Authentication using dynamic verbal questions based on social and geospatial history

US 10,070,314 B2
Filed: 11/28/2017
Issued: 09/04/2018
Est. Priority Date: 05/02/2016
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a user who requests an access to a device, the method comprising the steps of:

receiving, by a hardware processor of the device, a request to authenticate the user who is requesting the access to the device;

in response to the step of receiving the request to authenticate, polling, by the processor, for historical data that includes (1) social media interactions that specify a person authorized to access the device and (2) geolocations of the person;

automatically generating, by the processor, a question that is relevant to a social media interaction included in the social media interactions, a geolocation included in the geolocations, or a combination of the social media interaction and the geolocation of the person authorized to access the device;

receiving, by the processor, a digital representation of a voice that provided an answer to the question, the digital representation of the voice being generated and stored in an audio file format by a digital audio technology coupled to the hardware processor, and the voice being spoken by the user who is requesting access to the device;

based on the received digital representation of the voice that provided the answer, verifying, by the processor, that the voice that provided the answer matches a voice of the person authorized to access the device;

determining, by the processor, that the answer to the question is correct;

based on (1) the voice that provided the answer matching the voice of the person authorized to access the device and (2) the answer being correct, authenticating, by the processor of the device, the user and granting to the authenticated user the access to the device;

receiving, by the processor, a first period of time during which a first portion of the historical data that includes the geolocations is collected; and

receiving, by the processor, a second period of time during which a second portion of the historical data that includes the social media interactions is collected,wherein the step of polling for the historical data includes polling first data indicating geolocations whose timestamps indicate locations of the person authorized to access the device within the first time period and polling second data indicating social media interactions whose timestamps indicate interactions within the second time period.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An approach is provided for authenticating a user. Geolocations are collected during a first time period and social media interactions are collected during a second time period. Historical data is polled which indicates (1) geolocations whose timestamps indicate locations of a person authorized to access the device within the first time period and (2) social media interactions whose timestamps indicate interactions of the person within the second time period. A question is generated to be relevant to a social media interaction and/or a geolocation included in the historical data. The voice of the user who provided an answer to the question is verified as matching a voice of the person authorized to access the device. The answer is determined to be correct. Based on the matching voices and the answer being correct, the user is authenticated and access to the device by the user is granted.

Citations

16 Claims

1. A method of authenticating a user who requests an access to a device, the method comprising the steps of:
- receiving, by a hardware processor of the device, a request to authenticate the user who is requesting the access to the device;
  
  in response to the step of receiving the request to authenticate, polling, by the processor, for historical data that includes (1) social media interactions that specify a person authorized to access the device and (2) geolocations of the person;
  
  automatically generating, by the processor, a question that is relevant to a social media interaction included in the social media interactions, a geolocation included in the geolocations, or a combination of the social media interaction and the geolocation of the person authorized to access the device;
  
  receiving, by the processor, a digital representation of a voice that provided an answer to the question, the digital representation of the voice being generated and stored in an audio file format by a digital audio technology coupled to the hardware processor, and the voice being spoken by the user who is requesting access to the device;
  
  based on the received digital representation of the voice that provided the answer, verifying, by the processor, that the voice that provided the answer matches a voice of the person authorized to access the device;
  
  determining, by the processor, that the answer to the question is correct;
  
  based on (1) the voice that provided the answer matching the voice of the person authorized to access the device and (2) the answer being correct, authenticating, by the processor of the device, the user and granting to the authenticated user the access to the device;
  
  receiving, by the processor, a first period of time during which a first portion of the historical data that includes the geolocations is collected; and
  
  receiving, by the processor, a second period of time during which a second portion of the historical data that includes the social media interactions is collected,wherein the step of polling for the historical data includes polling first data indicating geolocations whose timestamps indicate locations of the person authorized to access the device within the first time period and polling second data indicating social media interactions whose timestamps indicate interactions within the second time period.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising the step of receiving, by the processor, a permission to receive data being shared from a social media account of another user, wherein the data being shared includes the social media interaction, wherein the step of polling for the historical data includes polling the data in the social media account of the other user based on the received permission, and wherein the step of automatically generating the question includes generating the question so that the question is relevant to the social media interaction included in the data being shared from the social media account of the other user.
  - 3. The method of claim 1, further comprising the steps of:
    - receiving, by a processor, a second request to authenticate a third party who is requesting a second access to the device, the third party being different from the user;
      
