Method of authentication using familiar photographs

US 7,174,462 B2
Filed: 11/12/2002
Issued: 02/06/2007
Est. Priority Date: 11/12/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method of authenticating a user operating an access device comprising:

causing the display, on the access device, of a plurality of photographs to the user, at least one of the photographs being selected at the time of authentication from the user'"'"'s personal collection of photographs and being already familiar to the user so that no prior training by the user is needed, the remaining displayed photographs being decoy photographs;

accepting an input selection from the user identifying one of the displayed photographs; and

allowing access when the user'"'"'s selection identifies the displayed photograph from the user'"'"'s personal photograph collection.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Authenticating a user operating an un-trusted access device includes causing the display, on the un-trusted access device, of a plurality of photographs to the user, at least one of the photographs being from the user'"'"'s personal photograph collection and already familiar to the user, remaining photographs being decoy photographs, accepting an input selection from the user identifying one of the displayed photographs, and allowing access when the user'"'"'s selection correctly identifies a sequence of displayed photographs from the user'"'"'s photograph collection. No user training prior to using the authentication system is needed and no pre-selection of a password or photograph is necessary.

Citations

28 Claims

1. A method of authenticating a user operating an access device comprising:
- causing the display, on the access device, of a plurality of photographs to the user, at least one of the photographs being selected at the time of authentication from the user'"'"'s personal collection of photographs and being already familiar to the user so that no prior training by the user is needed, the remaining displayed photographs being decoy photographs;
  
  accepting an input selection from the user identifying one of the displayed photographs; and
  
  allowing access when the user'"'"'s selection identifies the displayed photograph from the user'"'"'s personal photograph collection.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein causing the display of the photographs comprises causing the display of the photograph from the user'"'"'s photograph collection at a random location on the display among the decoy photographs.
  - 3. The method of claim 1, further comprising selecting the decoy photographs from a photograph database, the decoy photographs not including any photograph from the user'"'"'s photograph collection.
  - 4. The method of claim 3, wherein selecting the decoy photographs comprises selecting decoy photographs from photograph collections of other users, the photograph collections being stored in the photograph database.
  - 5. The method of claim 1, further comprising causing the display of a different photograph from the user'"'"'s photograph collection on a subsequent attempt at authentication by the user along with a plurality of decoy photographs.
  - 6. The method of claim 1, further comprising repeating the causing the display and accepting steps a predetermined number of times, causing the display of a different photograph from the user'"'"'s photograph collection among different decoy photographs each time, and allowing access only when the user correctly identifies at least some of the photographs from the user'"'"'s photograph collection that have been displayed.
  - 7. The method of claim 1, further comprising removing photographs from the user'"'"'s photograph collection in a photograph database that are similar prior to use of the user'"'"'s photograph collection for authentication.
  - 8. The method of claim 1, further comprising limiting the time available for accepting the input selection after the photographs have been displayed.
  - 9. The method of claim 1, further comprising:
    - Identifying an access device; and
      
      changing at least one of;
      
      the number of photographs displayed per display screen, the number of photographs from the user'"'"'s photograph collection displayed per display screen, and the number of display screens shown to the user requiring recognition of user photographs, based on the identified access device.
  - 10. The method of claim 1, further comprising filtering photographs from the user'"'"'s personal photograph collection to delete from consideration for use in authentication processing any photographs that are identifiable as belonging to the user.
  - 11. The method of claim 9, wherein identifying the access device comprises determining the Internet Protocol (IP) address of the access device.

