Single prompt multiple-response user authentication method

US 10,282,537 B2
Filed: 09/20/2016
Issued: 05/07/2019
Est. Priority Date: 09/20/2016
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by one or more computer processors, a request for authentication from a user of a computer system;

transmitting, by the one or more computer processors, an authentication prompt to the user, wherein the authentication prompt corresponds to a plurality of stored authentication responses, and wherein each of the plurality of stored authentication responses is used to authenticate the user;

selecting, by the user, a first type of authentication response from a plurality of stored authentication types used to authenticate the user, wherein the selected first type of authentication response corresponds to a first user authentication response to the transmitted authentication prompt, wherein the user selects the first type of authentication response based on a flexible user preference, wherein the flexible user preference changes based on at least one of the following;

i. an authentication environment,ii. a user impairment, andiii. a determination by the user;

receiving, by the one or more computer processors, the first user authentication response;

determining, by the one or more computer processors, whether to accept the received first user authentication response based on a degree of similarity between the received first user authentication response and a stored authentication response from the plurality of stored authentication responses;

responsive to accepting the received first user authentication response, calculating, by the one or more computer processors, a security score representing a level of confidence with respect to verifying the user for authentication, based on the selected first type of authentication response-for the first user authentication response; and

responsive to determining that the security score is greater than an authentication score, authenticating, by the one or more computer processors, the user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A request for authentication from a user of a computer system is received. An authentication prompt is transmitted to the user, wherein the authentication prompt corresponds to a plurality of stored authentication responses, and wherein each of the plurality of stored authentication responses is used to authenticate the user. A first user authentication response is received. Whether to accept the first user authentication response based on a degree of similarity between the first user authentication response is determined and a stored authentication response from the plurality of stored authentication responses. Responsive to accepting the first user authentication response, a security score is calculated representing a level of confidence with respect to verifying the user for authentication, based on a type of authentication response for the first user authentication response. Responsive to determining that the security score is greater than an authentication score the user is authenticated.

26 Citations

View as Search Results

20 Claims

1. A method comprising:
- receiving, by one or more computer processors, a request for authentication from a user of a computer system;
  
  transmitting, by the one or more computer processors, an authentication prompt to the user, wherein the authentication prompt corresponds to a plurality of stored authentication responses, and wherein each of the plurality of stored authentication responses is used to authenticate the user;
  
  selecting, by the user, a first type of authentication response from a plurality of stored authentication types used to authenticate the user, wherein the selected first type of authentication response corresponds to a first user authentication response to the transmitted authentication prompt, wherein the user selects the first type of authentication response based on a flexible user preference, wherein the flexible user preference changes based on at least one of the following;
  
  i. an authentication environment,ii. a user impairment, andiii. a determination by the user;
  
  receiving, by the one or more computer processors, the first user authentication response;
  
  determining, by the one or more computer processors, whether to accept the received first user authentication response based on a degree of similarity between the received first user authentication response and a stored authentication response from the plurality of stored authentication responses;
  
  responsive to accepting the received first user authentication response, calculating, by the one or more computer processors, a security score representing a level of confidence with respect to verifying the user for authentication, based on the selected first type of authentication response-for the first user authentication response; and
  
  responsive to determining that the security score is greater than an authentication score, authenticating, by the one or more computer processors, the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein during a prior enrollment process, the user selects the authentication prompt including at least one of:
    - an image, an animation, text content, a video, a vibration, an audio signal, and a light signal.
  - 3. The method of claim 1, wherein each of the plurality of stored authentication responses is assigned a metric that is used to calculate the security score, and wherein the metric is based on the first type of authentication response.
  - 4. The method of claim 2, wherein the plurality of stored authentication responses are provided by the user during the enrollment process, and wherein the first type of authentication response of the plurality of stored authentication responses is selected from the group consisting of:
    - an image, an audio signal, a user interaction with a component of the computer system, a video, a motion path of the computer system, user biometric data, and a sequence of alphanumeric characters.
  - 5. The method of claim 3, further comprising:
    - receiving, by the one or more computer processors, a second user authentication response; and
      
      responsive to accepting the second user authentication response based on a degree of similarity between the second user authentication response and a stored authentication response from the plurality of stored authentication response, calculating, by the one or more computer processors, the security score by summing the each of the metrics assigned to the first user authentication response and second user authentication response.
  - 6. The method of claim 3, wherein the metric assigned to each of the plurality of stored authentication responses is based on the first type of authentication response.
  - 7. The method of claim 3, wherein the metric assigned to each of the plurality of stored authentication responses is based on value indicating a degree of unpredictability of a respective stored authentication response and on another value indicating a relative strength of a respective stored authentication response with respect to resisting cracking attempts.

