Efficient logon

US 10,013,544 B1
Filed: 08/19/2016
Issued: 07/03/2018
Est. Priority Date: 04/30/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

detecting a plurality of devices within a detectable range of an enterprise device using at least one of near-field communications, radio frequency identification, or Bluetooth;

selecting a user profile from a plurality of user profiles associated with the plurality of devices to determine an authentication challenge for access to one or more enterprise services, wherein selecting the user profile is based on characteristics of the plurality of user profiles,wherein the user profile indicates the authentication challenge for access to the one or more enterprise services using the enterprise device, and wherein selecting the user profile from the plurality of user profiles based on the characteristics of the plurality of user profiles comprises determining which user profile indicates that the enterprise device is a primary enterprise device of the user profile;

requesting authentication information based on the authentication challenge indicated in the user profile;

receiving the authentication information;

verifying the authentication information; and

granting, to a user associated with the device, the access to the one or more enterprise services when the authentication information has been successfully verified.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for efficiently logging in or onto a computer system or other restricted system are described. An enterprise device may detect that a user device is within a detectable range of the user device. A user profile associated with the user device may be identified. The user and/or the user device may provide authentication information to the enterprise device, and the user may be granted access when the authentication information has been verified.

Citations

19 Claims

1. A method comprising:
- detecting a plurality of devices within a detectable range of an enterprise device using at least one of near-field communications, radio frequency identification, or Bluetooth;
  
  selecting a user profile from a plurality of user profiles associated with the plurality of devices to determine an authentication challenge for access to one or more enterprise services, wherein selecting the user profile is based on characteristics of the plurality of user profiles,wherein the user profile indicates the authentication challenge for access to the one or more enterprise services using the enterprise device, and wherein selecting the user profile from the plurality of user profiles based on the characteristics of the plurality of user profiles comprises determining which user profile indicates that the enterprise device is a primary enterprise device of the user profile;
  
  requesting authentication information based on the authentication challenge indicated in the user profile;
  
  receiving the authentication information;
  
  verifying the authentication information; and
  
  granting, to a user associated with the device, the access to the one or more enterprise services when the authentication information has been successfully verified.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein the user profile further indicates access levels, wherein the authentication challenge is defined at least in part by the access levels.
  - 3. The method of claim 1, wherein the authentication information includes:
    - authentication information associated with the user and received from the user; and
      
      authentication information associated with the device and received from the device.
  - 4. The method of claim 1, wherein the authentication information is received using one or more of a microphone, fingerprint scanner, camera, video camera, touch surface, keyboard, or motion sensor.
  - 5. The method of claim 1, wherein the device is enabled with short-range communication capabilities, wherein the device is one of an identification card, tablet computer, personal device monitor, or a mobile device, wherein the enterprise device is one of an automated transaction machine (“
    - ATM”
      
      ), tablet computer, desktop computer, mobile device, or a laptop computer.
  - 6. The method of claim 1, further comprising:
    - detecting that the device is no longer within the detectable range of the enterprise device; and
      
      taking an action after a period of time of detecting that the device is no longer within the detectable range of the enterprise device.
  - 7. The method of claim 6, wherein the action is one of logging the user off the enterprise device, locking the enterprise device, or shutting down the enterprise device.
  - 8. The method of claim 6, wherein the action is determined by a time of a day or a day of a month.
  - 9. The method of claim 1, wherein the authentication information includes at least one of biometric data, a password, a public key certification, token, or a personal identification number.
  - 10. The method of claim 1, wherein the authentication information comprises one of a personal identification number or a password, andwherein the method further comprises:
    - receiving an identifier from the device.
  - 11. The method of claim 10, wherein the identifier is at least one of:
    - a public key infrastructure certificate, a one-time token, unique device identifier, or a device fingerprint, and wherein the identifier is used in connection with the personal identification number or password to validate the user.
  - 12. The method of claim 1, wherein the method further comprises:
    - displaying, on the enterprise device, an indicator of the plurality of devices that are detected.
  - 13. The method of claim 1, wherein the characteristics include historical logons to the enterprise device.
  - 14. The method of claim 1, wherein verifying the authentication information comprises:
    - submitting, to a third party, the authentication information; and
      
      receiving, from the third party, verification of the authentication information.

15. A non-transitory computer-readable storage medium containing a set of instructions that, when executed by one or more processors, cause a machine to:
- detect a plurality of devices within a detectable range of an enterprise device using at least one of near-field communications, radio frequency identification, or Bluetooth;
  
  select a user profile from a plurality of user profiles associated with the plurality of devices to determine an authentication challenge for access to one or more enterprise services, wherein selecting the user profile is based on characteristics of the plurality of user profiles,wherein the user profile indicates the authentication challenge for access to the one or more enterprise services using the enterprise device, and wherein selecting the user profile from the plurality of user profiles based on the characteristics of the plurality of user profiles comprises determining which user profile indicates that the enterprise device is a primary enterprise device of the user profile;
  
  request authentication information based on the authentication challenge indicated in the user profile;
  
  receive the authentication information;
  
  verify the authentication information; and
  
  grant, to a user associated with the device, the access to the one or more enterprise services when the authentication information has been successfully verified.
- View Dependent Claims (16, 17)
- - 16. The non-transitory computer-readable storage medium of claim 15, wherein the authentication information includes:
    - authentication information associated with the user and received from the user; and
      
      authentication information associated with the device and received from the device.
  - 17. The non-transitory computer-readable storage medium of claim 15, wherein the set of instructions, when executed by the one or more processors, further cause the machine to:
    - detect that the device is no longer within the detectable range of the enterprise device; and
      
      take an action after a period of time of detecting that the device is no longer within the detectable range of the enterprise device, wherein the action is one of logging the user off the enterprise device, locking the enterprise device, or shutting down the enterprise device.

18. A system comprising:
- a database comprising;
  
  a plurality of user profiles associated with a plurality of devices, the plurality of user profiles including authentication information and authentication challenges;
  
  a detection module configured to;
  
  receive signals from the plurality of devices located within a detectable range of an enterprise device, wherein the signals identify the plurality of devices located within the detectable range of the enterprise device;
  
  a user profile module configured to;
  
  access, from the database, the plurality of user profiles associated with the identified plurality of devices, andselect a user profile from the plurality of user profiles to determine an authentication challenge for access to one or more enterprise services, wherein selecting the user profile is based on characteristics of the plurality of user profiles, and wherein selecting the user profile from the plurality of user profiles based on the characteristics of the plurality of user profiles comprises determining which user profile indicates that the enterprise device is a primary enterprise device of the user profile;
  
  an authentication request module configured to;
  
  request authentication information based on the authentication challenges indicated in the user profile,receive the authentication information, andverify the authentication information; and
  
  a logon module configured to;
  
  grant access to the one or more enterprise services when the authentication information has been successfully verified.
- View Dependent Claims (19)
- - 19. The system of claim 18, wherein the characteristics include historical logons to the enterprise device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
United Services Automobile Association
Original Assignee
United Services Automobile Association
Inventors
Mortensen, Maland Keith, Buckingham, Thomas Bret, Fernandez, Gabriel Carlos, Casillas, Debra Randall
Primary Examiner(s)
Hirl, Joseph P
Assistant Examiner(s)
Murphy, J. Brant

Application Number

US15/241,182
Time in Patent Office

683 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/316   by observing the pattern of...

G06F 21/32   using biometric data, e.g. ...

G06F 21/35   communicating wirelessly

G06F 21/40   by quorum, i.e. whereby two...

G06F 2221/2111   Location-sensitive, e.g. ge...

Efficient logon

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Efficient logon

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links