Systems for intelligent authentication based on proximity

US 8,498,618 B2
Filed: 08/22/2011
Issued: 07/30/2013
Est. Priority Date: 06/22/2009
Status: Active Grant

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A unitary mobile apparatus comprising:

a Bluetooth transceiver,whereby said unitary mobile apparatus can establish a secure two-way wireless connection with a second apparatus;

whereby said unitary mobile apparatus stores user authentication credentials in a memory onboard said unitary mobile apparatus;

whereby upon receipt of a first transformation directive from said second apparatus,if a drop in a Bluetooth signal between said second apparatus and said unitary mobile apparatus was not detected since the last time the user authentication credentials were transmitted to said second apparatus,said unitary mobile apparatus automatically encrypts the user authentication credentials using at least one first encryption function corresponding to said first transformation directive and transmits the encrypted user authentication credentials to said second apparatus wirelessly,whereby no pass code is requested,

wherein the at least one first encryption function is selected from the group consisting of symmetric key encryption function and asymmetric key encryption function; and

if a drop in a Bluetooth signal between said second apparatus and said unitary mobile apparatus was detected since the last time the user authentication credentials were transmitted to said second apparatus,a pass code is requested.

View all claims

2 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

A method and apparatus for intelligent authentication based on proximity and using a short wireless device.

The method checks if the user captured a PIN code recently and if no signal drop was detected since the last PIN capture. It obtains user data from a unitary short wireless device and authenticates it.

If the user PIN was not captured recently, or if a signal drop was recently detected, the user is asked to enter a PIN code.

Citations

20 Claims

1. A unitary mobile apparatus comprising:
- a Bluetooth transceiver,whereby said unitary mobile apparatus can establish a secure two-way wireless connection with a second apparatus;
  
  whereby said unitary mobile apparatus stores user authentication credentials in a memory onboard said unitary mobile apparatus;
  
  whereby upon receipt of a first transformation directive from said second apparatus,if a drop in a Bluetooth signal between said second apparatus and said unitary mobile apparatus was not detected since the last time the user authentication credentials were transmitted to said second apparatus,said unitary mobile apparatus automatically encrypts the user authentication credentials using at least one first encryption function corresponding to said first transformation directive and transmits the encrypted user authentication credentials to said second apparatus wirelessly,whereby no pass code is requested,
  
  wherein the at least one first encryption function is selected from the group consisting of symmetric key encryption function and asymmetric key encryption function; and
  
  if a drop in a Bluetooth signal between said second apparatus and said unitary mobile apparatus was detected since the last time the user authentication credentials were transmitted to said second apparatus,a pass code is requested.
- View Dependent Claims (2, 3, 4)
- - 2. The unitary mobile apparatus of claim 1 wherein:
    - upon detection of a drop in a Bluetooth signal between said unitary mobile apparatus and said second apparatus, automatically request a pass code from a user.
  - 3. The unitary mobile apparatus of claim 1 further comprising an earpiece selected from the group consisting of:
    - a foldable earpiece for voice communication,a pull-up earpiece for voice communication,a telescopic earpiece for voice communication,a rotating telescopic earpiece for voice communication,a slide earpiece for voice communication.
  - 4. The unitary mobile apparatus of claim 1 further comprising an earpiece movable relative to the body of said unitary mobile apparatus, whereby upon moving said earpiece,said unitary mobile apparatus automatically operates as a headset.

5. A unitary mobile apparatus with a volume smaller than 30 cm3, comprising:
- a memory with a capacity less than 10 Mega Bytes;
  
  a short range wireless transceiver,wherein upon pairing to a predefined number of authorized devices or upon detection of a predetermined number of unsuccessful pairing attempts, or upon passing of a predetermined period of time since a last update,said unitary mobile apparatus goes to a non-discoverable mode;
  
  whereby upon updating said unitary mobile apparatus using a computer and a data cable,said unitary mobile apparatus can go to a discoverable mode;
  
  whereby upon receipt of a connection request from a paired second apparatus,said unitary mobile apparatus establishes a secure two-way wireless connection with the paired second apparatus;
  
  whereby said unitary mobile apparatus can store at least one user code selected from the group consisting of;
  
  digital key, encrypted digital key, user information;
  
  whereby said unitary mobile apparatus can store at least one function;
  
  whereby upon receipt of a transformation directive from the paired second apparatus,identifying at least one function corresponding to said transformation directive and using it to encrypt the at least one user code and to obtain an encrypted user code,transmitting the encrypted user code to said second apparatus wirelessly;
  
  the unitary mobile apparatus further comprising a data port for flashing of one or more programs and one or more digital keys to said unitary mobile apparatus,wherein after said flashing, said unitary mobile apparatus preserves pairing to previously paired devices.

