System and method for user authentication
First Claim
Patent Images
1. A method for authenticating the identity of a user by an authority, comprising:
- enrolling a plurality of credentials for the user with the authority;
establishing at least one shared secret between the user and the authority relating to a predefined shared secret manner for presenting each of a plurality of current user credentials to the authority for the user for consecutive occasions;
receiving at least one currently presented user credential by the authority for authentication of the identity of the user;
authenticating an identity of the user by the authority based on a correspondence between the enrolled and current user credentials and a correspondence between the shared secret manner for presenting the current user credential and the manner in which the current user credential is presented to the authority;
wherein receiving the current user credential further comprises receiving at least one additional currently presented user credential by the authority; and
wherein receiving the current user credential further comprises receiving at least one additional currently presented user credential by the authority in one of a plurality of randomly selected predefined shared secret sequences as directed by the authority.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for authenticating the identity of a user by an authority makes use of presenting biometric data for the user in a predetermined shared secret sequence. The method and system can be augmented by requesting an additional shared secret, such as a PIN or additional credentials, to establish multiple layers of authentication. Varying the layers of authentication results in greater or lesser security, and the accuracy for any given layer can be relaxed without compromising the integrity of the entire method.
-
Citations
82 Claims
-
1. A method for authenticating the identity of a user by an authority, comprising:
-
enrolling a plurality of credentials for the user with the authority; establishing at least one shared secret between the user and the authority relating to a predefined shared secret manner for presenting each of a plurality of current user credentials to the authority for the user for consecutive occasions; receiving at least one currently presented user credential by the authority for authentication of the identity of the user; authenticating an identity of the user by the authority based on a correspondence between the enrolled and current user credentials and a correspondence between the shared secret manner for presenting the current user credential and the manner in which the current user credential is presented to the authority; wherein receiving the current user credential further comprises receiving at least one additional currently presented user credential by the authority; and wherein receiving the current user credential further comprises receiving at least one additional currently presented user credential by the authority in one of a plurality of randomly selected predefined shared secret sequences as directed by the authority. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
-
40. A method for authenticating the identity of a user by an authority, comprising:
-
enrolling at least one credential for the user with the authority; establishing at least one shared secret between the user and the authority relating to a predefined shared secret manner for presenting a current user credential to the authority; receiving at least one currently presented user credential by the authority for authentication of the identity of the user; authenticating an identity of the user by the authority based on a correspondence between the enrolled and current user credentials and a correspondence between the shared secret manner for presenting the current user credential and the manner in which the current user credential is presented to the authority; wherein establishing the shared secret further comprises establishing at least one additional shared secret between the user and the authority; wherein establishing the additional shared secret further comprises establishing a predefined shared secret manner of presenting each of a plurality of additional current user credentials to the authority for the user; and wherein establishing the predefined shared secret manner of presenting each of the plurality of additional current user credentials further comprises establishing a variation of the predefined shared secret manner of presenting each of the additional current user credentials to the authority for the user for consecutive occasions.
-
-
41. A method for authenticating the identity of a user by an authority, comprising:
-
enrolling a plurality of credentials for the user with the authority; establishing at least one shared secret between the user and the authority relating to a predefined shared secret manner for presenting each of a plurality of current user credentials to the authority for the user for consecutive occasions; receiving at least one currently presented user credential by the authority for authentication of the identity of the user; authenticating an identity of the user by the authority based on a correspondence between the enrolled and current user credentials and a correspondence between the shared secret manner for presenting the current user credential and the manner in which the current user credential is presented to the authority; and wherein authenticating the identity of the user by the authority further comprises authenticating the identity of the user to activate a silent alarm for the user.
-
-
42. A system for authenticating the identity of a user by an authority, comprising:
-
means for enrolling a plurality of credentials for the user with the authority; means for establishing at least one shared secret between the user and the authority relating to a predefined shared secret manner for presenting each of a plurality of current user credentials to the authority for the user for consecutive occasions; means for receiving at least one currently presented user credential by the authority for authentication of the identity of the user; means for authenticating an identity of the user by the authority based on a correspondence between the enrolled and current user credentials and a correspondence between the shared secret manner for presenting the current user credential and the manner in which the current user credential is presented to the authority; wherein the means for receiving the current user credential further comprises means for receiving at least one additional currently presented user credential by the authority; and wherein the means for receiving the current user credential further comprises means for receiving at least one additional currently presented user credential by the authority in one of a plurality of randomly selected predefined shared secret sequences as directed by the authority. - View Dependent Claims (43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80)
-
-
81. A system for authenticating the identity of a user by an authority, comprising:
-
means for enrolling at least one credential for the user with the authority; means for establishing at least one shared secret between the user and the authority relating to a predefined shared secret manner for presenting a current user credential to the authority; means for receiving at least one currently presented user credential by the authority for authentication of the identity of the user; means for authenticating an identity of the user by the authority based on a correspondence between the enrolled and current user credentials and a correspondence between the shared secret manner for presenting the current user credential and the manner in which the current user credential is presented to the authority; wherein the means for establishing the shared secret further comprises means for establishing shared secret between the user and the authority; wherein the means for establishing the additional shared secret further comprises means for establishing a predefined shared secret manner of presenting each of a plurality of additional current user credentials to the authority for the user; and wherein the means for establishing the predefined shared secret manner of presenting each of the plurality of additional current user credentials further comprises means for establishing a variation of the predefined shared secret manner of presenting each of the additional current user credentials to the authority for the user for consecutive occasions.
-
-
82. A system for authenticating the identity of a user by an authority, comprising:
-
means for enrolling a plurality of credentials for the user with the authority; means for establishing at least one shared secret between the user and the authority relating to a predefined shared secret manner for presenting each of a plurality of current user credentials to the authority for the user for consecutive occasions; means for receiving at least one currently presented user credential by the authority for authentication of the identity of the user; means for authenticating an identity of the user by the authority based on a correspondence between the enrolled and current user credentials and a correspondence between the shared secret manner for presenting the current user credential and the manner in which the current user credential is presented to the authority; and wherein the means for authenticating the identity of the user by the authority further comprises means for authenticating the identity of the user to activate a silent alarm for the user.
-
Specification