12. An article comprising:
- a storage medium having a plurality of machine readable instructions, wherein when the instructions are executed by a processor, the instructions provide for authenticating a user operating an access device by causing the display, on the access device, of a plurality of photographs to the user, at least one of the photographs being selected at the time of authentication from the user'"'"'s personal collection of photographs and being already familiar to the user so that no prior training by the user is needed, the remaining displayed photographs being decoy photographs, accepting an input selection from the user identifying one of the displayed photographs, and allowing access when the user'"'"'s selection identifies the displayed photograph from the user'"'"'s personal photograph collection.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The article of claim 12, wherein instructions for causing the display of the photographs comprise instructions for causing the display of the photograph from the user'"'"'s photograph collection at a random location on the display among the decoy photographs.
  - 14. The article of claim 12, further comprising instructions for selecting the decoy photographs from a photograph database, the decoy photographs not including any photograph from the user'"'"'s photograph collection.
  - 15. The article of claim 14, wherein instructions for selecting the decoy photographs comprise instructions for selecting decoy photographs from photograph collections of other users, the photograph collections being stored in the photograph database.
  - 16. The article of claim 12, further comprising instructions for causing the display of a different photograph from the user'"'"'s photograph collection on a subsequent attempt at authentication by the user along with a plurality of decoy photographs.
  - 17. The article of claim 12, further comprising instructions for repeating the causing the display and accepting steps a predetermined number of times, causing the display of a different photograph from the user'"'"'s photograph collection among different decoy photographs each time, and allowing access only when the user correctly identifies at least some of the photographs from the user'"'"'s photograph collection that have been displayed.
  - 18. The article of claim 12, further comprising instructions for removing photographs from the user'"'"'s photograph collection in a photograph database that are similar prior to use of the user'"'"'s photograph collection for authentication.
  - 19. The article of claim 12, further comprising instructions for limiting the time available for accepting the input selection after the photographs have been displayed.
  - 20. The article of claim 12, further comprising instructions for:
    - Identifying the access device; and
      
      changing at least one of;
      
      the number of photographs displayed per display screen, the number of photographs from the user'"'"'s photograph collection displayed per display screen, and the number of display screens shown to the user requiring recognition of user photographs, based on the identified access device.

21. A system for authenticating a user of an access device comprising:
- a photograph database having a plurality of photographs from the user'"'"'s personal photograph collection and a plurality of decoy photographs;
  
  a photograph authentication module to cause the display, on the access device, of a plurality of photographs to the user, at least one of the photographs being selected from the user'"'"'s personal collection and being already familiar to the user so that no prior training by the user is needed, the remaining displayed photographs being decoy photographs, to accept an input selection from the user identifying one of the displayed photographs, and to allow access when the user'"'"'s selection identifies the displayed photograph from the user'"'"'s personal photograph collection, wherein the photograph authentication module selects, at the time of authentication, the photograph from the user'"'"'s photograph collection to be displayed on the access device.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28)
- - 22. The system of claim 21, wherein the photograph authentication module causes the display of the photograph from the user'"'"'s photograph collection at a random location on the display among the decoy photographs.
  - 23. The system of claim 21, wherein the photograph authentication module selects the decoy photographs from the photograph database, the decoy photographs not including any photograph from the user'"'"'s photograph collection.
  - 24. The system of claim 23, wherein the photograph authentication module selects the decoy photographs from photograph collections in the photograph database of other users.
  - 25. The system of claim 21, wherein the photograph authentication module causes the display of a different photograph from the user'"'"'s photograph collection on a subsequent attempt at authentication by the user along with a plurality of decoy photographs.
  - 26. The system of claim 21, further wherein the photograph authentication module removes photographs from the user'"'"'s photograph collection in the photograph database that are similar prior to use of the user'"'"'s photograph collection for authentication.
  - 27. The system of claim 21, wherein the photograph authentication module limits the time available for accepting the input selection after the photographs have been displayed.
  - 28. The system of claim 21, wherein the photograph authentication module identifies the access device;
    - and changes at least one of;
      
      the number of photographs displayed per display screen, the number of photographs from the users photograph collection displayed per display screen, and the number of display screens shown to the user requiring recognition of user photographs, based on the identified access device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Pering, Trevor A., Want, Roy, Light, John J., Sundararajan, Muralidharan
Primary Examiner(s)
Arani; Taghi T.

Application Number

US10/293,007
Publication Number

US 20040093527A1
Time in Patent Office

1,547 Days
Field of Search

713/168, 713/182, 726/2
US Class Current

713/182
CPC Class Codes

G06F 21/36 by graphic or iconic repres...

Method of authentication using familiar photographs

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Method of authentication using familiar photographs

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links