MOBILE DEVICE-BASED AUTHENTICATION

US 20130081119A1
Filed: 09/27/2011
Published: 03/28/2013
Est. Priority Date: 09/27/2011
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a user to a site resource, comprising:

capturing a first biometric input from the user on an integrated first biometric reader on a mobile device, the first biometric input corresponding to a first biometric feature of the user;

deriving a first set of biometric data from the captured first biometric input;

transmitting the first set of biometric data to a remote authentication server from the mobile device;

transmitting a secondary authentication instruction to the site resource directly from the mobile device in response to receipt of the first biometric input;

capturing a second biometric input from the user on a second biometric reader connected to the site resource in response to the secondary authentication instruction, the second biometric input corresponding to a second biometric feature of the user;

deriving a second set of biometric data from the captured second biometric input;

transmitting the second set of biometric data to the remote authentication server from the site resource; and

authenticating the user for access to the site resource based upon a validation of both the first set of biometric data and the second set of biometric data against a pre-enrolled set of biometric data for the user stored on the remote authentication server;

wherein the first set of biometric data and the second set of biometric data are transmitted to the remote authentication server for validation, a successful authentication being conditioned upon the first set of biometric data and the second set of biometric data being transmitted to the remote authentication server substantially contemporaneously and from substantially proximate locations as specified to the remote authentication server.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Mobile device-based authentication is disclosed. A first biometric input corresponding to a first biometric feature of the user is captured on the mobile device. A first set of biometric data is derived from the captured first biometric input. The first set of biometric data is transmitted to a remote authentication server. Thereafter, a secondary authentication instruction is transmitted to the site resource in response. Access to the site resource is permitted based upon a validation of the first set of biometric data, and a second biometric input that is captured on the site resource in response to the secondary authentication instruction received thereon. The first set of biometric data and the second set of biometric data are validated by remote authentication server substantially contemporaneously.

Citations

22 Claims

1. A method of authenticating a user to a site resource, comprising:
- capturing a first biometric input from the user on an integrated first biometric reader on a mobile device, the first biometric input corresponding to a first biometric feature of the user;
  
  deriving a first set of biometric data from the captured first biometric input;
  
  transmitting the first set of biometric data to a remote authentication server from the mobile device;
  
  transmitting a secondary authentication instruction to the site resource directly from the mobile device in response to receipt of the first biometric input;
  
  capturing a second biometric input from the user on a second biometric reader connected to the site resource in response to the secondary authentication instruction, the second biometric input corresponding to a second biometric feature of the user;
  
  deriving a second set of biometric data from the captured second biometric input;
  
  transmitting the second set of biometric data to the remote authentication server from the site resource; and
  
  authenticating the user for access to the site resource based upon a validation of both the first set of biometric data and the second set of biometric data against a pre-enrolled set of biometric data for the user stored on the remote authentication server;
  
  wherein the first set of biometric data and the second set of biometric data are transmitted to the remote authentication server for validation, a successful authentication being conditioned upon the first set of biometric data and the second set of biometric data being transmitted to the remote authentication server substantially contemporaneously and from substantially proximate locations as specified to the remote authentication server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 13)
- - 2. The method of claim 1, wherein the authentication fails upon a time lapse exceeding a predetermined threshold between the transmission and validation of the first set of biometric data and the transmission and validation of the second set of biometric data to the remote authentication server.
  - 3. The method of claim 1, wherein the capturing of the biometric input is in response to an authentication request input from the user on the mobile device.
  - 4. The method of claim 3, wherein the authentication request input is received from the user following a challenge-response sequence.
  - 5. The method of claim 1, wherein the first biometric reader and the second biometric reader are selected from a group consisting of:
    - a fingerprint scanner, an audio microphone, and an imaging camera.
  - 6. The method of claim 1, wherein the site resource is selected from a group consisting of:
    - an automated teller machine (ATM), a point of sale (POS) terminal, and a personal computer system.
  - 7. The method of claim 1, wherein the first biometric feature and the second biometric feature of the user are different.
  - 8. The method of claim 1, wherein the first biometric feature and the second biometric feature of the user are the same.
  - 9. The method of claim 1, wherein the secondary authentication instruction to the site resource is transmitted over the wireless Near Field Communication (NFC) protocol.
  - 10. The method of claim 1, wherein the secondary authentication instruction to the site resource is transmitted over the wireless Bluetooth low power protocol.
  - 13. The method of claim 1, further comprising:
    - storing the first set of biometric data on the mobile device following capture of the first biometric input.

