specific token generator associated with the identity of the user, authenticating the user to engage in the second activity on the first channel.
“2. The method of claim 1, further comprising: verifying the identity of the user, wherein verifying the identity of the user comprises: monitoring interactions of the user including browsing behavior with the computing device; determining whether the interactions of the user with the computing device matches, within a predetermined degree of tolerance, expected behavior within a user profile of the user; and in response to the interactions of the user matching the expected behavior within the user profile, verifying the identity of the user.
“3. The method of claim 1, further comprising: providing, to the user, a list of secure tokens with time indications.
“4. The method of claim 1, further comprising: displaying the secure token on a lock screen of the computing device or storing the secure token in an application installed on the computing device.
“5. The method of claim 1, wherein the secure token is dynamic, wherein the first channel is one of: a mobile application, a web portal, a chat room, a voice and data call, or a voice call.
“6. The method of claim 1, wherein the secure token is a quick response code, wherein the quick response code is physically presented to a second device.
“7. The method of claim 1, wherein the second activity requires a higher level of authentication than the first activity.
“8. A non-transitory computer-readable medium storing instructions that, when executed by a computing system, cause the computing system to perform operations comprising: receiving, from a computing device associated with a user, a secure token to fulfill a first authentication request, wherein the secure token is generated by a user-specific token generator operating on the computing device, wherein the user-specific token generator is associated with an identity of the user and is in a human-readable format; in response to verification that the secure token was generated by the user-specific token generator associated with the identity of the user, authenticating the user to engage in a first activity on a first channel; in response to receiving from the user a second authentication request to engage in a second activity, requesting, from the user, the secure token present at a particular time to fulfill the second authentication request, wherein the secure token requested to fulfill the second authentication request to engage in the second activity is the same secure token that was used to fulfill the first authentication request, wherein the second activity having a different level of authentication than the first activity; and in response to verification that the secure token provided by the user for the second authentication was generated by the user-specific token generator associated with the identity of the user, authenticating the user to engage in the second activity on the first channel.
“9. The non-transitory computer-readable medium of claim 8, wherein the operations further comprise: verifying the identity of the user, wherein verifying the identity of the user comprises: monitoring interactions of the user including browsing behavior with the computing device; determining whether the interactions of the user with the computing device matches, within a predetermined degree of tolerance, expected behavior within a user profile of the user; and in response to the interactions of the user matching the expected behavior within the user profile, verifying the identity of the user.
“10. The non-transitory computer-readable medium of claim 8, wherein the operations further comprise: providing, to the user, a list of secure tokens with time indications.
“11. The non-transitory computer-readable medium of claim 8, wherein the operations further comprise: displaying the secure token on a lock screen of the computing device or storing the secure token in an application installed on the computing device.
“12. The non-transitory computer-readable medium of claim 8, wherein the secure token is dynamic, wherein the first channel is one of: a mobile application, a web portal, a chat room, a voice and data call, or a voice call.
“13. The non-transitory computer-readable medium of claim 8, wherein the secure token is a quick response code, wherein the quick response code is physically presented to a second device.
“14. The non-transitory computer-readable medium of claim 8, wherein the second activity requires a higher level of authentication than the first activity.
“15. A system comprising: one or more processors; and one or more memories storing instructions that, when executed by the one or more processors, cause the system to perform a process comprising: receiving, from a computing device associated with a user, a secure token to fulfill a first authentication request, wherein the secure token is generated by a user-specific token generator operating on the computing device, wherein the user-specific token generator is associated with an identity of the user and is in a human-readable format; in response to verification that the secure token was generated by the user-specific token generator associated with the identity of the user, authenticating the user to engage in a first activity on a first channel; in response to receiving from the user a second authentication request to engage in a second activity, requesting, from the user, the secure token present at a particular time to fulfill the second authentication request, wherein the secure token requested to fulfill the second authentication request to engage in the second activity is the same secure token that was used to fulfill the first authentication request, wherein the second activity having a different level of authentication than the first activity; and in response to verification that the secure token provided by the user for the second authentication was generated by the user-specific token generator associated with the identity of the user, authenticating the user to engage in the second activity on the first channel.
“16. The system according to claim 15, wherein the process further comprises: verifying the identity of the user, wherein verifying the identity of the user comprises: monitoring interactions of the user including browsing behavior with the computing device; determining whether the interactions of the user with the computing device matches, within a predetermined degree of tolerance, expected behavior within a user profile of the user; and in response to the interactions of the user matching the expected behavior within the user profile, verifying the identity of the user.
“17. The system according to claim 15, wherein the process further comprises: providing, to the user, a list of secure tokens with time indications.
“18. The system according to claim 15, wherein the process further comprises: displaying the secure token on a lock screen of the computing device or storing the secure token in an application installed on the computing device.
“19. The system according to claim 15, wherein the secure token is dynamic, wherein the first channel is one of: a mobile application, a web portal, a chat room, a voice and data call, or a voice call.
“20. The system according to claim 15, wherein the second activity requires a higher level of authentication than the first activity.”
URL and more information on this patent, see: Bennett, Jr., Wilbert. Quick-logon for computing device.
(Our reports deliver fact-based news of research and discoveries from around the world.)
Q2 2023 Letter to Shareholders
Findings on Cancer Reported by Investigators at George Washington University (The Influence of Social Determinants On Cancer Screening In a Medicaid Sample): Cancer
Advisor News
- Year-end planning errors retirees should avoid
- Social cultivation: How to talk with wealthy prospects
- How important is a written financial plan?
- Coalition wants to advise people impacted by policy changes in new administration
- Diagnosing miscommunication in retirement planning
More Advisor NewsAnnuity News
Health/Employee Benefits News
- A look at health savings accounts
- Interview | Acting Healthcare Advocate Kathy Holt
- Trump's CDC nominee is the reason pro-life values can't cost health care providers funding
- Health Insurance Sign-Up
- CVS Health cuts 42 more jobs linked to Aetna HQ in Hartford
More Health/Employee Benefits NewsLife Insurance News