System and Method for Location-Based Authentication
First Claim
1. A method for authenticating a user attempting to access a service or application comprising:
- receiving, at a server, a request to authenticate a user, the request including a user identifier;
retrieving, by the server, a location of an authorized device associated with the user identifier;
determining, by the server, an authentication question based on the location of the authorized device;
transmitting the authentication question to the user, receiving, by the server, a response to the authentication question; and
determining, by the server, whether the received response matches an expected response to the authentication question.
7 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided for enhancing security by providing additional authentication factors. Prior to authentication, a user may enroll a device from which access to a service or application is authorized. During authentication, the authentication system may retrieve the location of the enrolled device and generate one or more questions that only a user in that location can answer. The user may additionally or alternatively enroll a movement signature with an authentication server as an authentication factor. The user may set a pattern for device movement. During authentication, the user moves the device in the pattern. The device then transmits the movement signature for authentication.
28 Citations
20 Claims
-
1. A method for authenticating a user attempting to access a service or application comprising:
-
receiving, at a server, a request to authenticate a user, the request including a user identifier; retrieving, by the server, a location of an authorized device associated with the user identifier; determining, by the server, an authentication question based on the location of the authorized device; transmitting the authentication question to the user, receiving, by the server, a response to the authentication question; and determining, by the server, whether the received response matches an expected response to the authentication question. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for authenticating a user attempting to access a service or application comprising:
-
receiving, at a server, a request to authenticate a user; transmitting, by the server, a request for authentication by device movement to a device associated with the user; receiving, by the server, a signature of the device movement performed by the user; and determining, by the server, whether the received movement signature matches a stored movement signature. - View Dependent Claims (10)
-
-
11. A user device for detecting the occurrence of an event comprising:
-
a memory configured to store movement criteria indicative of an occurrence of an event; a movement sensing module configured to; monitor for movement of the user device consistent with the stored movement criteria, transmit a message indicating that the event has been detected. - View Dependent Claims (12, 13, 14)
-
-
15. A system for detecting and responding to the occurrence of an event, comprising:
-
a user device including; a memory configured to store movement criteria indicative of an occurrence of an event, a movement sensing module configured to; monitor for movement of the user device consistent with the stored movement criteria, and transmit a message indicating that the event has been detected; and a monitoring server configured to receive an event notification and to perform a responsive action. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification