Advanced authentication techniques and applications
First Claim
Patent Images
1. A location-aware method for user authentication comprising:
- receiving, at a client, a request from a user of the client to perform a transaction with a relying party which requires user authentication, the relying party being a website or an online service implemented by one or more computer servers;
receiving, by an authentication engine, environmental sensor data from one or more sensors of the client;
using, by the authentication engine, a geographical location of the client reported by one of the one or more sensors of the client to collect supplemental data known for the geographical location, the supplemental data collected from sources other than the one or more sensors of the client;
collecting, by a client risk assessment agent, client configuration data including at least one of hardware data, operating system data, and application data of the client;
calculating, by an assurance level calculation module, a correlation score based on the client configuration data and a comparison of the environmental sensor data with the supplemental data;
determining, by the assurance level calculation module, an assurance level required for allowing the client to complete the transaction;
determining, by the assurance level calculation module, an assurance level gain required to arrive at the assurance level based on the correlation score; and
selecting, by the authentication engine, one or more authentication techniques to authenticate the user based at least in part on the indication of the assurance level gain.
3 Assignments
0 Petitions
Accused Products
Abstract
A system, apparatus, method, and machine readable medium are described for performing advanced authentication techniques and associated applications. For example, one embodiment of a method comprises: receiving a policy identifying a set of acceptable authentication capabilities; determining a set of client authentication capabilities; and filtering the set of acceptable authentication capabilities based on the determined set of client authentication capabilities to arrive at a filtered set of one or more authentication capabilities for authenticating a user of the client.
368 Citations
4 Claims
-
1. A location-aware method for user authentication comprising:
-
receiving, at a client, a request from a user of the client to perform a transaction with a relying party which requires user authentication, the relying party being a website or an online service implemented by one or more computer servers; receiving, by an authentication engine, environmental sensor data from one or more sensors of the client; using, by the authentication engine, a geographical location of the client reported by one of the one or more sensors of the client to collect supplemental data known for the geographical location, the supplemental data collected from sources other than the one or more sensors of the client; collecting, by a client risk assessment agent, client configuration data including at least one of hardware data, operating system data, and application data of the client;
calculating, by an assurance level calculation module, a correlation score based on the client configuration data and a comparison of the environmental sensor data with the supplemental data;determining, by the assurance level calculation module, an assurance level required for allowing the client to complete the transaction;
determining, by the assurance level calculation module, an assurance level gain required to arrive at the assurance level based on the correlation score; andselecting, by the authentication engine, one or more authentication techniques to authenticate the user based at least in part on the indication of the assurance level gain. - View Dependent Claims (2, 3, 4)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeNok Nok Labs Incorporated
-
Original AssigneeNok Nok Labs Incorporated
-
InventorsBriceno, Marc, Wilson, Brendon, Kesanupalli, Ramesh, Baghdasaryan, Davit, Dholakia, Rajiv, Blanke, William J., Lindemann, Rolf, Polivanyi, Igor, Umap, Avinash
-
Primary Examiner(s)Agwumezie, Chinedu C
-
Application NumberUS14/218,504Publication NumberTime in Patent Office1,862 DaysField of Search705 75US Class CurrentCPC Class CodesG06F 21/31 User authenticationG06F 2221/2105 Dual mode as a secondary as...H04L 63/08 for authentication of entit...H04L 63/0861 using biometrical features,...H04L 63/205 involving negotiation or de...H04L 9/006 involving public key infras...H04W 12/06 AuthenticationH04W 12/63 Location-dependent; Proximi...H04W 12/67 Risk-dependent, e.g. select...H04W 88/02 Terminal devices