      in response to the step of receiving the second request to authenticate, polling, by the processor, for the historical data;
      
      automatically generating, by the processor, a second question that is relevant to a second social media interaction included in the social media interactions, a second geolocation included in the geolocations, or a combination of the second social media interaction and the second geolocation of the person authorized to access the device;
      
      receiving, by the processor, a second digital representation of a second voice providing an answer to the second question;
      
      based on the received digital representation of the second voice providing the answer to the second question, verifying, by the processor, that the second voice matches a voice of a second person authorized to access a proper subset of a full set of functions of the device;
      
      determining, by the processor, that the answer to the second question is correct;
      
      based on (1) the second voice matching the voice of the second person and (2) the answer to the second question being correct, authenticating, by the processor, the third party and granting to the authenticated third party the second access to the device, wherein the authenticated access to the device by the user is an access to the full set of functions of the device, and wherein the authenticated second access to the device by the third party is an access to the proper subset of the full set of functions of the device.
  - 4. The method of claim 1, further comprising the steps of:
    - receiving, by the processor, a number which indicates a number of questions, the number being configured by the user;
      
      receiving, by the processor, types of the questions, the types being configured by the user;
      
      automatically generating, by the processor, a set of one or more questions which includes the question, the set of one or more questions having a quantity of questions equal to the received number and having kinds of questions that match the received types;
      
      based on the received digital representation of the voice, determining, by the processor, that the user provided one or more answers to the one or more questions; and
      
      determining, by the processor, that the one or more answers provided by the user are correct, wherein the step of authenticating the user is based in part on the user having provided the correct one or more answers to the one or more questions.
  - 5. The method of claim 1, further comprising the step of determining, by the processor, a name of a place specified by the geolocation, wherein the step of automatically generating the question includes generating the question so that the question relates the name of the place to a time when the person arrived at the place, a time when the person departed the place, or an amount of time the person spent at the place.
  - 6. The method of claim 1, further comprising the step of:
    - providing at least one support service for at least one of creating, integrating, hosting, maintaining, and deploying computer-readable program code in the computer, the program code being executed by a processor of the computer to implement the steps of receiving the request to authenticate, polling for the historical data, automatically generating the question, receiving the digital representation of the voice, determining that the voice that provided the answer matches the voice of the person authorized to access the computer system, determining that the answer to the question is correct, authenticating the user, granting the access to the device, receiving the first period of time, and receiving the second period of time.

7. A computer program product, comprising:
- a computer-readable storage medium; and
  
  a computer-readable program code stored in the computer-readable storage medium, the computer-readable program code containing instructions that are executed by a central processing unit (CPU) of a computer system to implement a method of authenticating a user who requests an access to the computer system, the method comprising the steps of;
  
  receiving, by the computer system, a request to authenticate the user who is requesting the access to the computer system;
  
  in response to the step of receiving the request to authenticate, polling, by the computer system, for historical data that includes (1) social media interactions that specify a person authorized to access the computer system and (2) geolocations of the person;
  
  automatically generating, by the computer system, a question that is relevant to a social media interaction included in the social media interactions, a geolocation included in the geolocations, or a combination of the social media interaction and the geolocation of the person authorized to access the computer system;
  
  receiving, by the computer system, a digital representation of a voice that provided an answer to the question, the digital representation of the voice being generated and stored in an audio file format by a digital audio technology coupled to the CPU, and the voice being spoken by the user who is requesting access to the computer system;
  
  based on the received digital representation of the voice that provided the answer, verifying, by the computer system, that the voice that provided the answer matches a voice of the person authorized to access the computer system;
  
  determining, by the computer system, that the answer to the question is correct;
  
  based on (1) the voice that provided the answer matching the voice of the person authorized to access the computer system and (2) the answer being correct, authenticating, by the computer system, the user and granting to the authenticated user the access to the computer system;
  
  receiving, by the computer system, a first period of time during which a first portion of the historical data that includes the geolocations is collected; and
  
