Systems for intelligent authentication based on proximity
DCFirst Claim
Patent Images
1. A unitary mobile apparatus comprising:
- a Bluetooth transceiver,whereby said unitary mobile apparatus can establish a secure two-way wireless connection with a second apparatus;
whereby said unitary mobile apparatus stores user authentication credentials in a memory onboard said unitary mobile apparatus;
whereby upon receipt of a first transformation directive from said second apparatus,if a drop in a Bluetooth signal between said second apparatus and said unitary mobile apparatus was not detected since the last time the user authentication credentials were transmitted to said second apparatus,said unitary mobile apparatus automatically encrypts the user authentication credentials using at least one first encryption function corresponding to said first transformation directive and transmits the encrypted user authentication credentials to said second apparatus wirelessly,whereby no pass code is requested,
wherein the at least one first encryption function is selected from the group consisting of symmetric key encryption function and asymmetric key encryption function; and
if a drop in a Bluetooth signal between said second apparatus and said unitary mobile apparatus was detected since the last time the user authentication credentials were transmitted to said second apparatus,a pass code is requested.
2 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A method and apparatus for intelligent authentication based on proximity and using a short wireless device.
The method checks if the user captured a PIN code recently and if no signal drop was detected since the last PIN capture. It obtains user data from a unitary short wireless device and authenticates it.
If the user PIN was not captured recently, or if a signal drop was recently detected, the user is asked to enter a PIN code.
-
Citations
20 Claims
-
1. A unitary mobile apparatus comprising:
-
a Bluetooth transceiver, whereby said unitary mobile apparatus can establish a secure two-way wireless connection with a second apparatus; whereby said unitary mobile apparatus stores user authentication credentials in a memory onboard said unitary mobile apparatus; whereby upon receipt of a first transformation directive from said second apparatus, if a drop in a Bluetooth signal between said second apparatus and said unitary mobile apparatus was not detected since the last time the user authentication credentials were transmitted to said second apparatus, said unitary mobile apparatus automatically encrypts the user authentication credentials using at least one first encryption function corresponding to said first transformation directive and transmits the encrypted user authentication credentials to said second apparatus wirelessly, whereby no pass code is requested,
wherein the at least one first encryption function is selected from the group consisting of symmetric key encryption function and asymmetric key encryption function; andif a drop in a Bluetooth signal between said second apparatus and said unitary mobile apparatus was detected since the last time the user authentication credentials were transmitted to said second apparatus, a pass code is requested. - View Dependent Claims (2, 3, 4)
-
-
5. A unitary mobile apparatus with a volume smaller than 30 cm3, comprising:
-
a memory with a capacity less than 10 Mega Bytes; a short range wireless transceiver, wherein upon pairing to a predefined number of authorized devices or upon detection of a predetermined number of unsuccessful pairing attempts, or upon passing of a predetermined period of time since a last update, said unitary mobile apparatus goes to a non-discoverable mode; whereby upon updating said unitary mobile apparatus using a computer and a data cable, said unitary mobile apparatus can go to a discoverable mode; whereby upon receipt of a connection request from a paired second apparatus, said unitary mobile apparatus establishes a secure two-way wireless connection with the paired second apparatus; whereby said unitary mobile apparatus can store at least one user code selected from the group consisting of; digital key, encrypted digital key, user information; whereby said unitary mobile apparatus can store at least one function; whereby upon receipt of a transformation directive from the paired second apparatus, identifying at least one function corresponding to said transformation directive and using it to encrypt the at least one user code and to obtain an encrypted user code, transmitting the encrypted user code to said second apparatus wirelessly; the unitary mobile apparatus further comprising a data port for flashing of one or more programs and one or more digital keys to said unitary mobile apparatus, wherein after said flashing, said unitary mobile apparatus preserves pairing to previously paired devices.
