MULTI-FACTOR AUTHENTICATION USING DIGITAL IMAGES OF BARCODES

US 20130031623A1
Filed: 07/28/2011
Published: 01/31/2013
Est. Priority Date: 07/28/2011
Status: Active Grant

First Claim

Patent Images

1. A method of implementing a multi-factor authentication scheme in a computing device having one or more processors, the method comprising:

receiving a request from a user to access the computing device;

prompting the user to present a security image;

scanning the security image;

determining that the security image is associated with authorized access to the device;

prompting the user to enter a password;

receiving the password from the user;

determining that the received password is associated with authorized access to the device; and

granting the user access to the device in response to determining that the security image is associated with authorized access to the device and determining that the received password is associated with authorized access to the device.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems, and computer-readable media for implementing a multi-factor authentication scheme utilizing barcode images in computing devices, such as standard mobile devices and smartphones having no native hardware support for reading barcodes other than standard digital camera componentry for capturing digital images of real-world phenomena. A mobile device may be configured by software to require a user, as a first authentication factor, to present a barcode, such as a Quick Response (QR) Code for image scanning using digital camera componentry built into the mobile device. The device analyzes the digital image of the barcode to decode the barcode into its encoded character data. If the device recognizes the character data as valid, then, as a second authentication factor, the device prompts the user to enter a valid password associated with the barcode. If the user-entered barcode is also valid, then the device may grant the user access.

107 Citations

View as Search Results

21 Claims

1. A method of implementing a multi-factor authentication scheme in a computing device having one or more processors, the method comprising:
- receiving a request from a user to access the computing device;
  
  prompting the user to present a security image;
  
  scanning the security image;
  
  determining that the security image is associated with authorized access to the device;
  
  prompting the user to enter a password;
  
  receiving the password from the user;
  
  determining that the received password is associated with authorized access to the device; and
  
  granting the user access to the device in response to determining that the security image is associated with authorized access to the device and determining that the received password is associated with authorized access to the device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the security image comprises a barcode that contains encoded character data.
  - 3. The method of claim 2, wherein the barcode comprises a Quick Response (QR) Code.
  - 4. The method of claim 2, wherein scanning the security image comprises:
    - capturing a digital image of the barcode.
  - 5. The method of claim 4, wherein:
    - scanning the security image comprises;
      
      decoding the barcode to derive the encoded character data; and
      
      determining that the security image is associated with authorized access to the device comprises;
      
      determining that the encoded character data is associated with authorized access to the device.
  - 6. The method of claim 1, wherein granting the user access to the device further comprises:
    - granting the user access to the device in response to determining that a combination of the security image and the received password is associated with authorized access to the device.
  - 7. The method of claim 1, further comprising:
    - receiving input from a remote server as to whether the security image or the password is associated with authorized access to the device.

8. A system configured to perform a multi-factor authentication scheme, the system comprising:
- a processing system comprising one or more processors;
  
  digital camera componentry comprising one or more light sensors; and
  
  a memory system comprising one or more computer-readable media, wherein the computer-readable media contain instructions that, when executed by the processing system, cause the processing system to perform operations comprising;
  
  receiving a request from a user to access the system;
  
  prompting the user to present a security image;
  
  scanning the security image using the digital camera componentry;
  
  determining that the security image is associated with authorized access to the device;
  
  prompting the user to enter a password;
  
  receiving the password from the user;
  
  determining that the received password is associated with authorized access to the device; and
  
  granting the user access to the device in response to determining that the security image is associated with authorized access to the device and determining that the received password is associated with authorized access to the device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the security image comprises a barcode that contains encoded character data.
  - 10. The system of claim 9, wherein the barcode comprises a Quick Response (QR) Code.
  - 11. The system of claim 9, wherein scanning the security image comprises:
    - capturing a digital image of the barcode.
  - 12. The system of claim 11, wherein:
    - scanning the security image comprises;
      
      decoding the barcode to derive the encoded character data; and
      
      determining that the security image is associated with authorized access to the device comprises;
      
      determining that the encoded character data is associated with authorized access to the device.
  - 13. The system of claim 8, wherein granting the user access to the device further comprises:
    - granting the user access to the device in response to determining that a combination of the security image and the received password is associated with authorized access to the device.
  - 14. The system of claim 8, the operations further comprising:
    - receiving input from a remote server as to whether the security image or the password is associated with authorized access to the device.

15. A computer-readable medium tangibly embodying computer instructions for performing, by one or more processors, a method of implementing a multi-factor authentication scheme comprising:
- receiving a request from a user to access the computing device;
  
  prompting the user to present a security image;
  
  scanning the security image;
  
  determining that the security image is associated with authorized access to the device;
  
  prompting the user to enter a password;
  
  receiving the password from the user;
  
  determining that the received password is associated with authorized access to the device; and
  
  granting the user access to the device in response to determining that the security image is associated with authorized access to the device and determining that the received password is associated with authorized access to the device.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The computer-readable medium of claim 15, wherein the security image comprises a barcode that contains encoded character data.
  - 17. The computer-readable medium of claim 16, wherein the barcode comprises a Quick Response (QR) Code.
  - 18. The computer-readable medium of claim 16, wherein scanning the security image comprises:
    - capturing a digital image of the barcode.
  - 19. The computer-readable medium of claim 18, wherein:
    - scanning the security image comprises;
      
      decoding the barcode to derive the encoded character data; and
      
      determining that the security image is associated with authorized access to the device comprises;
      
      determining that the encoded character data is associated with authorized access to the device.
  - 20. The computer-readable medium of claim 15, wherein granting the user access to the device further comprises:
    - granting the user access to the device in response to determining that a combination of the security image and the received password is associated with authorized access to the device.
  - 21. The computer-readable medium of claim 15, the method further comprising:
    - receiving input from a remote server as to whether the security image or the password is associated with authorized access to the device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Xerox Corporation (Xerox Holdings Corp.)
Original Assignee
Xerox Corporation (Xerox Holdings Corp.)
Inventors
Sanders, Aaron Dale

Granted Patent

US 8,910,274 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/19
CPC Class Codes

G06F 21/00   Security arrangements for p...

G06F 21/34   involving the use of extern...

G06F 21/36   by graphic or iconic repres...

MULTI-FACTOR AUTHENTICATION USING DIGITAL IMAGES OF BARCODES

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

107 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

MULTI-FACTOR AUTHENTICATION USING DIGITAL IMAGES OF BARCODES

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

107 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links