Mobile application security system and method
First Claim
1. An authentication server for authenticating a user of a computing device, the authentication server comprising:
- a user directory stored in a computer readable memory, the user directory comprising a group of user records, each user record being uniquely associated with an authorized user;
a computing device ID value unique to a computing device assigned to the authorized user associated with the user record;
a group of depictions, each depiction having a group of unique fiducials;
an identification of a key depiction, the key depiction being a single to depiction selected from the group of depictions; and
trace pattern verification data, the trace pattern verification data comprising;
a group of coordinate values, in sequential order, which represent a group of sequential trace stokes, each trace stroke of the group of sequential trace strokes being between a unique pair of fiducials of the group of fiducials within the key depiction.an authentication package received from an authenticating computing device, the authentication package comprising;
an identifier of a selected depiction;
captured trace pattern data, the captured trace pattern data comprising a group of sequential coordinate values which represent a group of sequential trace stokes;
an authentication application comprising authentication instructions stored coded in the computer readable memory and executed by a processor, the authentication instructions comprising which, when executed by the processor;
respond to receiving an authentication request from an authenticating computing device by providing, to the authenticating computing device, each depiction of the group of depictions in the user record with the computing device ID value that matches a device identifier of the authenticating computing device, the device identifier of the authenticating computing device;
respond to receiving the authentication package from the authenticating computing device by generating a message to authorize access to protected functions only if;
the identifier of the selected depiction indicates the key depiction of the user record with the computing device ID value which matches the device identifier of the authenticating computing device; and
the group of sequential trace strokes represented by the sequential coordinate values of the captured trace pattern data matches, within a threshold, the group of sequential trace strokes between unique pairs of fiducials within the key depiction.
5 Assignments
0 Petitions
Accused Products
Abstract
A system for authenticating the user of a computing device comprises an authorized user directory. Each record is uniquely associated with an authorized user and includes at least a computing device ID value that is a globally unique value assigned to the authorized user'"'"'s computing device, a group of unique depictions such as photographs, an identification of a key depiction. Portions of each image form fiducials recognizable by the user. The record further includes trace pattern verification data representing continuous trace strokes between pairs of the fiducials within the key depiction. To authenticate, the group of images are displayed to the user. The user must first select the key image and secondly trace continuous trace strokes between the pairs of fiducials to match the trace pattern verification data.
-
Citations
20 Claims
-
1. An authentication server for authenticating a user of a computing device, the authentication server comprising:
-
a user directory stored in a computer readable memory, the user directory comprising a group of user records, each user record being uniquely associated with an authorized user; a computing device ID value unique to a computing device assigned to the authorized user associated with the user record; a group of depictions, each depiction having a group of unique fiducials; an identification of a key depiction, the key depiction being a single to depiction selected from the group of depictions; and trace pattern verification data, the trace pattern verification data comprising; a group of coordinate values, in sequential order, which represent a group of sequential trace stokes, each trace stroke of the group of sequential trace strokes being between a unique pair of fiducials of the group of fiducials within the key depiction. an authentication package received from an authenticating computing device, the authentication package comprising; an identifier of a selected depiction; captured trace pattern data, the captured trace pattern data comprising a group of sequential coordinate values which represent a group of sequential trace stokes; an authentication application comprising authentication instructions stored coded in the computer readable memory and executed by a processor, the authentication instructions comprising which, when executed by the processor; respond to receiving an authentication request from an authenticating computing device by providing, to the authenticating computing device, each depiction of the group of depictions in the user record with the computing device ID value that matches a device identifier of the authenticating computing device, the device identifier of the authenticating computing device; respond to receiving the authentication package from the authenticating computing device by generating a message to authorize access to protected functions only if; the identifier of the selected depiction indicates the key depiction of the user record with the computing device ID value which matches the device identifier of the authenticating computing device; and the group of sequential trace strokes represented by the sequential coordinate values of the captured trace pattern data matches, within a threshold, the group of sequential trace strokes between unique pairs of fiducials within the key depiction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for authenticating the user of a computing device, the system comprising:
-
an authentication server, the authentication server comprising; a user directory stored in a computer readable memory, the user directory comprising a group of user records, each user record being uniquely associated with an authorized user, each user record comprising; a computing device ID value unique to a computing device assigned to the authorized user associated with the user record; a group of depictions, each depiction having a group of unique fiducials; an identification of a key depiction, the key depiction being a single depiction selected from the group of depictions; and trace pattern verification data, the trace pattern verification data comprising; a group of coordinate values, in sequential order, which represent a group of sequential trace stokes, each trace stroke of the group of sequential trace strokes being between a unique pair of fiducials of the group of fiducials within the key depiction; and an authentication application, the authentication application comprising authentication instructions coded in the computer readable memory and executed by a processor; a computing device, the computing device comprising a processor, a computer readable memory, and a graphic user interface comprising a display screen and a touch sensitive panel overlying the display, the computer device further comprising; a unique device identifier stored in the computer readable memory. computing device application instructions coded in the computer readable memory and executed by the processor, the computing device application instructions which, when executed by the processor; transfer to the authentication server, an authentication request comprising the unique device identifier; the authentication application instructions, when executed by the processor; respond to receiving the authentication request by providing to the computing device, each depiction of the group of depictions in the user record with the computing device ID value that matches the device identifier of the authentication request. the computing device application instructions further; display each depiction provided by the authentication server; respond to user activation of the touch sensitive panel to identify a selected depiction by generating a display of the selected; generate captured trace pattern data, the captured trace pattern data comprising a group of sequential coordinate values representing user trace strokes formed by continuous motion on the touch sensitive panel over the display of the selected depiction, provide to the authentication server, an authentication package the authentication package comprising; the unique device identifier an identifier of the selected depiction; the captured trace pattern data; the authentication application instructions further; respond to receiving the authentication package by generating a message to authorize access to protected functions only if; the identifier of the selected depiction indicates the key depiction of the user record with the computing device ID value which matches the unique device identifier; and the group of sequential trace strokes represented by the sequential coordinate values of the captured trace pattern data matches, within a threshold, the group of sequential trace strokes between unique pairs of fiducials within the key depiction. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification