AUTHENTICATING APPLICATION LEGITIMACY

US 20170041309A1
Filed: 08/06/2015
Published: 02/09/2017
Est. Priority Date: 08/06/2015
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

obtaining, based on imaging at least one optical code using a camera of a device of a user, data of the at least one optical code, the at least one optical code being displayed on a display device in association with an application to be authenticated for the user as being a legitimate application;

automatically determining, based on the obtained data of the at least one optical code, whether the application to be authenticated is authenticated as being the legitimate application; and

providing for the user, by the device of the user, based on the automatically determining, an indication of whether the application to be authenticated is authenticated as being the legitimate application.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Facilities are provided herein to address application phishing by determining whether an application is a legitimate application it purports to be. Optical code(s) are displayed on a display device in association with an application to be authenticated for a user as being a legitimate application. Based on imaging the optical code(s) using a camera of a device of a user, data of the optical code(s) are obtained. It is automatically determines, based on the obtained data of the optical code(s), whether the application to be authenticated is authenticated as being the legitimate application, and based on this, an indication of whether the application is authenticated as being the legitimate application is provided for the user by the device.

118 Citations

20 Claims

1. A method comprising:
- obtaining, based on imaging at least one optical code using a camera of a device of a user, data of the at least one optical code, the at least one optical code being displayed on a display device in association with an application to be authenticated for the user as being a legitimate application;
  
  automatically determining, based on the obtained data of the at least one optical code, whether the application to be authenticated is authenticated as being the legitimate application; and
  
  providing for the user, by the device of the user, based on the automatically determining, an indication of whether the application to be authenticated is authenticated as being the legitimate application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein the at least one optical code comprises a first optical code displayed based on a launch of the application to be authenticated, wherein the automatically determining comprises identifying whether the first optical code conveys a user identity registered with a trusted authentication entity associated with the legitimate application as being a proper user identity for the user, and wherein the provided indication of the authenticity of the application is based at least in part on whether the first optical code conveys the user identity registered with the trusted authentication entity associated with the legitimate application.
  - 3. The method of claim 2, wherein based on the first optical code failing to convey the user identity registered with the trusted authentication entity of the legitimate application, the automatically determining determines that the application to be authenticated is not authenticated as being the legitimate application and the provided indication indicates that the application to be authenticated is not authenticated as being the legitimate application.
  - 4. The method of claim 2, wherein the identifying whether the first optical code conveys the user identity registered with the trusted authentication entity provides a provisional indication of authenticity of the application, the provisional indication subject to modification after a further determination of authenticity of the application, the further determination based on obtaining dynamically generated second optical code data, the dynamically generated second optical code data to be provided to the legitimate application for display of a dynamically generated second optical code in association with the legitimate application.
  - 5. The method of claim 1, wherein the method further comprises:
    - obtaining, by the device of the user separate from obtaining the data of the at least one optical code, dynamically generated optical code data, the dynamically generated optical code data also provided to the legitimate application by way of a trusted authentication entity associated with the legitimate application; and
      
      comparing data of one optical code of the at least one optical code to the obtained dynamically generated optical code data, wherein the automatically determining authenticity of the application is based on the comparing.
  - 6. The method of claim 5, wherein the obtaining the dynamically generated optical code data by the device of the user comprises receiving the dynamically generated optical code data from the trusted authentication entity, wherein the device of the user images the one optical code as it is displayed on the display device in association with the application to be authenticated in order to obtain the data of the one optical code for comparison to the dynamically generated optical code data.
  - 7. The method of claim 5 , wherein the obtaining the dynamically generated optical code data comprises generating, by the device of the user, the dynamically generated optical code data, and wherein the method further comprises:
    - providing by the device of the user the generated dynamically generated optical code data to the trusted authentication entity for provision to the legitimate application, wherein the device of the user images the one optical code as it is displayed on the display device in association with the application to be authenticated in order to obtain the data of the one optical code for comparison to the obtained dynamically generated optical code data.
  - 8. The method of claim 5, wherein the comparing indicates a match between the data of the one optical code and the dynamically generated optical code data, the match indicating that the one optical code is a dynamically generated optical code generated based on the dynamically generated optical code data provided to the legitimate application, and that the application to be authenticated is authenticated as being the legitimate application, based on provision of the dynamically generated optical code data to the legitimate application and based on the display, on the display device and in association with the application to be authenticated, of the dynamically generated optical code dynamically generated based on the dynamically generated optical code data.
  - 9. The method of claim 5, wherein the comparing indicates a mismatch between the data of the one optical code and the dynamically generated optical code data, the mismatch indicating that the one optical code was not dynamically generated based on the dynamically generated optical code data provided to the legitimate application, and that the application to be authenticated is not authenticated as being the legitimate application, based on provision of the dynamically generated optical code data to the legitimate application and based on a failure to display, on the display device and in association with the application to be authenticated, a dynamically generated optical code dynamically generated based on the dynamically generated optical code data.
  - 10. The method of claim 1, wherein the device comprises a wearable device, the application to be authenticated comprises a mobile application or a web application, and the indication comprises at least one visual, haptic, or audible indication for the user.
  - 11. The method of claim 1, wherein the at least optical code comprises computer readable encoded information and the data of the at least one optical code comprises decoded data decoded from the encoded information.
  - 12. The method of claim 1, wherein the method further comprises triggering, during boot of the device of the user, checking a digital signature of an application of the device of the user, and, based on verifying the digital signature as being correct, initiating execution of the application, wherein the application at least partially performs the obtaining, the automatically determining, and the providing.
  - 13. The method of claim 1, wherein an application running as a background application of the device of the user monitors for presence of an optical code in an imaging space proximate the device of the user, and wherein the obtaining, the automatically determining, and the providing are performed based on detecting presence of the optical code, the optical code being an optical code of the at least one optical code.