-
-
6. A unitary mobile apparatus with a volume smaller than 30 cm3, comprising:
-
a memory with a capacity less than 10 Mega Bytes; a short range wireless transceiver, wherein upon pairing to a predefined number of authorized devices or upon detection of a predetermined number of unsuccessful pairing attempts, or upon passing of a predetermined period of time since a last update, said unitary mobile apparatus goes to a non-discoverable mode; whereby upon updating said unitary mobile apparatus using a computer and a data cable, said unitary mobile apparatus can qo to a discoverable mode; whereby upon receipt of a connection request from a paired second apparatus, said unitary mobile apparatus establishes a secure two-way wireless connection with the paired second apparatus; whereby said unitary mobile apparatus can store at least one user code selected from the group consisting of; digital key, encrypted digital key, user information; whereby said unitary mobile apparatus can store at least one function; whereby upon receipt of a transformation directive from the paired second apparatus, identifying at least one function corresponding to said transformation directive and using it to encrypt the at least one user code and to obtain an encrypted user code, transmitting the encrypted user code to said second apparatus wirelessly; the unitary mobile apparatus further comprising a resident firmware upgrade program for authorizing installation of new firmware, whereby upon detection of a new firmware onboard said unitary mobile apparatus, said resident firmware upgrade program authenticates said new firmware, wherein upon authentication, said resident firmware upgrade program authorizes installation of the new firmware onboard said unitary mobile apparatus.
-
-
7. A unitary mobile apparatus with a volume smaller than 30 cm3, comprising:
-
a memory with a capacity less than 10 Mega Bytes; a short range wireless transceiver, wherein upon pairing to a predefined number of authorized devices or upon detection of a predetermined number of unsuccessful pairing attempts, or upon passing of a predetermined period of time since a last update, said unitary mobile apparatus goes to a non-discoverable mode; whereby upon updating said unitary mobile apparatus using a computer and a data cable, said unitary mobile apparatus can go to a discoverable mode; whereby upon receipt of a connection request from a paired second apparatus, said unitary mobile apparatus establishes a secure two-way wireless connection with the paired second apparatus; whereby said unitary mobile apparatus can store at least one user code selected from the group consisting of; digital key, encrypted digital key, user information; whereby said unitary mobile apparatus can store at least one function; whereby upon receipt of a transformation directive from the paired second apparatus, identifying at least one function corresponding to said transformation directive and using it to encrypt the at least one user code and to obtain an encrypted user code, transmitting the encrypted user code to said second apparatus wirelessly; the unitary mobile apparatus whereby upon receipt of a signal from a microphone, encrypt said signal, send it to a paired mobile phone, wherein upon receipt of a signal from a paired mobile phone, decrypt said signal, and send it to a speaker.
-
-
8. A method comprising:
upon receiving a user request for access onboard a first device, if a drop in a Bluetooth signal between said first device and a remote mobile apparatus was not detected during the period of time between the last time the user was granted access onboard said first device and the time of the new user request for access, said first device sends a message comprising a transformation directive to said remote mobile apparatus; whereby upon said first device obtaining a response from said remote mobile apparatus, decrypting the response using either a symmetric decryption function or public key decryption function corresponding to said transformation directive, automatically extracting authentication credentials from said response and authenticating the user using the authentication credentials,
whereby no pass code is requested from the user; andwherein if a drop in a Bluetooth signal between said first device and a remote mobile apparatus was detected during the period of time between the last time the user was granted access onboard said first device and the time of the new user request for access, a pass code is requested from the user. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
15. A method comprising:
-
pairing with a remote unitary mobile apparatus, wherein said unitary mobile apparatus has; a short range wireless transceiver, an onboard memory with capacity less than 10 Mega Bytes, a total volume smaller than 30 cm3; whereby upon receiving a user request for access, if a Bluetooth connection drop was detected after the last time the user was authorized for access, or if the time period elapsed since the last time the user was authorized for access exceeded a predetermined period of time, request a pass code from the user and validate said pass code; send a message comprising a transformation directive to said remote unitary mobile apparatus, wherein said transformation directive identifies at least one first function for encrypting authentication credentials onboard said remote unitary mobile apparatus; upon receipt of a reply from said remote unitary mobile apparatus, apply at least one first reverse function to extract said authentication credentials from said reply, wherein said at least one first reverse function corresponds to said transformation directive; said method further comprising; connecting said remote unitary mobile apparatus to a computer using a data cable, updating data onboard said remote unitary mobile apparatus, wherein after updating data, said remote unitary mobile apparatus preserves pairing to previously paired devices.