8. A computer program product comprising:
- one or more computer readable storage media and program instructions stored on the one or more computer readable storage media, the program instructions comprising;
  
  program instructions to receive a request for authentication from a user of a computer system;
  
  program instructions to transmit an authentication prompt to the user, wherein the authentication prompt corresponds to a plurality of stored authentication responses, and wherein each of the plurality of stored authentication responses is used to authenticate the user;
  
  program instructions to select, by the user, a first type of authentication response from a plurality of stored authentication types used to authenticate the user, wherein the selected first type of authentication response corresponds to a first user authentication response to the transmitted authentication prompt, wherein the user selects the first type of authentication response based on a flexible user preference, wherein the flexible user preference changes based on at least one of the following;
  
  i. an authentication environment,ii. a user impairment, andiii. a determination by the user;
  
  program instructions to receive the first user authentication response;
  
  program instructions to determine whether to accept the received first user authentication response based on a degree of similarity between the received first user authentication response and a stored authentication response from the plurality of stored authentication responses;
  
  program instructions to, responsive to accepting the received first user authentication response, calculate a security score representing a level of confidence with respect to verifying the user for authentication, based on the selected first type of authentication response-for the first user authentication response; and
  
  program instructions to, responsive to determining that the security score is greater than an authentication score, authenticate the user.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer program product of claim 8, wherein during a prior enrollment process, the user selects the authentication prompt including at least one of:
    - an image, an animation, text content, a video, a vibration, an audio signal, and a light signal.
  - 10. The computer program product of claim 8, wherein each of the plurality of stored authentication responses is assigned a metric that is used to calculate the security score, and wherein the metric is based on the first type of authentication response.
  - 11. The computer program product of claim 9, wherein the plurality of stored authentication responses are provided by the user during the enrollment process, and wherein the first type of authentication response of the plurality of stored authentication responses is selected from the group consisting of:
    - an image, an audio signal, a user interaction with a component of the computer system, a video, a motion path of the computer system, user biometric data, and a sequence of alphanumeric characters.
  - 12. The computer program product of claim 10, wherein the program instructions stored on the one or more computer readable storage media further comprise:
    - program instructions to receive a second user authentication response; and
      
      responsive to accepting the second user authentication response based on a degree of similarity between the second user authentication response and a stored authentication response from the plurality of stored authentication response, calculating, by the one or more computer processors, the security score by summing the each of the metrics assigned to the first user authentication response and second user authentication response.
  - 13. The computer program product of claim 10, wherein the metric assigned to each of the plurality of stored authentication responses is based on the first type of authentication response.
  - 14. The computer program product of claim 10, wherein the metric assigned to each of the plurality of stored authentication responses is based on value indicating a degree of unpredictability of a respective stored authentication response and on another value indicating a relative strength of a respective stored authentication response with respect to resisting cracking attempts.

15. A computer system comprising:
- one or more computer processors;
  
  one or more computer readable storage media;
  
  program instructions stored on the one or more computer readable storage media for execution by at least one of the one or more processors, the program instructions comprising;
  
  program instructions to receive a request for authentication from a user of a computer system;
  
  program instructions to transmit an authentication prompt to the user, wherein the authentication prompt corresponds to a plurality of stored authentication responses, and wherein each of the plurality of stored authentication responses is used to authenticate the user;
  
  program instructions to select, by the user, a first type of authentication response from a plurality of stored authentication types used to authenticate the user, wherein the selected first type of authentication response corresponds to a first user authentication response to the transmitted authentication prompt, wherein the user selects the first type of authentication response based on a flexible user preference, wherein the flexible user preference changes based on at least one of the following;
  
  i. an authentication environment,ii. a user impairment, andiii. a determination by the user;
  
  program instructions to receive the first user authentication response;
  
  program instructions to determine whether to accept the received first user authentication response based on a degree of similarity between the received first user authentication response and a stored authentication response from the plurality of stored authentication responses;
  
  program instructions to, responsive to accepting the received first user authentication response, calculate a security score representing a level of confidence with respect to verifying the user for authentication, based on the selected first type of authentication response-for the first user authentication response; and
  
  program instructions to, responsive to determining that the security score is greater than an authentication score, authenticate the user.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer system of claim 15, wherein during a prior enrollment process, the user selects the authentication prompt including at least one of:
    - an image, an animation, text content, a video, a vibration, an audio signal, and a light signal.
  - 17. The computer system of claim 15, wherein each of the plurality of stored authentication responses is assigned a metric that is used to calculate the security score, and wherein the metric is based on the first type of authentication response.
  - 18. The computer system of claim 16, wherein the plurality of stored authentication responses are provided by the user during the enrollment process, and wherein the first type of authentication response of the plurality of stored authentication responses is selected from the group consisting of:
    - an image, an audio signal, a user interaction with a component of the computer system, a video, a motion path of the computer system, user biometric data, and a sequence of alphanumeric characters.
  - 19. The computer system of claim 17, wherein the program instructions stored on the one or more computer readable storage media further comprise:
    - program instructions to receive a second user authentication response; and
      
      responsive to accepting the second user authentication response based on a degree of similarity between the second user authentication response and a stored authentication response from the plurality of stored authentication response, calculating, by the one or more computer processors, the security score by summing the each of the metrics assigned to the first user authentication response and second user authentication response.
  - 20. The computer system of claim 17, wherein the metric assigned to each of the plurality of stored authentication responses is based on the first type of authentication response.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Swart, Calvin B., Trewin, Sharon M.
Primary Examiner(s)
Abrishamkar, Kaveh

Application Number

US15/270,096
Publication Number

US 20180082052A1
Time in Patent Office

959 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/316   by observing the pattern of...

G06F 21/32   using biometric data, e.g. ...

G06F 21/36   by graphic or iconic repres...

G06F 21/40   by quorum, i.e. whereby two...

G06F 21/6218   to a system of files or obj...

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 63/102   Entity profiles

Single prompt multiple-response user authentication method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

26 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Single prompt multiple-response user authentication method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links