  receiving, by the computer system, a second period of time during which a second portion of the historical data that includes the social media interactions that specify the user is collected,wherein the step of polling for the historical data includes polling first data indicating geolocations whose timestamps indicate locations of the person authorized to access the computer system within the first time period and polling second data indicating social media interactions whose timestamps indicate interactions within the second time period.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The computer program product of claim 7, further comprising the step of receiving, by the computer system, a permission to receive data being shared from a social media account of another user, wherein the data being shared includes the social media interaction, wherein the step of polling for the historical data includes polling the data being shared from the social media account of the other user based on the received permission, and wherein the step of automatically generating the question includes generating the question so that the question is relevant to the social media interaction included in the data being shared from the social media account of the other user.
  - 9. The computer program product of claim 7, further comprising the steps of:
    - receiving, by the computer system, a permission to receive data that includes a geolocation of another user;
      
      based on the received permission, polling, by the computer system, the data that includes the geolocation of the other user; and
      
      determining a match between the geolocation of the person authorized to access the computer system and the geolocation of the other user and between a first timestamp of the geolocation of the person and a second timestamp of the geolocation of the other user,wherein the step of automatically generating the question includes generating the question so that the question is relevant to the person and the other user having visited a location together at one time, wherein the location is specified by the matching geolocations of the person and the other user, and wherein the one time is specified by the matching first and second timestamps.
  - 10. The computer program product of claim 7, further comprising the steps of:
    - receiving, by the computer system, a second request to authenticate a third party who is requesting a second access to the computer system, the third party being different from the user;
      
      in response to the step of receiving the second request to authenticate, polling, by the computer system, for the historical data;
      
      automatically generating, by the computer system, a second question that is relevant to a second social media interaction included in the social media interactions, a second geolocation included in the geolocations, or a combination of the second social media interaction and the second geolocation of the person authorized to access the computer system;
      
      receiving, by the computer system, a second digital representation of a second voice providing an answer to the second question;
      
      based on the received digital representation of the voice providing the answer to the second question, verifying, by the computer system, that the second voice matches a voice of a second person authorized to access a proper subset of a full set of functions of the computer system;
      
      determining, by the computer system, that the answer to the second question is correct;
      
      based on (1) the second voice matching the voice of the second person and (2) the answer to the second question being correct, authenticating, by the computer system, the third party and granting to the authenticated third party the second access to the computer system, wherein the access to the computer system by the authenticated user is an access to the full set of functions of the computer system, and wherein the second access to the computer system by the authenticated third party is an access to the proper subset of the full set of the functions of the computer system.
  - 11. The computer program product of claim 7, further comprising the steps of:
    - receiving, by the computer system, a number which indicates a number of questions, the number being configured by the user;
      
      receiving, by the computer system, types of the questions, the types being configured by the user;
      
      automatically generating, by the computer system, a set of one or more questions which includes the question, the set of one or more questions having a quantity of questions equal to the received number and having kinds of questions that match the received types;
      
      based on the received digital representation of the voice, determining, by the computer system, that the user provided one or more answers to the one or more questions; and
      
      determining, by the computer system, that the one or more answers provided by the user are correct, wherein the step of authenticating the user is based in part on the user having provided the correct one or more answers to the one or more questions.

12. A computer system comprising:
- a central processing unit (CPU);
  
  a memory coupled to the CPU;
  
  a digital audio system coupled to the CPU; and
  
  a computer readable storage device coupled to the CPU, the storage device containing instructions that are executed by the CPU via the memory to implement a method of authenticating a user who requests an access to the computer system, the method comprising the steps of;
  
  receiving, by the computer system, a request to authenticate the user who is requesting the access to the computer system;
  
  in response to the step of receiving the request to authenticate, polling, by the computer system, for historical data that includes (1) social media interactions that specify a person authorized to access the computer system and (2) geolocations of the person;
  
  automatically generating, by the computer system, a question that is relevant to a social media interaction included in the social media interactions, a geolocation of the user included in the geolocations, or a combination of the social media interaction and the geolocation of the user of the person authorized to access the computer system;
  
  receiving, by the computer system, a digital representation of a voice that provided an answer to the question, the digital representation of the voice being generated and stored in an audio file format by the digital audio system, and the voice being spoken by the user who is requesting the access to the computer system;
  
  based on the received digital representation of the voice that provided the answer, verifying, by the computer system, that the voice that provided the answer matches a voice of the person authorized to access the computer system;
  
  determining, by the computer system, that the answer to the question is correct;
  
  based on (1) the voice that provided the answer matching the voice of the person authorized to access the computer system and (2) the answer being correct, authenticating, by the computer system, the user and granting to the authenticated user the access to the computer system;
  
