Patent Issued for Systems and methods of multi-factor authentication utilizing a vehicle (USPTO 11533614): United Services Automobile Association

2023 JAN 10 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- From Alexandria, Virginia, NewsRx journalists report that a patent by the inventors Dziuk, Janelle (Falls City, TX, US), Osterkamp, Bryan J. (New Braunfels, TX, US), Russell, Ryan (San Antonio, TX, US), Yarbrough, Gregory (San Antonio, TX, US), filed on July 20, 2020, was published online on December 20, 2022.

The patent’s assignee for patent number 11533614 is United Services Automobile Association (San Antonio, Texas, United States).

News editors obtained the following quote from the background information supplied by the inventors: “Authentication is an integral part of a networked system. The networked system has to confirm the legitimacy of a user’s identification claim before allowing the user access to or control over one or more devices in a network. Authentication methods and protocols are therefore used to mitigate various forms of network attacks or otherwise unauthorized use of network resources by malicious actors.

“Current authentication protocols generally employ three types of authentication factors: knowledge factors, ownership factors, and inherence factors. The knowledge factors include something a user knows, such as passwords and personal identification numbers. The ownership factors include something the user has (or possesses), such as identification cards and security tokens. The inherence factors include what the user is, such as fingerprints and retinal scans. Multi-factor authentication protocols may use a combination of these factors and/or a combination of multiple pieces of information (or entries) associated with a single factor. For example, an authentication protocol may prompt a user to enter a password (a knowledge factor) and a code generate by a security token dongle (an ownership factor).

“However, multi-factor authentication protocols that use multiple prompted entries from a user may be cumbersome and inefficient. Sometimes these protocols may be inconvenient and even dangerous for users. For example, a user may make a phone call while driving a vehicle. An authentication protocol may prompt a user to enter an alphanumeric code on the phone or another electronic device, which is extremely inconvenient or potentially dangerous for the user. Some authentication protocols may also require the user to manually enter another alphanumeric code on a graphical user interface on the vehicle. Inputs to the graphical user interfaces integrated in vehicle dashboards may be deactivated while the user is driving.

“As such, a significant improvement upon authentication protocols is required for authenticating a user, particularly while the user is driving.”

As a supplement to the background information on this patent, NewsRx correspondents also obtained the inventors’ summary information for this patent: “What is therefore desired are systems and methods that authenticate a user while the user is driving with minimal physical actions from the user. What is further desired are systems and methods that leverage a trusted/registered vehicle (e.g., a vehicle associated with the user) to authenticate the user.

“Embodiments disclosed herein attempt to solve the aforementioned technical problems and may provide solutions to other technical problems as well. An illustrative authentication server may receive a request to authenticate a user connected from a mobile device (or user device) to an enterprise server. The user may be connected to the enterprise server through a phone call and/or through an application being executed by the mobile device. The authentication server may transmit a request to the mobile device to transmit geolocation data and/or metadata of the mobile device. In response, the mobile device may transmit a stream of geolocation data (e.g., a periodically transmit updated geolocation data) of the mobile device. Based upon the received stream of geolocation data, the authentication server may determine that the mobile device is in motion. More particularly, based upon the rate of change of geolocations as indicated by the stream of geolocation data, the authentication server may determine that the mobile device is more likely in a vehicle and that a vehicle-based authentication method may be utilized. Based upon this determination, the authentication server may request geolocation data of a vehicle associated with the user. In some embodiments, a computer may transmit a request to the mobile device to query and retrieve the vehicle geolocation data and stream the retrieved the geolocation data to the authentication server. In other embodiments, the authentication server may have a communication link to the vehicle and may transmit to the vehicle directly a request to transmit the geolocation data. In response, the vehicle may stream its geolocation data to the authentication server. Regardless of the receipt of the vehicle geolocation data stream, the authentication server may compare the mobile device geolocation data stream and the vehicle geolocation data stream to determine a similarity score. In response to determining that the similarity score is above a threshold, the authentication server may authenticate the user. In some cases, the authentication server may authenticate the user if the mobile device is connected to the vehicle that is associated with the user without necessarily comparing geolocation data streams.