14. A computer program product comprising:
- a computer readable storage medium readable by a processor and storing instructions for execution by the processor for performing a method comprising;
  
  obtaining, based on imaging at least one optical code using a camera of a device of a user, data of the at least one optical code, the at least one optical code being displayed on a display device in association with an application to be authenticated for the user as being a legitimate application;
  
  automatically determining, based on the obtained data of the at least one optical code, whether the application to be authenticated is authenticated as being the legitimate application; and
  
  providing for the user, by the device of the user, based on the automatically determining, an indication of whether the application to be authenticated is authenticated as being the legitimate application.
- View Dependent Claims (15, 16, 17)
- - 15. The computer program product of claim 14, wherein:
    - the at least one optical code comprises a first optical code displayed based on a launch of the application to be authenticated;
      
      the automatically determining comprises identifying whether the first optical code conveys a user identity registered with a trusted authentication entity associated with the legitimate application as being a proper user identity for the user, wherein the identifying whether the first optical code conveys the user identity registered with the trusted authentication entity provides a provisional indication of authenticity of the application, the provisional indication subject to modification after a further determination of authenticity of the application, the further determination based on obtaining dynamically generated second optical code data, the dynamically generated second optical code data to be provided to the legitimate application for display of a dynamically generated second optical code in association with the legitimate application; and
      
      the provided indication of the authenticity of the application is based at least in part on whether the first optical code conveys the user identity registered with the trusted authentication entity associated with the legitimate application and at least in part on the further determination of authenticity of the application.
  - 16. The computer program product of claim 14, wherein the method further comprises:
    - obtaining, by the device of the user separate from obtaining the data of the at least one optical code, dynamically generated optical code data, the dynamically generated optical code data also provided to the legitimate application by way of a trusted authentication entity associated with the legitimate application; and
      
      comparing data of one optical code of the at least one optical code to the obtained dynamically generated optical code data, wherein the automatically determining authenticity of the application is based on the comparing.
  - 17. The computer program product of claim 16, wherein the comparing indicates a match between the data of the one optical code and the dynamically generated optical code data, the match indicating that the one optical code is a dynamically generated optical code generated based on the dynamically generated optical code data provided to the legitimate application, and that the application to be authenticated is authenticated as being the legitimate application, based on provision of the dynamically generated optical code data to the legitimate application and based on the display, on the display device and in association with the application to be authenticated, of the dynamically generated optical code dynamically generated based on the dynamically generated optical code data.

18. A computer system comprising:
- a memory; and
  
  a processor in communications with the memory, wherein the computer system is configured to perform a method, the method comprising;
  
  obtaining, based on imaging at least one optical code using a camera of a device of a user, data of the at least one optical code, the at least one optical code being displayed on a display device in association with an application to be authenticated for the user as being a legitimate application;
  
  automatically determining, based on the obtained data of the at least one optical code, whether the application to be authenticated is authenticated as being the legitimate application; and
  
  providing for the user, by the device of the user, based on the automatically determining, an indication of whether the application to be authenticated is authenticated as being the legitimate application.
- View Dependent Claims (19, 20)
- - 19. The computer system of claim 18, wherein:
    - the at least one optical code comprises a first optical code displayed based on a launch of the application to be authenticated;
      
      the automatically determining comprises identifying whether the first optical code conveys a user identity registered with a trusted authentication entity associated with the legitimate application as being a proper user identity for the user, wherein the identifying whether the first optical code conveys the user identity registered with the trusted authentication entity provides a provisional indication of authenticity of the application, the provisional indication subject to modification after a further determination of authenticity of the application, the further determination based on obtaining dynamically generated second optical code data, the dynamically generated second optical code data to be provided to the legitimate application for display of a dynamically generated second optical code in association with the legitimate application; and
      
      the provided indication of the authenticity of the application is based at least in part on whether the first optical code conveys the user identity registered with the trusted authentication entity associated with the legitimate application and at least in part on the further determination of authenticity of the application.
  - 20. The computer system of claim 18, wherein the method further comprises:
    - obtaining, by the device of the user separate from obtaining the data of the at least one optical code, dynamically generated optical code data, the dynamically generated optical code data also provided to the legitimate application by way of a trusted authentication entity associated with the legitimate application; and
      
      comparing data of one optical code of the at least one optical code to the obtained dynamically generated optical code data, wherein the automatically determining authenticity of the application is based on the comparing, wherein the comparing indicates a match between the data of the one optical code and the dynamically generated optical code data, the match indicating that the one optical code is a dynamically generated optical code generated based on the dynamically generated optical code data provided to the legitimate application, and that the application to be authenticated is authenticated as being the legitimate application, based on provision of the dynamically generated optical code data to the legitimate application and based on the display, on the display device and in association with the application to be authenticated, of the dynamically generated optical code dynamically generated based on the dynamically generated optical code data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
EKAMBARAM, Vijay, RAKSHIT, Sarbajit K.

Granted Patent

US 9,946,874 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/44   Program or device authentic...

G06F 21/55   Detecting local intrusion o...

G06F 21/64   Protecting data integrity, ...

H04L 63/0853   using an additional device,...

H04L 63/1483   service impersonation, e.g....

H04W 12/77   Graphical identity

AUTHENTICATING APPLICATION LEGITIMACY

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

118 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

AUTHENTICATING APPLICATION LEGITIMACY

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

118 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others