  receiving, by the computer system, a first period of time during which a first portion of the historical data that includes the geolocations is collected; and
  
  receiving, by the computer system, a second period of time during which a second portion of the historical data that includes the social media interactions that specify the user is collected,wherein the step of polling for the historical data includes polling first data indicating the geolocations whose timestamps indicate locations of the user within the first time period and polling second data indicting the social media interactions whose timestamps indicate interactions within the second time period.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The computer system of claim 12, further comprising the step of receiving, by the computer system, a permission to receive data being shared from a social media account of another user, wherein the data being shared includes the social media interaction, wherein the step of polling for the historical data includes polling the data in the social media account of the other user based on the received permission, and wherein the step of automatically generating the question includes generating the question so that the question is relevant to the social media interaction included in the data being shared from the social media account of the other user.
  - 14. The computer system of claim 12, further comprising the steps of:
    - receiving, by the computer system, a permission to receive data that includes a geolocation of another user;
      
      based on the received permission, polling, by the computer system, the data that includes the geolocation of the other user; and
      
      determining a match between the geolocation of the person and the geolocation of the other user and between a first timestamp of the geolocation of the person and a second timestamp of the geolocation of the other user,wherein the step of automatically generating the question includes generating the question so that the question is relevant to the person and the other user having visited a location together at one time, wherein the location is specified by the matching geolocations of the person and the other user, and wherein the one time is specified by the matching first and second timestamps.
  - 15. The computer system of claim 12, further comprising the steps of:
    - receiving, by a computer system, a second request to authenticate a third party who is requesting a second access to the computer system, the third party being different from the user;
      
      in response to the step of receiving the second request to authenticate, polling, by the computer system, for the historical data;
      
      automatically generating, by the computer system, a second question that is relevant to a second social media interaction included in the social media interactions, a second geolocation included in the geolocations, or a combination of the second social media interaction and the second geolocation of the user of the person authorized to access the computer system;
      
      receiving, by the computer system, a second digital representation of a second voice providing an answer to the second question;
      
      based on the received digital representation of the second voice providing the answer to the second question, verifying, by the computer system, that the second voice matches a voice of a second person authorized to access a proper subset of a full set of functions of the computer system;
      
      determining, by the computer system, that the answer to the second question is correct;
      
      based on (1) the second voice matching the voice of the second person and (2) the answer to the second question being correct, authenticating, by the computer system, the third party and granting to the authenticated third party the second access to the computer system, wherein the access to the computer system by the user is an access to the full set of functions of the computer system, and wherein the second access to the computer system by the third party is an access to the proper subset of the full set of the functions of the computer system.
  - 16. The computer system of claim 12, further comprising the steps of:
    - receiving, by the computer system, a number which indicates a number of questions and the number being configured by the user;
      
      receiving, by the computer system, types of the questions, the types being configured by the user;
      
      automatically generating, by the computer system, a set of one or more questions which includes the question, the set of one or more questions having a quantity of questions equal to the received number and having kinds of questions that match the received types;
      
      based on the received digital representation of the voice, determining, by the computer system, that the user provided one or more answers to the one or more questions; and
      
      determining, by the computer system, that the one or more answers provided by the user are correct, wherein the step of authenticating the user is based in part on the user having provided the correct one or more answers to the one or more questions.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AirBNB Incorporated
Original Assignee
International Business Machines Corporation
Inventors
Bender, Michael, Nachman, David E., Shute, Michael P.
Primary Examiner(s)
Zewdu, Meless

Application Number

US15/823,793
Publication Number

US 20180084423A1
Time in Patent Office

280 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/316   by observing the pattern of...

G06F 21/32   using biometric data, e.g. ...

G06F 21/6218   to a system of files or obj...

G06F 2221/2103   Challenge-response

H04L 63/0861   using biometrical features,...

H04L 63/107   wherein the security polici...

H04L 63/108   when the policy decisions a...

H04L 9/3231   Biological data, e.g. finge...

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/30   Security of mobile devices;...

H04W 12/61   Time-dependent

H04W 12/63   Location-dependent; Proximi...

H04W 4/02   Services making use of loca...

H04W 4/029   Location-based management o...

Authentication using dynamic verbal questions based on social and geospatial history

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication using dynamic verbal questions based on social and geospatial history

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links