11. A method of authenticating a user to a site resource with a mobile device, comprising:
- capturing a first biometric input from the user on the mobile device, the first biometric input corresponding to a first biometric feature of the user;
  
  deriving a first set of biometric data from the captured first biometric input;
  
  transmitting the first set of biometric data to a remote authentication server from the mobile device; and
  
  transmitting a secondary authentication instruction to the site resource directly from the mobile device in response to receipt of the first biometric input;
  
  wherein access to the site resource is permitted based upon a validation by the remote authentication server of the first set of biometric data transmitted from the mobile device and a second biometric input of a second biometric feature of the user captured on a second biometric reader of the site resource in response to the secondary authentication instruction received thereon and transmitted to the remote authentication server as a corresponding second set of biometric data, a successful validation being conditioned upon the first set of biometric data being transmitted to the remote authentication server substantially contemporaneously and from substantially proximate locations as specified to the remote authentication server.
- View Dependent Claims (12, 14, 15, 16, 17, 18, 19, 20, 21)
- - 12. The method of claim 11, wherein access to the site resource is denied upon a time lapse exceeding a predetermined threshold between the transmission and validation of the first set of biometric data and the transmission and validation of the second set of biometric data to the remote authentication server.
  - 14. The method of claim 11, wherein the capturing of the biometric input is in response to an authentication request input from the user on the mobile device.
  - 15. The method of claim 14, wherein the authentication request input is received from the user following a challenge-response sequence.
  - 16. The method of claim 11, wherein the first biometric reader and the second biometric reader are selected from a group consisting of:
    - a fingerprint scanner, an audio microphone, aid an imaging camera.
  - 17. The method of claim 11, wherein the site resource is selected from a group consisting of:
    - an automated teller machine (ATM), a point of sale (POS) terminal, and a personal computer system.
  - 18. The method of claim 11, wherein the first biometric feature and the second biometric feature of the user are different.
  - 19. The method of claim 11, wherein the first biometric feature and the second biometric feature of the user are the same.
  - 20. The method of claim 11, wherein the secondary authentication instruction to the site resource is transmitted over the wireless Near Field Communication (NFC) protocol.
  - 21. The method of claim 11, wherein the secondary authentication instruction to the site resource is transmitted over the wireless Bluetooth low power protocol.

22. An article of manufacture comprising a non-transitory program storage medium readable by a data processing apparatus, the medium tangibly embodying one or more programs of instructions executable by the data processing apparatus to perform a method of authenticating a user to a resource with a mobile device, the method comprising:
- capturing a first biometric input from the user an the mobile device, the first biometric input corresponding to a first biometric feature of the user;
  
  deriving a first set of biometric data from the captured first biometric input;
  
  transmitting the first set of biometric data to a remote authentication server from the mobile device; and
  
  transmitting a secondary authentication instruction to the site resource from the mobile device in response to receipt of the first biometric;
  
  wherein access to the site resource is permitted based upon a validation by the remote authentication server of the first set of biometric data transmitted from the mobile device and a second biometric input of a second biometric feature of the user captured on a second biometric reader of the site resource in response to the secondary authentication instruction received thereon and transmitted to the remote authentication server as a corresponding second set of biometric data, a successful validation being conditioned upon the first set of biometric data being transmitted to the remote authentication server substantially contemporaneously and from substantially proximate locations as specified to the remote authentication server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
George P. Sampas
Original Assignee
George P. Sampas
Inventors
Sampas, George P.

Granted Patent

US 8,473,748 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/35   communicating wirelessly

G06F 2221/2111   Location-sensitive, e.g. ge...

G06Q 20/206   comprising security or oper...

G06Q 20/3224   Transactions dependent on l...

G06Q 20/40145   Biometric identity checks

H04L 2463/082   applying multi-factor authe...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04L 63/18   using different networks or...

H04W 12/068   using credential vaults, e....

MOBILE DEVICE-BASED AUTHENTICATION

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

MOBILE DEVICE-BASED AUTHENTICATION

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links