RANDOM CHALLENGE ACTION FOR AUTHENTICATION OF DATA OR DEVICES

US 20130061305A1
Filed: 09/07/2011
Published: 03/07/2013
Est. Priority Date: 09/07/2011
Status: Abandoned Application

First Claim

Patent Images

1. A method, comprising:

requesting authentication information for an individual;

receiving authentication information for the individual;

presenting the individual with a random challenge action;

receiving a response to the challenge action from the individual; and

authenticating the individual based at least on the authentication information and the challenge action response.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authentication system is enhanced by prompting an individual to perform a randomly-selected challenge action. For example, the individual may be requested to move the device in a particular motion, after entering a username/password combination. The randomly-selected challenge action verifies the individual is located at the device, which prevents automated attacks to steal the individual'"'"'s identity. The challenge action improves security by preventing attackers from spoofing an individual'"'"'s authentication information. The enhanced authentication system may be used on mobile devices, such as mobile phones and laptop computers, to provide access to secure data, such as bank account information.

23 Citations

View as Search Results

20 Claims

1. A method, comprising:
- requesting authentication information for an individual;
  
  receiving authentication information for the individual;
  
  presenting the individual with a random challenge action;
  
  receiving a response to the challenge action from the individual; and
  
  authenticating the individual based at least on the authentication information and the challenge action response.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, in which the step of authenticating comprises:
    - identifying the individual based on at least the authentication information; and
      
      verifying the individual is present at a device based on at least the challenge action response.
  - 3. The method of claim 2, in which the challenge action is a motion gesture comprising at least one of moving the device in a circle clockwise, moving the device in a circle counter-clockwise, shaking the device, shaking the device with a twisting motion, moving the device in a figure-eight pattern, moving the device back and forth at waist level, and placing the device on top of the individual'"'"'s head.
  - 4. The method of claim 3, in which the response to the challenge action is received through at least one of a still camera, a motion camera, a microphone, an accelerometer, and a gyroscope.
  - 5. The method of claim 4, in which the motion gesture further comprises repeating the motion.
  - 6. The method of claim 3, in which the step of requesting authentication information and the step of presenting a challenge action are performed by a client application, and in which the authenticating step comprises:
    - transmitting, to a server, the authentication information and the challenge action response; and
      
      receiving, from the server, an authentication message indicating at least one of allow access and deny access.
  - 7. The method of claim 6, further comprising receiving, from the server, a configuration for a client device for the individual.
  - 8. The method of claim 7, in which the client device is a mobile device.

9. A computer program product, comprising:
- a non-transitory computer-readable medium comprising;
  
  code to request authentication information for an individual;
  
  code to receive authentication information for the individual;
  
  code to present the individual with a random challenge action;
  
  code to receive a response to the challenge action from the individual; and
  
  code to authenticate the individual based at least on the authentication information and the challenge action response.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The computer program product of claim 9, in which the medium further comprises:
    - code to identify the individual based on at least the authentication information; and
      
      code to verify the individual is present at a device based on at least the challenge action response.
  - 11. The computer program product of claim 10, in which the challenge action is a motion gesture.
  - 12. The computer program product of claim 11, in which the code to verify comprises code to detect at least one of moving the device in a circle clockwise, moving the device in a circle counter-clockwise, shaking the device, shaking the device with a twisting motion, moving the device in a figure-eight pattern, moving the device back and forth at waist level, and placing the device on top of the individual'"'"'s head.
  - 13. The computer program product of claim 12, in which the code to detect comprises code to detect repeating the motion.
  - 14. The computer program product of claim 11, in which the step of requesting authentication information and the step of presenting the challenge action are performed by a client application, and in which the medium further comprises:
    - code to transmit, to a server, the authentication information and the challenge action response; and
      
      code to receive, from the server, an authentication message indicating at least one of allow access and deny access.
  - 15. The computer program product of claim 14, in which the medium further comprises code to receive, from the server, a configuration for a client device for the individual.

16. A system, comprising:
- a memory;
  
  a sensor;
  
  at least one processor coupled to the memory and coupled to the sensor, in which the at least one processor is configured;
  
  to request authentication information for an individual;
  
  to receive authentication information for the individual;
  
  to present the individual with a random challenge action;
  
  to receive a response to the challenge action request from the individual through the sensor; and
  
  to authenticate the individual based at least on the authentication information and the challenge action response.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The system of claim 16, in which the at least one processor is further configured:
    - to identify the individual based on at least the authentication information; and
      
      to verify the individual is present at a device based on at least the challenge action response.
  - 18. The system of claim 17, in which the challenge action is a motion gesture and the at least one processor is further configured to detect at least one of moving the device in a circle clockwise, moving the device in a circle counter-clockwise, shaking the device, shaking the device with a twisting motion, moving the device in a figure-eight pattern, moving the device back and forth at waist level, and placing the device on top of the individual'"'"'s head.
  - 19. The system of claim 16, further comprising a server, in which the at least one processor is configured:
    - to transmit, to a server, the authentication information; and
      
      to receive, from the server, a response indicating at least one of allow access or deny access.
  - 20. The system of claim 19, in which the at least one processor is further configured to receive, from the server, a configuration for a client device for the individual.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Unisys Corporation
Original Assignee
Unisys Corporation
Inventors
Bruso, Kelsey L., Newton, Glen E.

Application Number

US13/226,667
Publication Number

US 20130061305A1
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06F 21/34 involving the use of extern...

RANDOM CHALLENGE ACTION FOR AUTHENTICATION OF DATA OR DEVICES

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

23 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

RANDOM CHALLENGE ACTION FOR AUTHENTICATION OF DATA OR DEVICES

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links