DUAL CHANNEL IDENTITY AUTHENTICATION

US 20160006734A1
Filed: 06/25/2015
Published: 01/07/2016
Est. Priority Date: 07/02/2014
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

determining, in response to a request from a first device operated by a source user, that an identity authentication is to be performed for the source user;

identifying a target user who is deemed to satisfy at least a preset condition, the target user being a user other than the source user;

generating validation information to authenticate identity of the source user;

sending the validation information to a second device operated by the target user;

receiving a validation response from the first device operated by the source user; and

performing identity authentication, including verifying whether the validation response received from the first device operated by the source user matches the validation information sent to the second device.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Identity authentication comprises: determining, in response to a request from a first device operated by a source user, that an identity authentication is to be performed for the source user; identifying a target user who is deemed to satisfy at least a preset condition, the target user being a user other than the source user; generating validation information to authenticate identity of the source user; sending the validation information to a second device operated by the target user; receiving a validation response from the first device operated by the source user; and performing identity authentication, including verifying whether the validation response received from the first device operated by the source user matches the validation information sent to the second device.

Citations

23 Claims

1. A method, comprising:
- determining, in response to a request from a first device operated by a source user, that an identity authentication is to be performed for the source user;
  
  identifying a target user who is deemed to satisfy at least a preset condition, the target user being a user other than the source user;
  
  generating validation information to authenticate identity of the source user;
  
  sending the validation information to a second device operated by the target user;
  
  receiving a validation response from the first device operated by the source user; and
  
  performing identity authentication, including verifying whether the validation response received from the first device operated by the source user matches the validation information sent to the second device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the identifying the target user comprises:
    - determining a set of one or more associated users of the source user based at least in part on the source user'"'"'s historical user information;
      
      using the historical user information to compute a set of one or more trust levels between the source user and respective ones of the set of one or more associated users; and
      
      selecting a set of one or more trusted users among the set of one or more associated users, the one or more trusted users each having a trust level that meets or exceeds a trust level threshold;
      
      whereinthe target user is selected among the set of one or more trusted users.
  - 3. The method of claim 2, wherein the historical user information comprises location-based services (LBS) information;
    - andthe set of one or more trust levels are computed based at least in part on the LBS information.
  - 4. The method of claim 2, wherein the historical user information comprises WiFi hotspot scan information, and the set of one or more trust levels is computed based at least in part on the WiFi hotspot scan information.
  - 5. The method of claim 2, wherein the historical user information comprises:
    - communication information pertaining to a number of communications sent, received, or both by the first device, and the set of one or more trust levels is computed based at least in part on the communication information.
  - 6. The method of claim 1, wherein the preset condition includes a distance requirement of the second device operated by the target user relative to the first device operated by the source user.
  - 7. The method of claim 1, wherein the identifying the target user includes:
    - determining a set of one or more nearby users associated with the source user;
      
      determining a set of one or more trusted users among the one or more nearby users;
      
      computing a set of one or more trust levels of the source user relative to respective ones of the set of one or more trusted users; and
      
      selecting among the set of one or more trusted users a set of one or more potential target users;
      
      whereinthe target user is selected among the set of one or more potential target users.
  - 8. The method of claim 7, wherein the set of one or more nearby users associated with the source user is determined based at least in part on source user information sent by the first device.
  - 9. The method of claim 7, wherein the set of one or more nearby users associated with the source user is determined based at least in part on current LBS information of the first device.
  - 10. The method of claim 7, wherein the set of one or more nearby users associated with the source user is determined based at least in part on WiFi hotspot scan information of the first device.
  - 11. The method of claim 1, wherein identifying the target user further comprises:
    - sending to the first device information pertaining to a plurality of potential target users and causing the information pertaining to the plurality of potential target users to be presented to the source user on the first device; and
      
      receiving from the first device a selection of the target user among the plurality of potential target users made by the source user.