6. A unitary mobile apparatus with a volume smaller than 30 cm3, comprising:
- a memory with a capacity less than 10 Mega Bytes;
  
  a short range wireless transceiver,wherein upon pairing to a predefined number of authorized devices or upon detection of a predetermined number of unsuccessful pairing attempts, or upon passing of a predetermined period of time since a last update,said unitary mobile apparatus goes to a non-discoverable mode;
  
  whereby upon updating said unitary mobile apparatus using a computer and a data cable,said unitary mobile apparatus can qo to a discoverable mode;
  
  whereby upon receipt of a connection request from a paired second apparatus,said unitary mobile apparatus establishes a secure two-way wireless connection with the paired second apparatus;
  
  whereby said unitary mobile apparatus can store at least one user code selected from the group consisting of;
  
  digital key, encrypted digital key, user information;
  
  whereby said unitary mobile apparatus can store at least one function;
  
  whereby upon receipt of a transformation directive from the paired second apparatus,identifying at least one function corresponding to said transformation directive and using it to encrypt the at least one user code and to obtain an encrypted user code,transmitting the encrypted user code to said second apparatus wirelessly;
  
  the unitary mobile apparatus further comprising a resident firmware upgrade program for authorizing installation of new firmware,whereby upon detection of a new firmware onboard said unitary mobile apparatus, said resident firmware upgrade program authenticates said new firmware,wherein upon authentication, said resident firmware upgrade program authorizes installation of the new firmware onboard said unitary mobile apparatus.

7. A unitary mobile apparatus with a volume smaller than 30 cm3, comprising:
- a memory with a capacity less than 10 Mega Bytes;
  
  a short range wireless transceiver,wherein upon pairing to a predefined number of authorized devices or upon detection of a predetermined number of unsuccessful pairing attempts, or upon passing of a predetermined period of time since a last update,said unitary mobile apparatus goes to a non-discoverable mode;
  
  whereby upon updating said unitary mobile apparatus using a computer and a data cable,said unitary mobile apparatus can go to a discoverable mode;
  
  whereby upon receipt of a connection request from a paired second apparatus,said unitary mobile apparatus establishes a secure two-way wireless connection with the paired second apparatus;
  
  whereby said unitary mobile apparatus can store at least one user code selected from the group consisting of;
  
  digital key, encrypted digital key, user information;
  
  whereby said unitary mobile apparatus can store at least one function;
  
  whereby upon receipt of a transformation directive from the paired second apparatus,identifying at least one function corresponding to said transformation directive and using it to encrypt the at least one user code and to obtain an encrypted user code,transmitting the encrypted user code to said second apparatus wirelessly;
  
  the unitary mobile apparatus wherebyupon receipt of a signal from a microphone, encrypt said signal, send it to a paired mobile phone,wherein upon receipt of a signal from a paired mobile phone, decrypt said signal, and send it to a speaker.

8. A method comprising:
- upon receiving a user request for access onboard a first device,if a drop in a Bluetooth signal between said first device and a remote mobile apparatus was not detected during the period of time between the last time the user was granted access onboard said first device and the time of the new user request for access,said first device sends a message comprising a transformation directive to said remote mobile apparatus;
  
  whereby upon said first device obtaining a response from said remote mobile apparatus,decrypting the response using either a symmetric decryption function or public key decryption function corresponding to said transformation directive,automatically extracting authentication credentials from said response and authenticating the user using the authentication credentials,
  
  whereby no pass code is requested from the user; and
  
  wherein if a drop in a Bluetooth signal between said first device and a remote mobile apparatus was detected during the period of time between the last time the user was granted access onboard said first device and the time of the new user request for access,a pass code is requested from the user.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8 wherein upon a user activating a reset interface onboard said first device, un-pairing said remote mobile apparatus from said first device.
  - 10. The method of claim 8 comprising performing an action selected from the group consisting of:
    - using the authentication credentials to authorize access,using the authentication credentials to activate an actuator,using the authentication credentials to activate a lock,using the authentication credentials to decrypt data,using the authentication credentials to encrypt data.
  - 11. The method of claim 8 wherein:
    - If said response is not received within a predetermined time from sending a message,performing an action selected from the group consisting of;
      
      block access, logout, close a connection, conceal data, encrypt data, lock, turn off, close.
  - 12. The method of claim 8 wherein:
    - upon detection of a drop in a Bluetooth signal between said first device and a remote mobile apparatus, performing an action selected from the group consisting of;
      
      request a user code from the user, block access, logout, encrypt data, lock.
  - 13. The method of claim 8 said transformation directive identifies a first function onboard said remote mobile apparatus,wherein said first function is different from a second function corresponding to a previously received second transformation directive.
  - 14. The method of claim 8 comprising using the authentication credentials to decode data onboard said first device,wherein if said data size exceeds a predetermined size,decode a first part of said data of a predetermined size onboard said first device,upon receiving a request for more data,decode next part of said data of a predetermined size.

