Enhanced secure authentication
First Claim
1. A method for authenticating a user of a mobile electronic computing device to perform one or more operations on a first electronic computing device, the method comprising:
- on the first electronic computing device, receiving a first request to access the first electronic computing device;
in response to the first request to access, sending a first identifier to the mobile electronic computing device;
receiving a second identifier from a second electronic computing device, the second electronic computing device being different from the mobile electronic computing device;
when the first identifier matches the second identifier, calculating a first trust score for the user;
when the first trust score is equal to or greater than a first threshold, authenticating the user to login to the first electronic computing device;
receiving a second request to perform an operation on the first electronic computing device;
when a determination is made that the first trust score is not high enough to permit the user to perform the operation;
sending a third request to the mobile electronic computing device for the user to respond to one or more first questions;
receiving from the mobile electronic computing device user answers to the one or more first questions; and
based on the first trust score and the user answers to the one or more first questions, calculating a second trust score for the user; and
when the second trust score is greater than or equal to a second threshold, the second threshold being higher than the first threshold, permitting the user to perform the operation.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for authenticating a user of a mobile electronic computing device to perform operations on a first electronic computing device includes receiving a request to access the first electronic computing device. In response to the request to access, a first identifier is sent to the mobile electronic computing device. A second identifier is received from a second electronic computing device. The second electronic computing device is different from the mobile electronic computing device. A determination is made as to whether the first identifier matches the second identifier. When the first identifier matches the second identifier, a trust score is calculated for the user. A determination is made as to whether the trust score is equal to or greater than a threshold. When the trust score is equal to or greater than the threshold, the user is authenticated to login to the first electronic computing device.
69 Citations
17 Claims
-
1. A method for authenticating a user of a mobile electronic computing device to perform one or more operations on a first electronic computing device, the method comprising:
-
on the first electronic computing device, receiving a first request to access the first electronic computing device; in response to the first request to access, sending a first identifier to the mobile electronic computing device; receiving a second identifier from a second electronic computing device, the second electronic computing device being different from the mobile electronic computing device; when the first identifier matches the second identifier, calculating a first trust score for the user; when the first trust score is equal to or greater than a first threshold, authenticating the user to login to the first electronic computing device; receiving a second request to perform an operation on the first electronic computing device; when a determination is made that the first trust score is not high enough to permit the user to perform the operation; sending a third request to the mobile electronic computing device for the user to respond to one or more first questions; receiving from the mobile electronic computing device user answers to the one or more first questions; and based on the first trust score and the user answers to the one or more first questions, calculating a second trust score for the user; and when the second trust score is greater than or equal to a second threshold, the second threshold being higher than the first threshold, permitting the user to perform the operation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A first electronic computing device comprising:
-
a processing unit; and system memory, the system memory including instructions which, when executed by the processing unit, cause the first electronic computing device to; receive a request to login to the first electronic computing device; in response to the request to login, send a first token to a mobile electronic computing device; receive a second token from a second electronic computing device associated with an embedded sensor; when the first unique identifier in the first token matches a second unique identifier in the second token, calculating a first trust score for a user; when the first trust score is equal to or greater than a threshold, authenticating the user to login to the first electronic computing device; when the first trust score is less than the threshold, further comprising; send a first request to the mobile electronic computing device for the user to respond to one or more first questions; receive from the mobile electronic computing device user answers to the one or more first questions; based on the first trust score and the user answers to the one or more first questions, calculate a second trust score for the user; when the second trust score is greater or equal than the threshold, authenticating the user to login to the first electronic computing device; and when the second trust score is less than the threshold; send a second request to the mobile electronic computing device for the user to respond to one or more second questions, the one or more second questions having answers pre-recorded by the user; receive a voice response from the user for each the one or more second questions; compare the voice response with the answers pre-recorded by the user; revise the second trust score based on the comparing to calculate a third trust score; and when the third trust score is greater than or equal to the threshold, authenticate the user to login to the first electronic computing device. - View Dependent Claims (14, 15, 16)
-
-
17. A first electronic computing device comprising:
-
a processing unit; and system memory, the system memory including instructions which, when executed by the processing unit, cause the first electronic computing device to; receive a first request from a mobile electronic computing device to login to the first electronic computing device; determine a first threshold for a first authentication trust score for logging onto the first electronic computing device; calculate the first authentication trust score, the first authentication trust score being based on a current location of a user and a profile for the user; when a determination is made that the first authentication trust score is greater than or equal to the first threshold, permit the user to login to the first electronic computing device; receive a second request from the mobile electronic computing device to perform an operation on an application running on the first electronic computing device; identify the operation to be performed; determine a second threshold for an authentication trust score for performing the operation, the second threshold being based on a type of the operation to be performed, the second threshold being equal to or greater than the first threshold; when a determination is made that the first authentication trust score is greater than or equal to the second threshold, permit the user to perform the operation; when a determination is made that the first authentication trust score is less than the second threshold; send a third request to the mobile electronic computing device for the user to respond to one or more first questions, the one or more first questions being personalized questions based on recent activity of the user; receive from the mobile electronic computing device user answers to the one or more first questions; based on the first authentication trust score and the user answers to the one or more first questions, calculate a second authentication trust score for the user; when a determination is made that the second authentication trust score is greater than or equal to the second threshold, permit the user to perform the operation; and when the second authentication trust score is less than the second threshold; send a fourth request to the mobile electronic computing device for the user to respond to one or more second questions, the one or more second questions having answers pre-recorded by the user; receive from the mobile electronic computing device a voice response for each of the one or more second questions; compare the voice response with the answers pre-recorded by the user; based on the second authentication trust score and the voice response to the one or more second questions, calculate a third authentication trust score for the user; and when a determination is made that the third authentication trust score is greater than or equal to the second threshold, permit the user to perform the operation.
-
Specification