User authentication method and apparatus

US 7,272,380 B2
Filed: 01/21/2004
Issued: 09/18/2007
Est. Priority Date: 01/21/2003
Status: Expired due to Fees

First Claim

Patent Images

1. A user authentication method that authenticates a user based on a graphical password input by the user, the user authentication method comprising:

determining whether the graphical password has been input;

determining whether to authenticate the user depending on whether the extent to which a location of the input graphical password matches with a reference location of a registered graphical password is within an authentication margin for a location of any input graphical password with respect to the reference location of the registered graphical password;

storing a graphical password input history if the user is not authenticated;

determining whether there has been an intrusion by referring to the graphical password input history; and

reducing the authentication margin if determined that there has been an intrusion,wherein the graphical password comprises displaying a predetermined graphical image and requiring the user to select predetermined areas of the graphical image in a predetermined sequence.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A user authentication method includes varying a threshold value for human body recognition depending on the extent to which an input graphical password matches with a registered graphical password and determining whether to authenticate a user or not based on a result of comparing the user'"'"'s human body recognition information with registered human body recognition information. Thus, it is possible to improve convenience, reliability, and security of user authentication based on a graphical password in a device, such as a PDA or other portable electronic device, not having a key manipulation unit. In addition, a biometrics unit that used to provide authentication functions and to carry out user authentication may be improved by lowering both FAR and FRR by variably setting a threshold value for biometrics depending on the result of user authentication using a graphical password.

29 Citations

View as Search Results

53 Claims

1. A user authentication method that authenticates a user based on a graphical password input by the user, the user authentication method comprising:
- determining whether the graphical password has been input;
  
  determining whether to authenticate the user depending on whether the extent to which a location of the input graphical password matches with a reference location of a registered graphical password is within an authentication margin for a location of any input graphical password with respect to the reference location of the registered graphical password;
  
  storing a graphical password input history if the user is not authenticated;
  
  determining whether there has been an intrusion by referring to the graphical password input history; and
  
  reducing the authentication margin if determined that there has been an intrusion,wherein the graphical password comprises displaying a predetermined graphical image and requiring the user to select predetermined areas of the graphical image in a predetermined sequence.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The user authentication method of claim 1, wherein the reference location of the registered graphical password is a predetermined area.
  - 3. The user authentication method of claim 1, wherein the determining whether to authenticate the user further comprises determining whether an order of received graphical passwords matches with an order of registered graphical passwords.
  - 4. The user authentication method of claim 1, wherein the determining whether there has been an intrusion comprises referring to the graphical password input history and checking if a graphical password has been input beyond a predetermined distance from the reference location of the registered graphical password.
  - 5. The user authentication method of claim 1, further comprising displaying a background picture on the screen of the terminal.
  - 6. The user authentication method of claim 1, further comprising restoring the reduced authentication margin if the determination that there has been an intrusion is cancelable based on the graphical password input history.
  - 7. A computer-readable recording medium on which a program enabling the user authentication method of claim 1 is recorded.

8. A user authentication method that authenticates a user based on biometrics information and a graphical password input by the user, the user authentication method comprising:
- determining whether the graphical password has been input;
  
  variably setting a threshold value of biometrics depending on the extent to which the input graphical password matches with a registered graphical password; and
  
  authenticating the user based on a result of comparing the user'"'"'s biometrics information with registered biometrics using the set threshold biometrics value,wherein the graphical password comprises displaying a predetermined graphical image and requiring the user to select predetermined areas of the graphical image in a predetermined sequence.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 9. The user authentication method of claim 8, wherein the variably setting the threshold value of biometrics comprises:
    - determining whether to authenticate the user depending on the extent to which the input graphical password matches with the registered graphical password; and
      
      variably setting the threshold value of biometrics depending on the extent to which the input graphical password matches with the registered graphical password.
  - 10. The user authentication method of claim 9, wherein the determining whether to authenticate the user comprises:
    - determining whether to authenticate the user depending on whether the extent to which a location of the input graphical password matches with a reference location of the registered graphical password is within an authentication margin;
      
      storing a graphical password input history if the user is not authenticated based on the input graphical password;
      
      determining whether there has been an intrusion by referring to the graphical password input history; and
      
      reducing the authentication margin if determined that there has been an intrusion.
  - 11. The user authentication method of claim 10, wherein the reference location of the registered graphical password is a predetermined area.
  - 12. The user authentication method of claim 10, wherein the determining whether to authenticate the user further comprises, determining whether an order of received graphical passwords matches with an order of registered graphical passwords.
  - 13. The user authentication method of claim 10, wherein the determining whether there has been an intrusion comprises checking if a graphical password has been input beyond a predetermined distance from the reference location of the registered graphical password.
  - 14. The user authentication method of claim 10, further comprising:
    - restoring the reduced authentication margin if the determination that there has been an intrusion is cancelable based on the graphical password input history.
  - 15. The user authentication method of claim 8, further comprising displaying a background picture on the screen of the terminal.
  - 16. The user authentication method of claim 8, further comprising:
    - storing a graphical password input history; and
      