12. A system comprising:
- one or more processors to;
  
  determine, in response to a request from a first device operated by a source user, that an identity authentication is to be performed for the source user;
  
  identify a target user who is deemed to satisfy at least a preset condition, the target user being a user other than the source user;
  
  generate validation information to authenticate identity of the source user;
  
  send the validation information to a second device operated by the target user;
  
  receive a validation response from the first device operated by the source user; and
  
  perform identity authentication, including verifying whether the validation response received from the first device operated by the source user matches the validation information sent to the second device; and
  
  one or more memories coupled to the one or more processors, configured to provide the one or more processors with instructions.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The system of claim 12, wherein to identify the target user comprises to:
    - determine a set of one or more associated users of the source user based at least in part on the source user'"'"'s historical user information;
      
      use the historical user information to compute a set of one or more trust levels between the source user and respective ones of the set of one or more associated users; and
      
      select a set of one or more trusted users among the set of one or more associated users, the one or more trusted users each having a trust level that meets or exceeds a trust level threshold;
      
      whereinthe target user is selected among the set of one or more trusted users.
  - 14. The system of claim 13, wherein the historical user information comprises location-based services (LBS) information;
    - andthe set of one or more trust levels are computed based at least in part on the LBS information.
  - 15. The system of claim 13, wherein the historical user information comprises WiFi hotspot scan information, and the set of one or more trust levels is computed based at least in part on the WiFi hotspot scan information.
  - 16. The system of claim 13, wherein the historical user information comprises:
    - communication information pertaining to a number of communications sent, received, or both by the first device, and the set of one or more trust levels is computed based at least in part on the communication information.
  - 17. The system of claim 12, wherein the preset condition includes a distance requirement of the second device operated by the target user relative to the first device operated by the source user.
  - 18. The system of claim 12, wherein to identify the target user includes to:
    - determine a set of one or more nearby users associated with the source user;
      
      determine a set of one or more trusted users among the one or more nearby users;
      
      compute a set of one or more trust levels of the source user relative to respective ones of the set of one or more trusted users; and
      
      select among the set of one or more trusted users a set of one or more potential target users;
      
      whereinthe target user is selected among the set of one or more potential target users.
  - 19. The system of claim 18, wherein the set of one or more nearby users associated with the source user is determined based at least in part on source user information sent by the first device.
  - 20. The system of claim 18, wherein the set of one or more nearby users associated with the source user is determined based at least in part on current LBS information of the first device.
  - 21. The system of claim 18, wherein the set of one or more nearby users associated with the source user is determined based at least in part on WiFi hotspot scan information of the first device.
  - 22. The system of claim 12, wherein to identify the target user further includes to:
    - send to the first device information pertaining to a plurality of potential target users and cause the information pertaining to the plurality of potential target users to be presented to the source user on the first device; and
      
      receive from the first device a selection of the target user among the plurality of potential target users made by the source user.

23. A computer program product, the computer program product being embodied in a tangible non-transitory computer readable storage medium and comprising computer instructions for:
- determining, in response to a request from a first device operated by a source user, that an identity authentication is to be performed for the source user;
  
  identifying a target user who is deemed to satisfy at least a preset condition, the target user being a user other than the source user;
  
  generating validation information to authenticate identity of the source user;
  
  sending the validation information to a second device operated by the target user;
  
  receiving a validation response from the first device operated by the source user; and
  
  performing identity authentication, including verifying whether the validation response received from the first device operated by the source user matches the validation information sent to the second device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Advanced New Technologies Company Limited (Ant Group Co., Ltd.)
Original Assignee
Alibaba Group Holding Ltd.
Inventors
Huang, Mian

Granted Patent

US 10,659,453 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/40   by quorum, i.e. whereby two...

H04L 63/0853   using an additional device,...

H04L 63/18   using different networks or...

H04L 67/1046   Joining mechanisms

H04W 12/06   Authentication

H04W 12/63   Location-dependent; Proximi...

DUAL CHANNEL IDENTITY AUTHENTICATION

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

DUAL CHANNEL IDENTITY AUTHENTICATION

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links