METHOD AND APPARATUS TO PROVIDE CONTINUOUS AUTHENTICATION BASED ON DYNAMIC PERSONAL INFORMATION
First Claim
1. A method of authenticating a user via a handheld electronic device, comprising:
- storing at the handheld electronic device a first plurality of dynamic personal identification data samples specific to the user that are collected over time;
sending a copy of the first plurality of dynamic personal identification data samples to a remote computing device to be stored as a second plurality of dynamic personal identification samples;
receiving at the handheld electronic device an authentication challenge that is computed based on at least a subset of the second plurality of dynamic personal identification samples; and
computing at the handheld electronic device a first authentication response to the authentication challenge based on at least a subset of the first plurality of dynamic personal identification samples to authenticate the user in response to the first authentication response corresponding to the authentication challenge.
4 Assignments
0 Petitions
Accused Products
Abstract
An authentication method, system and device are provided to continuously collect dynamic personal identification data (DPID) samples through a user device by using one or more sensors to continuously collect biometric and location data samples associated with the user and then securely transfer the DPID samples to a central authentication server where attributes of the DPID samples may be captured and incorporated as part of a challenge-response pair which requests an arbitrarily generated N-tuple of the DPID samples from a predetermined time interval from the user device that is unique to the user and dynamic based on the sensed data and the time-interval of collection.
159 Citations
24 Claims
-
1. A method of authenticating a user via a handheld electronic device, comprising:
-
storing at the handheld electronic device a first plurality of dynamic personal identification data samples specific to the user that are collected over time; sending a copy of the first plurality of dynamic personal identification data samples to a remote computing device to be stored as a second plurality of dynamic personal identification samples; receiving at the handheld electronic device an authentication challenge that is computed based on at least a subset of the second plurality of dynamic personal identification samples; and computing at the handheld electronic device a first authentication response to the authentication challenge based on at least a subset of the first plurality of dynamic personal identification samples to authenticate the user in response to the first authentication response corresponding to the authentication challenge. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. An authentication system, comprising:
-
a first computing device configured to request data access by storing a first plurality of dynamic personal identification data samples specific to an individual and generating a challenge response in response to any received challenge question; a second computing device configured to authenticate a data access request from the first computing device by storing a copy of the first plurality of dynamic personal identification data samples, formulating a first challenge question based on at least a subset of the copy of the first plurality of dynamic personal identification samples, and authenticating the data access request from first computing device in response to a first challenge response received from the first computing device corresponding to the first challenge question. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
-
22. A non-transitory computer readable storage medium embodying computer program code, the computer program code comprising computer executable instructions configured to authenticate information from a computer by:
-
storing a plurality of dynamic personal identification data samples specific to a user associated with the computer, where a copy of the plurality of dynamic personal identification data samples is also stored at a remote computer, and where the plurality of dynamic personal identification data samples comprises a plurality of biometric data samples specific to the user and a corresponding plurality of location data samples associated in time with the plurality of biometric data samples; generating an authentication challenge that requests a first N-tuple that is computed from at least a subset of the copy of the plurality of dynamic personal identification samples stored at the remote computer; sending the authentication challenge to the remote computer; and receiving the first N-tuple from the remote computer for purposes of authenticating information from the remote computer in response to the first N-tuple matching a second N-tuple that is computed from at least a subset of the plurality of dynamic personal identification samples. - View Dependent Claims (23, 24)
-
Specification