      determining whether there has been an intrusion by referring to the graphical password input history if the user is not authenticated.
  - 17. The user authentication method of claim 16, further comprising:
    - storing an intruder'"'"'s biometrics if determined that there has been an intrusion, wherein the user is authenticated depending on a result of comparing the user'"'"'s biometrics information with the stored intruder'"'"'s biometrics information.
  - 18. The user authentication method of claim 8, further comprising:
    - storing a graphical password input history; and
      
      varying a variation range of the threshold value using the graphical password input history if the user is not authenticated.
  - 19. The user authentication method of claim 18, wherein, the variation range of the threshold value is varied so as to increase the level of security if an incorrect graphical password has been input at least n times.
  - 20. The user authentication method of claim 19, wherein the varying the variation range o the threshold value comprises restoring the varied variation range of the threshold value if the graphical password has been input m times or more correctly since the variation range of the threshold value was varied.
  - 21. The user authentication method of claim 8, further comprising:
    - adding/renewing an authentication key if the user is authenticated.
  - 22. The user authentication method of claim 21, wherein, the authentication key is added/renewed only when the input graphical password matches with the registered graphical password and the user is authenticated.
  - 23. The user authentication method of claim 21, wherein in step (h), the authentication key is added/renewed only when the user is authenticated and the extent to which the user'"'"'s biometrics information matches with the registered biometrics information is larger than a predetermined threshold value.
  - 24. A computer-readable recording medium on which a program enabling the user authentication method of claim 8 is recorded.

25. A user authentication apparatus that authenticates a user based on a graphical password input by the user, the user authentication apparatus comprising:
- a graphical password input unit which determines whether the graphical password has been input;
  
  a control unit which authenticates the user depending on whether the extent to which a location of the input graphical password matches with a reference location of a registered graphical password is within an authentication margin for a location of any input graphical password with respect to the reference location of the registered graphical password;
  
  a storage unit which stores the registered graphical password and stores a graphical password input history if the user is not authenticated; and
  
  a graphical password input history analysis unit which determines whether an intrusion occurred by referring to the graphical password input history,wherein the control unit reduces the authentication margin of the location of any input graphical password with respect to the reference location of the registered graphical password if the graphical password input history analysis unit determines that there has been an intrusion, andwherein the graphical password comprises a predetermined graphical image on a display where the user selects predetermined areas of the graphical image in a predetermined sequence.
- View Dependent Claims (26, 27, 28, 29, 30)
- - 26. The user authentication apparatus of claim 25, wherein the reference location of the registered graphical password is a predetermined area.
  - 27. The user authentication apparatus of claim 25, wherein the control unit determines whether to authenticate the user depending on whether graphical passwords have been input in a right order.
  - 28. The user authentication apparatus of claim 25, wherein the graphical password input history analysis unit determines that there has been an intrusion if a graphical password has been input beyond a predetermined distance from the reference location of the registered graphical password.
  - 29. The user authentication apparatus of claim 25, further comprising a display unit which displays a background picture on the screen of the terminal.
  - 30. The user authentication apparatus of claim 25, wherein the control unit resets the reduced authentication margin if the determination that there has been an intrusion is cancelable based on the graphical password input history.

31. A user authentication apparatus that authenticates a user based on biometrics information and a graphical password input by the user, the user authentication apparatus comprising:
- a graphical password input unit which determines whether the graphical password has been input;
  
  a storage unit which stores registered graphical password and registered biometrics information;
  
  a control unit which variably sets a threshold value of biometrics depending on the extent to which the input graphical password matches with the registered graphical password; and
  
