Device, system, and method of recovery and resetting of user authentication factor
First Claim
Patent Images
1. A method comprising:
- (AA) monitoring input-user interactions of a user, that utilizes an electronic device to access a computerized service;
(BB) analyzing said input-user interactions, and identifying a particular word that the user typed multiple times in a user-specific typing manner;
subsequently,(CC) determining that a current user, that (i) fails to perform an authentication process for accessing said computerized service or (ii) requests to perform a reset process for a user-authentication factor of said computerized service, is a genuine user that is authorized to reset said user-authentication factor of said computerized service, by performing;
(a) constructing a unique multiple-word phrase, which comprises (i) said particular word that was identified in step (BB), and also (ii) one or more other words; and
presenting to the current user a fresh task that requires the current user to type said unique multiple-word phrase;
(b) monitoring a fresh manner in which the current user types said unique multiple-word phrase;
(c) determining whether or not fresh typing of said unique multiple-word phrase as monitored in step (b), exhibits during typing of said particular word the user-specific typing manner that was identified in step (BB) during repeated previous typing of said particular word;
(d) if the determining of step (c) is positive, then determining that the current user is the genuine user that is authorized to reset said user-authentication factor of said service.
6 Assignments
0 Petitions
Accused Products
Abstract
Devices, systems, and methods of password recovery and password reset, as well as resetting or recovering other types of user-authentication factor. A system monitors and tracks user-interactions that are performed by a user of an electronic device or a computerized service. The system defines a user-specific task or challenge, in which the user is requested to enter a phrase or perform a task. A user-specific feature is extracted from the manner in which the user performs the task. Subsequently, that user-specific feature is utilized instead of a security question, in order to verify the identity of the user and to allow the user to perform password reset or to perform a reset of another user-authentication factor; by presenting to the user the same task or a similar task, and monitoring the manner in which the user performs the fresh task.
-
Citations
7 Claims
-
1. A method comprising:
-
(AA) monitoring input-user interactions of a user, that utilizes an electronic device to access a computerized service; (BB) analyzing said input-user interactions, and identifying a particular word that the user typed multiple times in a user-specific typing manner; subsequently, (CC) determining that a current user, that (i) fails to perform an authentication process for accessing said computerized service or (ii) requests to perform a reset process for a user-authentication factor of said computerized service, is a genuine user that is authorized to reset said user-authentication factor of said computerized service, by performing; (a) constructing a unique multiple-word phrase, which comprises (i) said particular word that was identified in step (BB), and also (ii) one or more other words; and
presenting to the current user a fresh task that requires the current user to type said unique multiple-word phrase;(b) monitoring a fresh manner in which the current user types said unique multiple-word phrase; (c) determining whether or not fresh typing of said unique multiple-word phrase as monitored in step (b), exhibits during typing of said particular word the user-specific typing manner that was identified in step (BB) during repeated previous typing of said particular word; (d) if the determining of step (c) is positive, then determining that the current user is the genuine user that is authorized to reset said user-authentication factor of said service. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeBiocatch Ltd.
-
Original AssigneeBiocatch Ltd.
-
InventorsTurgeman, Avi
-
Primary Examiner(s)Rahim, Monjur
-
Application NumberUS15/182,624Publication NumberTime in Patent Office923 DaysField of Search726 26US Class CurrentCPC Class CodesG06F 21/31 User authenticationG06F 21/316 by observing the pattern of...G06F 21/32 using biometric data, e.g. ...G06F 2221/2103 Challenge-responseG06F 2221/2131 Lost password, e.g. recover...G06F 2221/2133 Verifying human interaction...G06F 3/0481 based on specific propertie...G06F 3/04842 Selection of displayed obje...G06F 3/0486 Drag-and-dropG06F 3/04886 by partitioning the display...G07C 9/33 by means of a passwordH04L 63/0428 wherein the data content is...H04L 63/083 using passwords cryptograph...H04L 63/0861 using biometrical features,...H04L 63/102 Entity profilesH04L 63/1408 by monitoring network traff...
