System and Method for Location-Based Authentication

US 20140082713A1
Filed: 12/28/2012
Published: 03/20/2014
Est. Priority Date: 09/18/2012
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a user attempting to access a service or application comprising:

receiving, at a server, a request to authenticate a user, the request including a user identifier;

retrieving, by the server, a location of an authorized device associated with the user identifier;

determining, by the server, an authentication question based on the location of the authorized device;

transmitting the authentication question to the user, receiving, by the server, a response to the authentication question; and

determining, by the server, whether the received response matches an expected response to the authentication question.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are provided for enhancing security by providing additional authentication factors. Prior to authentication, a user may enroll a device from which access to a service or application is authorized. During authentication, the authentication system may retrieve the location of the enrolled device and generate one or more questions that only a user in that location can answer. The user may additionally or alternatively enroll a movement signature with an authentication server as an authentication factor. The user may set a pattern for device movement. During authentication, the user moves the device in the pattern. The device then transmits the movement signature for authentication.

28 Citations

View as Search Results

20 Claims

1. A method for authenticating a user attempting to access a service or application comprising:
- receiving, at a server, a request to authenticate a user, the request including a user identifier;
  
  retrieving, by the server, a location of an authorized device associated with the user identifier;
  
  determining, by the server, an authentication question based on the location of the authorized device;
  
  transmitting the authentication question to the user, receiving, by the server, a response to the authentication question; and
  
  determining, by the server, whether the received response matches an expected response to the authentication question.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein retrieving the location of the authorized device comprises:
    - querying the authorized device for a current location; and
      
      receiving the location of the authorized device.
  - 3. The method of claim 1, wherein retrieving the location of the authorized device comprises:
    - querying a server associated with the authorized device for a current location of the authorized device; and
      
      receiving the location of the authorized device.
  - 4. The method of claim 1, wherein the authentication question is a detail that is viewed from the location of the authorized device.
  - 5. The method of claim 1, wherein determining the authentication question comprises retrieving the authentication question from a database.
  - 6. The method of claim 1, wherein determining the authentication question comprises:
    - retrieving information about the location of the authorized device; and
      
      generating the authentication question using the information about the location of the authorized device.
  - 7. The method of claim 1, further comprising:
    - permitting access to the service or application when the received response matches the expected response.
  - 8. The method of claim 1, further comprising transmitting a second authentication question if the received response does not match the expected response.

9. A method for authenticating a user attempting to access a service or application comprising:
- receiving, at a server, a request to authenticate a user;
  
  transmitting, by the server, a request for authentication by device movement to a device associated with the user;
  
  receiving, by the server, a signature of the device movement performed by the user; and
  
  determining, by the server, whether the received movement signature matches a stored movement signature.
- View Dependent Claims (10)
- - 10. The method of claim 9, further comprising:
    - enrolling the movement signature for the user as an additional authentication factor.

11. A user device for detecting the occurrence of an event comprising:
- a memory configured to store movement criteria indicative of an occurrence of an event;
  
  a movement sensing module configured to;
  
  monitor for movement of the user device consistent with the stored movement criteria,transmit a message indicating that the event has been detected.
- View Dependent Claims (12, 13, 14)
- - 12. The user device of claim 11, wherein the movement criteria are enrolled in the memory by a user.
  - 13. The user device of claim 11, wherein the movement criteria are selected by the user.
  - 14. The user device of claim 11, wherein the movement criteria are indicative of movement of a device during an automobile accident.

15. A system for detecting and responding to the occurrence of an event, comprising:
- a user device including;
  
  a memory configured to store movement criteria indicative of an occurrence of an event,a movement sensing module configured to;
  
  monitor for movement of the user device consistent with the stored movement criteria, andtransmit a message indicating that the event has been detected; and
  
  a monitoring server configured to receive an event notification and to perform a responsive action.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15, wherein the movement criteria are enrolled in the memory by a user.
  - 17. The system of claim 15, wherein the movement criteria are selected by the user.
  - 18. The system of claim 15, wherein the movement criteria are indicative of movement of a device during an automobile accident.
  - 19. The system of claim 15, wherein the monitoring server is further configured to confirm occurrence of the event with the user device.
  - 20. The system of claim 15, wherein the responsive action includes causing a set of cameras to monitor a location having the user device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avago Technologies International Sales Pte Limited (Broadcom, Inc.)
Original Assignee
Broadcom Corporation (Broadcom, Inc.)
Inventors
Markel, Shlomo, Mendel, Jacob

Granted Patent

US 10,148,670 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/105   Multiple levels of security

H04L 63/12   Applying verification of th...

System and Method for Location-Based Authentication

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

28 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

System and Method for Location-Based Authentication

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others