Public authentication systems and methods
First Claim
1. An authentication system for electronic data, comprising:
- a backend system, comprising;
non-volatile storage storing;
the electronic data, wherein permission to perform actions on the electronic data is limited to a user or set of users; and
a set of user profiles, wherein at least one of the set of user profiles comprises a user profile associated with the user or the set of users; and
at least one hardware-based processor configured to;
receive, from a client system, a request to perform an action on the electronic data;
receive primary authentication information and secondary authentication information, from the client system, a secondary device, or both;
authenticate the request by;
identifying a user profile associated with the primary authentication information;
determining whether the user profile associated with the primary authentication information is associated with the user or set of users;
determining whether the primary authentication information matches expected primary authentication of the user profile associated with the primary authentication information; and
determining whether the secondary authentication information matches or sufficiently overlaps with expected secondary authentication information of the user profile;
determining the request is authenticated when;
the user profile associated with the primary authentication information is associated with the user or set of users;
the primary authentication information matches the expected primary authentication of the user profile associated with the primary authentication information; and
the secondary authentication information matches or sufficiently overlaps with the expected secondary authentication information of the user profile; and
determining the request is not authenticated when;
the user profile associated with the primary authentication information is not associated with the user or set of users;
the primary authentication information does not match the expected primary authentication of the user profile associated with the primary authentication information;
orthe secondary authentication information does not match or sufficiently overlap the expected secondary authentication information of the user profile; and
when the request is authenticated, perform the action; and
when the request is not authenticated, deny performance of the action.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques provided herein relate to electronic authentication on public systems. A backend system receives at least one electronic data action request from a publicly available client system that is shared amongst a plurality of users. At least a portion of the primary authentication information is received from a secondary device separate from the publicly available client system. The electronic data action request is authenticated by determining if the primary authentication information matches expected primary authentication information that is expected to complete the electronic data action request. Performance of the electronic data action request is facilitated when the primary authentication information matches the expected primary authentication information.
-
Citations
18 Claims
-
1. An authentication system for electronic data, comprising:
a backend system, comprising; non-volatile storage storing; the electronic data, wherein permission to perform actions on the electronic data is limited to a user or set of users; and a set of user profiles, wherein at least one of the set of user profiles comprises a user profile associated with the user or the set of users; and at least one hardware-based processor configured to; receive, from a client system, a request to perform an action on the electronic data; receive primary authentication information and secondary authentication information, from the client system, a secondary device, or both; authenticate the request by; identifying a user profile associated with the primary authentication information; determining whether the user profile associated with the primary authentication information is associated with the user or set of users; determining whether the primary authentication information matches expected primary authentication of the user profile associated with the primary authentication information; and determining whether the secondary authentication information matches or sufficiently overlaps with expected secondary authentication information of the user profile; determining the request is authenticated when; the user profile associated with the primary authentication information is associated with the user or set of users; the primary authentication information matches the expected primary authentication of the user profile associated with the primary authentication information; and the secondary authentication information matches or sufficiently overlaps with the expected secondary authentication information of the user profile; and determining the request is not authenticated when; the user profile associated with the primary authentication information is not associated with the user or set of users; the primary authentication information does not match the expected primary authentication of the user profile associated with the primary authentication information;
orthe secondary authentication information does not match or sufficiently overlap the expected secondary authentication information of the user profile; and when the request is authenticated, perform the action; and when the request is not authenticated, deny performance of the action. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
14. A tangible, non-transitory, machine-readable medium, comprising machine-readable instructions that when executed by one or more processors of an electronic device, cause the electronic device to:
-
receive, from a client system, a request to perform an action on electronic data, wherein permission to perform actions on the electronic data is limited to a user of a set of users; receive primary authentication information and secondary authentication information, from the client system, a secondary device, or both; authenticate the request by; identifying a user profile associated with the primary authentication information; determining whether the user profile associated with the primary authentication information is associated with the user or set of users; determining whether the primary authentication information matches expected primary authentication of a user profile associated with the primary authentication information; determining whether the secondary authentication information matches or sufficiently overlaps with expected secondary authentication information of the user profile; determining the request is authenticated when; the user profile associated with the primary authentication information is associated with the user or set of users; the primary authentication information matches the expected primary authentication of the user profile associated with the primary authentication information; and the secondary authentication information matches or sufficiently overlaps with the expected secondary authentication information of the user profile; and determining the request is not authenticated when; the user profile associated with the primary authentication information is not associated with the user or set of users; the primary authentication information does not match the expected primary authentication of the user profile associated with the primary authentication information;
orthe secondary authentication information does not match or sufficiently overlap the expected secondary authentication information of the user profile; and when the request is authenticated, perform the action; and when the request is not authenticated, deny performance of the action. - View Dependent Claims (15, 16, 17)
-
-
18. A computer-implemented method, comprising:
-
receiving, from a client system, a request to perform an action on electronic data, wherein permission to perform actions on the electronic data is limited to a user of a set of users; receiving primary authentication information and secondary authentication information, from the client system, a secondary device, or both; authenticating the request by; identifying a user profile associated with the primary authentication information; determining whether the user profile associated with the primary authentication information is associated with the user or set of users; determining whether the primary authentication information matches expected primary authentication of a user profile associated with the primary authentication information; and determining whether the secondary authentication information matches or sufficiently overlaps with expected secondary authentication information of the user profile; determining the request is authenticated when; the user profile associated with the primary authentication information is associated with the user or set of users; the primary authentication information matches the expected primary authentication of the user profile associated with the primary authentication information; and the secondary authentication information matches or sufficiently overlaps with the expected secondary authentication information of the user profile; and determining the request is not authenticated when; the user profile associated with the primary authentication information is not associated with the user or set of users; the primary authentication information does not match the expected primary authentication of the user profile associated with the primary authentication information;
orthe secondary authentication information does not match or sufficiently overlap the expected secondary authentication information of the user profile; when the request is authenticated, perform the action; and when the request is not authenticated, deny performance of the action.
-
Specification