“In an embodiment, a method comprises receiving, by a computer, a first request to authenticate a user connected from a mobile device; transmitting, by the computer, a second request to an application on the mobile device to stream geolocation data of the mobile device; receiving, by the computer, a first stream of geolocation data of the mobile device in response to the second request; selecting, by the computer, a vehicle-based authentication protocol in response to the computer determining that the mobile device is in motion based upon the first stream of geolocation data, the vehicle-based authentication protocol comprising the steps of: transmitting, by the computer, a third request to the application on the mobile device to query and retrieve geolocation data of a vehicle associated with the user; receiving, by the computer from the application on the mobile device, a second stream of geolocation data of the vehicle associated with the user; comparing, by the computer, the first stream and the second stream to determine a similarity score; and authenticating, by the computer, the user in response to the processor determining that the similarity score exceeds a predetermined threshold.

“In another embodiment, a system comprises a non-transitory storage medium configured to store a plurality of computer program instructions; and a processor electrically coupled to the non-transitory storage medium and configured to execute the plurality of computer program instructions to: receive a first request to authenticate a user connected from a mobile device; transmit a second request to an application on the mobile device to stream geolocation data of the mobile device; receive a first stream of geolocation data of the mobile device in response to the second request; select a vehicle-based authentication protocol in response to the processor determining that the mobile device is in motion based upon the first stream of geolocation data, the vehicle-based authentication protocol that causes the processor to: transmit a third request to a vehicle associated user to stream geolocation data of the vehicle; receive a second stream of geolocation data from the vehicle; compare the first stream and the second stream to determine a similarity score; and authenticate the user in response to the computer determining that the similarity score exceeds a predetermined threshold.

“In yet another embodiment, a computer-implemented method comprises receiving, by a computer, a first request to authenticate a user connected from a mobile device; transmitting, by the computer to an application in the mobile device, a second request to retrieve and transmit identifying information of local connections of the mobile device; receiving, by the computer from the application in the mobile device, identifying information of one or more local connections of the mobile device to other proximate devices in response to the second request; determining, by the computer, based upon the identifying information of at least one of the other proximate devices that the mobile device is connected to a vehicle associated with the user; and authenticating, by the computer, the user based upon determining that the mobile device is connected to the vehicle associated with the user.”

The claims supplied by the inventors are:

“1. A method, comprising: receiving, by a computer, a first request via a phone call from a mobile device, wherein the phone call is configured to initiate an authentication process for a user; transmitting, by the computer, a second request to an application on the mobile device to stream geolocation data of the mobile device in response to receiving the first request; receiving, by the computer, a first stream of geolocation data associated with the mobile device from the application in response to transmitting the second request; determining, by the computer, that the mobile device is in motion based on the first stream of geolocation data; and authenticating, by the computer, the user based on a vehicle-based authentication protocol in response to determining that the mobile device is in motion, wherein the vehicle-based authentication protocol is configured to cause the computer to: query a database to identify a vehicle associated with the user based on a phone number that corresponds to the phone call; transmit a third request to the application on the mobile device to retrieve a second stream of geolocation data from a vehicle system associated with the vehicle; receive the second stream of geolocation data from the application, wherein the application is configured to receive the second stream of geolocation data from the vehicle system; and compare the first stream of geolocation data to the second stream of geolocation data.

“2. The method of claim 1, wherein the second stream of geolocation data is received from one or more sensors disposed on the vehicle and wherein authenticating the user comprises: comparing, by the computer, the first stream of geolocation data and the second stream of geolocation data to determine a similarity score; and authenticating, by the computer, the user in response to the computer determining that the similarity score exceeds a predetermined threshold.

“3. The method of claim 2, wherein the one or more sensors are part of a vehicle dashboard system.

“4. The method of claim 3, comprising authenticating the user based on the vehicle-based authentication protocol in response to determining that the mobile device is communicatively coupled to the vehicle dashboard system.

“5. The method of claim 4, wherein the mobile device is communicatively coupled to the vehicle dashboard system via Bluetooth.

