DETERMINING USER AUTHENTICATION REQUIREMENTS BASED ON THE CURRENT LOCATION OF THE USER IN COMPARISON TO A USER'S TRAVEL ROUTE
First Claim
1. An apparatus for determining user authentication requirements, the apparatus comprising:
- a mobile communication device including a computing platform including a memory, a processor in communication with the memory and a location-determining mechanism in communication with the processor;
an authentication requirements module stored in the memory, executable by the processor and configured to,receive a request for a user to access a service requiring authentication,in response to receiving the request, determine (1) a current physical location of the user and a current time, and (2) that the user is associated with a predetermined travel route having location boundaries and a time period, wherein the current physical location of the user is determined by implementing the location-determining mechanism,determine proximity in distance and time of the current physical location of the user and current time to the predetermined travel route associated with the user, anddetermine, from amongst a plurality of levels of authentication, a level of authentication required for the user to access the service, wherein the level is based on the proximity in distance and time of the current physical location of the user to the predetermined travel route,wherein the plurality of levels of authentication include a no-authentication-required level that is defined by the user being physically located within predetermined boundaries of the travel route and the current time being within a predetermined time period for the user to be travelling on the travel route, and wherein the no-authentication-required level is configured to allow the user to access the service absent authentication, wherein the user is provided access to the service in response to the user meeting authentication requirements associated with the determined level of authentication; and
a service access module stored in the memory, executable by the processor and configured to determine a level of access available to the user of the service upon the user meeting the authentication requirements associated with the determined level of authentication, wherein the level of access defines functionality available to the user within the service based on the determined level of authentication and is granted to the user in response to the user meeting the authentication requirements, wherein functionality is defined as transactions that the user is authorized to conduct and information that the user is authorized to access.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, apparatus, methods, and computer program products are provided for determining a user'"'"'s authentication requirements/credentials for a specific mobile network access session based on the current location of the user in comparison to a known typical travel route of the user. In this regard, if the user is located within the boundaries of the travel route during the time period when the user is typically travelling on the route, less, or in some instances no, authentication requirements are needed. Moreover, as the user deviates from the travel route in terms of distance and/or time the greater the authentication requirements/credentials may be required. Once the deviation is considered to significant in terms of distance and/or time full authentication requirements may be required.
44 Citations
24 Claims
-
1. An apparatus for determining user authentication requirements, the apparatus comprising:
-
a mobile communication device including a computing platform including a memory, a processor in communication with the memory and a location-determining mechanism in communication with the processor; an authentication requirements module stored in the memory, executable by the processor and configured to, receive a request for a user to access a service requiring authentication, in response to receiving the request, determine (1) a current physical location of the user and a current time, and (2) that the user is associated with a predetermined travel route having location boundaries and a time period, wherein the current physical location of the user is determined by implementing the location-determining mechanism, determine proximity in distance and time of the current physical location of the user and current time to the predetermined travel route associated with the user, and determine, from amongst a plurality of levels of authentication, a level of authentication required for the user to access the service, wherein the level is based on the proximity in distance and time of the current physical location of the user to the predetermined travel route, wherein the plurality of levels of authentication include a no-authentication-required level that is defined by the user being physically located within predetermined boundaries of the travel route and the current time being within a predetermined time period for the user to be travelling on the travel route, and wherein the no-authentication-required level is configured to allow the user to access the service absent authentication, wherein the user is provided access to the service in response to the user meeting authentication requirements associated with the determined level of authentication; and a service access module stored in the memory, executable by the processor and configured to determine a level of access available to the user of the service upon the user meeting the authentication requirements associated with the determined level of authentication, wherein the level of access defines functionality available to the user within the service based on the determined level of authentication and is granted to the user in response to the user meeting the authentication requirements, wherein functionality is defined as transactions that the user is authorized to conduct and information that the user is authorized to access. - View Dependent Claims (3, 5, 6, 7)
-
-
2. (canceled)
-
4. (canceled)
-
8. (canceled)
-
9. A method for determining user authentication requirements, the method comprising:
-
receiving, by a computing device, a request for a user to access a service requiring authentication; in response to receiving the request, determining, by a computing device processor, (1) a current physical location of the user and a current time and (2) that the user is associated with a predetermined travel route having location boundaries and a time period, wherein the current physical location of the user is determined by a location-determining mechanism in a mobile communication device in possession of the user; determining, by a computing device processor, proximity in distance and time of the current physical location of the user and current time to the predetermined travel route; determining, by a computing device process, from amongst a plurality of levels of authentication, a level of authentication required for the user to access the service, wherein the level is based on the proximity in distance and time of the current physical location of the user to the predetermined travel route, wherein the plurality of levels of authentication include a no-authentication-required level that is defined by the user being physically located within predetermined boundaries of the travel route and the current time being within a predetermined time period for the user to be travelling on the travel route, and wherein the no-authentication-required level is configured to allow the user to access the service absent authentication, wherein the user is provided access to the service in response to the user meeting authentication requirements associated with the determined level of authentication; and determine, by a computing device processor, a level of access available to the user of the service upon the user meeting the authentication requirements associated with the determined level of authentication, wherein the level of access defines functionality available to the user within the service based on the determined level of authentication and is granted to the user in response to the user meeting the authentication requirements, wherein functionality is defined as transactions that the user is authorized to conduct and information that the user is authorized to access. - View Dependent Claims (11, 13, 14, 15)
-
-
10. (canceled)
-
12. (canceled)
-
16. (canceled)
-
17. A computer program product comprising:
a non-transitory computer-readable medium comprising; a first set of codes for causing a computer to receive a request for a user to access a service requiring authentication; a second set of codes for causing a computer to, in response to receiving the request, determine (1) a current physical location of the user and a current time and (2) that the user is associated with a predetermined travel route having location boundaries and a time period, wherein the current physical location of the user is determined by a location-determining mechanism in a mobile communication device in possession of the user; a third set of codes for causing a computer to determine proximity in distance and time of the current physical location of the user and current time to a predetermined travel route; a fourth set of codes for causing a computer to determine, from amongst a plurality of levels of authentication, a level of authentication required for the user to access the service, wherein the level is based on the proximity in distance and time of the current physical location of the user to the predetermined travel route, wherein the plurality of levels of authentication include a no-authentication-required level that is defined by the user being physically located within predetermined boundaries of the travel route and the current time being within a predetermined time period for the user to be travelling on the travel route, and wherein the no-authentication-required level is configured to allow the user to access the service absent authentication, and wherein the user is provided access to the service in response to the user meeting authentication requirements associated with the determined level of authentication; and a fifth set of codes for causing a computer to determine, a level of access available to the user of the service upon the user meeting the authentication requirements associated with the determined level of authentication, wherein the level of access defines functionality available to the user within the service based on the determined level of authentication and is granted to the user in response to the user meeting the authentication requirements, wherein functionality is defined as transactions that the user is authorized to conduct and information that the user is authorized to access. - View Dependent Claims (19, 21, 22, 23)
-
18. (canceled)
-
20. (canceled)
-
24. (canceled)
Specification