  a biometrics unit which authenticates the user based on a result of comparing the user'"'"'s biometrics information input from the outside with registered biometrics,wherein the graphical password comprises a predetermined graphical image on a display where the user selects predetermined areas of the graphical image in a predetermined sequence.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
- - 32. The user authentication apparatus of claim 31, wherein the control unit determines whether to authenticate the user, depending on the extent to which the input graphical password matches with the registered graphical password, and variably sets the threshold value for living body recognition, depending on the extent to which the input graphical password matches with the registered graphical password.
  - 33. The user authentication apparatus of claim 32, wherein the control unit determines whether to authenticate the user, depending on whether the extent to which a location of the input graphical password matches with a reference location of the registered graphical password is within an authentication margin, determines whether there has been an intrusion by referring to the graphical password input history, and reduces the authentication margin if determined that there has been an intrusion, and the storage unit stores the graphical password input history if the user is not authenticated based on the input graphical password.
  - 34. The user authentication apparatus of claim 33, wherein the reference location of the registered graphical password is a predetermined area.
  - 35. The user authentication apparatus of claim 33, wherein the control unit determines whether to authenticate the user depending on whether an order of received graphical passwords matches with an order of registered graphical passwords.
  - 36. The user authentication apparatus of claim 33, wherein the control unit determines that there has been an intrusion if the graphical password has been input beyond a predetermined distance from the reference location of the registered graphical password.
  - 37. The user authentication apparatus of claim 33, wherein the control unit restores the reduced authentication margin if the determination that there has been an intrusion is considered as being cancelable based on the graphical password input history.
  - 38. The user authentication apparatus of claim 31, further comprising a display unit which displays a background picture on the screen of the terminal.
  - 39. The user authentication apparatus of claim 31, wherein the storage unit stores the graphical password input history, and the control unit determines whether there has been an intrusion by referring to the graphical password input history if the user is not authenticated.
  - 40. The user authentication apparatus of claim 39, wherein the storage unit stores an intruder'"'"'s biometrics if the graphical password input history analysis unit determines that there has been an intrusion, and the biometrics unit determines whether to authenticate the user depending on a result of comparing the user'"'"'s biometrics information with the intruder'"'"'s biometrics information stored in the storage unit.
  - 41. The user authentication apparatus of claim 31, wherein the storage unit stores the graphical password input history, and the control unit varies a variation range of the threshold value using the graphical password input history if the user is not authenticated.
  - 42. The user authentication apparatus of claim 41, wherein the control unit varies the variation range of the threshold value so as to increase the level of security if an incorrect graphical password has been input n times or more.
  - 43. The user authentication apparatus of claim 42, wherein the control unit restores the varied variation range of the threshold value if a right graphical password has been input m times or more since the variation range of the threshold value was varied.
  - 44. The user authentication apparatus of claim 31, wherein an authentication key is added/renewed if the user is authenticated by the biometrics unit.
  - 45. The user authentication apparatus of claim 44, wherein the authentication key is added/renewed only when the user is authenticated by the biometrics unit and the input graphical password matches with the registered graphical password.
  - 46. The user authentication apparatus of claim 44, wherein the authentication key is added/renewed only when the user is authenticated and the extent to which the user'"'"'s biometrics information matches with the registered biometrics information is larger than a predetermined threshold value.

47. A user authentication method, comprising:
- comparing an input graphical password to a registered graphical password and outputting a valid result when the input graphical password is within a predetermined proximity window of the registered graphical password and outputting an invalid result when the input graphical password is outside the predetermined proximity window of the registered graphical password, wherein the user is authenticated when the valid result is output; and
  
  adjusting the predetermined proximity window, wherein the predetermined proximity window is decreased when the invalid result is output,wherein the graphical password comprises displaying a predetermined graphical image and requiring the user to select predetermined areas of the graphical image in a predetermined sequence.
- View Dependent Claims (48, 49, 50, 51)
- - 48. The method of claim 47, further comprising:
    - comparing the users input biometric information to registered biometric information using a predetermined threshold level which corresponds to a predetermined false acceptance rate and a predetermined false rejection rate.
  - 49. The method of claim 48, wherein the predetermined threshold level is set so that the false rejection rate is reduced when the valid result is output and the false acceptance rate is reduced when the invalid result is output.
  - 50. The method of claim 48, further comprising:
    - counting a number of invalid result outputs; and
      
      storing the user'"'"'s biometric information as intruder biometric information when the number exceeds a predetermined intruder count level.
  - 51. The method of claim 50, further comprising:
    - comparing the user'"'"'s biometric information to the intruder biometric information and blocking the user when there is a match.

52. A user authentication apparatus, comprising:
- a graphical password input unit which receives a graphical password input by a user, wherein a key manipulation unit is not used to input the graphical password;
  
  a storage unit which stores registered graphical password and registered biometrics information corresponding to authorized users;
  
  a control unit which variably sets a threshold biometrics value depending on the degree to which the input graphical password is proximate to the registered graphical password; and
  
  a biometrics unit which reads the user'"'"'s biometrics information and authenticates the user based on a result of comparing the user'"'"'s biometrics information with the registered biometrics using the set threshold biometrics value,wherein the graphical password comprises a predetermined graphical image on a display where the user selects predetermined areas of the graphical image in a predetermined sequence.
- View Dependent Claims (53)
- - 53. The apparatus of claim 52, wherein the control unit sets the threshold biometrics value to lower a false acceptance rate when the input graphical password is outside a predetermined proximity area of the registered graphical password and sets the threshold biometrics value to lower a false rejection rate when the input graphical password is within the predetermined proximity area of the registered graphical password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
Hwang, Eui-hyeon, Lee, Jong-ha
Primary Examiner(s)
Tran; CongVan

Application Number

US10/760,555
Publication Number

US 20040219902A1
Time in Patent Office

1,336 Days
Field of Search

455/410, 455/411, 455/414.1, 340/5.82, 340/5.85, 340/5.81, 340/5.52
US Class Current

455/410
CPC Class Codes

G06F 21/32 using biometric data, e.g. ...

G06F 21/36 by graphic or iconic repres...

User authentication method and apparatus

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

29 Citations

53 Claims

Specification

Solutions

Use Cases

Quick Links

User authentication method and apparatus

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

29 Citations

53 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links