“6. A system, comprising: a vehicle dashboard system disposed within a vehicle; a computing device associated with a user; and a server system comprising at least one processor configured to perform operations comprising: receiving a first request via a phone call from a computing device, wherein the phone call is configured to initiate an authentication process for a user; transmitting a second request to an application on the computing device to stream geolocation data of the computing device in response to receiving the first request; receiving a first stream of geolocation data associated with the computing device from the application in response to transmitting the second request; determining that the computing device is in motion based on the first stream of geolocation data; and authenticating the user based on a vehicle-based authentication protocol in response to determining that the computing device is in motion by: querying a database to identify registration data indicative of an association between the vehicle and a phone number that corresponds to the phone call; transmitting a third request to the application to retrieve a second stream of geolocation data from the vehicle dashboard system; receiving the second stream of geolocation data from the application, wherein the application is configured to receive the second stream of geolocation data from the vehicle dashboard system; and comparing the first stream of geolocation data to the second stream of geolocation data.

“7. The system of claim 6, wherein the vehicle dashboard system comprises a display, a microphone, one or more speakers, one or more buttons, one or more processors, or any combination thereof.

“8. The system of claim 7, wherein the second stream of geolocation data is received from one or more sensors that are part of the vehicle dashboard system, and wherein the at least one processor is configured to authenticate the user by: comparing the first stream of geolocation data and the second stream of geolocation data to determine a similarity score; and authenticating the user in response to determining that the similarity score exceeds a predetermined threshold.

“9. The system of claim 7, wherein the phone call is received via a packet-switching network.

“10. The system of claim 7, wherein the at least one processor is configured to determine that the computing device is in motion based on a plurality of geolocations and a plurality of times associated with the computing device, wherein the plurality of geolocations and the plurality of times are part of the first stream of geolocation data.

“11. The system of claim 7, wherein the at least one processor is configured to authenticate the user based on the vehicle-based authentication protocol in response to determining that the computing device is communicatively coupled to the vehicle dashboard system.

“12. The system of claim 11, wherein the computing device is communicatively coupled to the vehicle dashboard system via Bluetooth.

“13. A non-transitory computer-readable medium comprising computer-executable instructions that, when executed, are configured to cause one or more processors to perform operations comprising: receiving a first request via a phone call from a computing device, wherein the phone call is configured to initiate an authentication process for a user; transmitting a second request to an application on the computing device to stream geolocation data of the computing device in response to receiving the first request; receiving a first stream of geolocation data associated with the computing device from the application in response to transmitting the second request; determining that the computing device is in motion based on the first stream of geolocation data; and authenticating the user based on a vehicle-based authentication protocol in response to determining that the computing device is in motion, wherein the vehicle-based authentication protocol is configured to cause the one or more processors to perform the operations comprising: querying a database to identify a vehicle associated with the user based on a phone number that corresponds to the phone call; transmitting a third request to the application on the computing device to retrieve a second stream of geolocation data from a vehicle system associated with the vehicle; receiving the second stream of geolocation data from the application, wherein the application is configured to receive the second stream of geolocation data from the vehicle system; and comparing the first stream of geolocation data to the second stream of geolocation data.

“14. The non-transitory computer-readable medium of claim 13, wherein the computer-executable instructions that, when executed, are configured to cause one or more processors to determine that the computing device is in motion based on a plurality of geolocations and a plurality of times associated with the computing device, wherein the plurality of geolocations and the plurality of times are part of the first stream of geolocation data.

“15. The non-transitory computer-readable medium of claim 13, wherein the computer-executable instructions that, when executed, are configured to cause one or more processors to perform the operations comprising: receiving the second stream of geolocation data from one or more sensors that are part of the vehicle system disposed in the vehicle, and wherein authenticating the user comprises: comparing the first stream of geolocation data and the second stream of geolocation data to determine a similarity score; and authenticating the user in response to determining that the similarity score exceeds a predetermined threshold.”

For additional information on this patent, see: Dziuk, Janelle. Systems and methods of multi-factor authentication utilizing a vehicle. U.S. Patent Number 11533614, filed July 20, 2020, and published online on December 20, 2022. Patent URL (for desktop use only): https://ppubs.uspto.gov/pubwebapp/external.html?q=(11533614)&db=USPAT&type=ids

(Our reports deliver fact-based news of research and discoveries from around the world.)