-
-
16. A method comprising:
-
pairing with a remote unitary mobile apparatus, wherein said unitary mobile apparatus has; a short range wireless transceiver, an onboard memory with capacity less than 10 Mega Bytes, a total volume smaller than 30 cm3; whereby upon receiving a user request for access, if a Bluetooth connection drop was detected after the last time the user was authorized for access, or if the time period elapsed since the last time the user was authorized for access exceeded a predetermined period of time, request a pass code from the user, validate said pass code; send a message comprising a transformation directive to said remote unitary mobile apparatus, wherein said transformation directive identifies at least one first function for encrypting authentication credentials onboard said remote unitary mobile apparatus; upon receipt of a reply from said remote unitary mobile apparatus, apply at least one first reverse function to extract said authentication credentials from said reply, wherein said at least one first reverse function corresponds to said transformation directive; said method further comprising storing at least one first set of access parameters corresponding to at least one first client interface, wherein upon receiving a request for authentication credentials from at least one first client interface running onboard a paired device, said remote unitary mobile apparatus automatically sends a first set of authentication credentials corresponding to said at least one first client interface.
-
-
17. A method comprising:
-
pairing with a remote unitary mobile apparatus, wherein said unitary mobile apparatus has; a short range wireless transceiver, an onboard memory with capacity less than 10 Mega Bytes, a total volume smaller than 30 cm3; whereby upon receiving a user request for access, if a Bluetooth connection drop was detected after the last time the user was authorized for access, or if the time period elapsed since the last time the user was authorized for access exceeded a predetermined period of time, request a pass code from the user, validate said pass code; send a message comprising a transformation directive to said remote unitary mobile apparatus, wherein said transformation directive identifies at least one first function for encrypting authentication credentials onboard said remote unitary mobile apparatus, upon receipt of a reply from said remote unitary mobile apparatus, apply at least one first reverse function to extract said authentication credentials from said reply, wherein said at least one first reverse function corresponds to said transformation directive; said method further comprising obtaining a second code from a user, extracting a third code from said second code, using said authentication credentials and said third code to generate a key, performing an action selected from the group consisting of; using the key to authorize access, using the key to activate an actuator, using the key to activate a lock, using the key to decrypt data, using the key to encrypt data.
-
-
18. A method for authorization comprising:
- upon receiving a user request to login to a first application onboard a first device,
if a drop in a Bluetooth signal between said first device and said remote mobile apparatus was not detected during the period of time between the last time the user was logged to an application onboard said first device and the time of the new user request to login, sending a first transformation directive to a remote mobile apparatus, obtaining user information from said remote mobile apparatus, decrypting said user information and using it to generate user login parameters, wherein the decryption uses either symmetric decryption or public key decryption, logging the user to said first application using user login parameters corresponding to said first application, wherein said first application does not request any user pass code; if a drop in a Bluetooth signal between said first device and said remote mobile apparatus was detected during the period of time between the last time the user was logged to an application onboard said first device and the time of the user request for access, said first application requests a user pass code, wherein if said user pass code is authenticated, obtaining user information from a remote mobile apparatus, decrypting said user information to obtain the user login parameters, and automatically logging the user to said first application using user login parameters corresponding to said first application. - View Dependent Claims (19, 20)
- upon receiving a user request to login to a first application onboard a first device,
Specification