15. A method comprising:
- pairing with a remote unitary mobile apparatus,wherein said unitary mobile apparatus has;
  
  a short range wireless transceiver, an onboard memory with capacity less than 10 Mega Bytes, a total volume smaller than 30 cm3;
  
  whereby upon receiving a user request for access,if a Bluetooth connection drop was detected after the last time the user was authorized for access, or if the time period elapsed since the last time the user was authorized for access exceeded a predetermined period of time,request a pass code from the user and validate said pass code;
  
  send a message comprising a transformation directive to said remote unitary mobile apparatus,wherein said transformation directive identifies at least one first function for encrypting authentication credentials onboard said remote unitary mobile apparatus;
  
  upon receipt of a reply from said remote unitary mobile apparatus,apply at least one first reverse function to extract said authentication credentials from said reply,wherein said at least one first reverse function corresponds to said transformation directive;
  
  said method further comprising;
  
  connecting said remote unitary mobile apparatus to a computer using a data cable,updating data onboard said remote unitary mobile apparatus,wherein after updating data, said remote unitary mobile apparatus preserves pairing to previously paired devices.

16. A method comprising:
- pairing with a remote unitary mobile apparatus,wherein said unitary mobile apparatus has;
  
  a short range wireless transceiver, an onboard memory with capacity less than 10 Mega Bytes, a total volume smaller than 30 cm3;
  
  whereby upon receiving a user request for access,if a Bluetooth connection drop was detected after the last time the user was authorized for access, or if the time period elapsed since the last time the user was authorized for access exceeded a predetermined period of time,request a pass code from the user, validate said pass code;
  
  send a message comprising a transformation directive to said remote unitary mobile apparatus,wherein said transformation directive identifies at least one first function for encrypting authentication credentials onboard said remote unitary mobile apparatus;
  
  upon receipt of a reply from said remote unitary mobile apparatus,apply at least one first reverse function to extract said authentication credentials from said reply,wherein said at least one first reverse function corresponds to said transformation directive;
  
  said method further comprisingstoring at least one first set of access parameters corresponding to at least one first client interface,wherein upon receiving a request for authentication credentials from at least one first client interface running onboard a paired device,said remote unitary mobile apparatus automatically sends a first set of authentication credentials corresponding to said at least one first client interface.

17. A method comprising:
- pairing with a remote unitary mobile apparatus,wherein said unitary mobile apparatus has;
  
  a short range wireless transceiver, an onboard memory with capacity less than 10 Mega Bytes, a total volume smaller than 30 cm3;
  
  whereby upon receiving a user request for access,if a Bluetooth connection drop was detected after the last time the user was authorized for access, or if the time period elapsed since the last time the user was authorized for access exceeded a predetermined period of time,request a pass code from the user, validate said pass code;
  
  send a message comprising a transformation directive to said remote unitary mobile apparatus,wherein said transformation directive identifies at least one first function for encrypting authentication credentials onboard said remote unitary mobile apparatus,upon receipt of a reply from said remote unitary mobile apparatus,apply at least one first reverse function to extract said authentication credentials from said reply,wherein said at least one first reverse function corresponds to said transformation directive;
  
  said method further comprisingobtaining a second code from a user,extracting a third code from said second code,using said authentication credentials and said third code to generate a key,performing an action selected from the group consisting of;
  
  using the key to authorize access,using the key to activate an actuator,using the key to activate a lock,using the key to decrypt data,using the key to encrypt data.

18. A method for authorization comprising:
- upon receiving a user request to login to a first application onboard a first device,if a drop in a Bluetooth signal between said first device and said remote mobile apparatus was not detected during the period of time between the last time the user was logged to an application onboard said first device and the time of the new user request to login,sending a first transformation directive to a remote mobile apparatus,obtaining user information from said remote mobile apparatus, decrypting said user information and using it to generate user login parameters,wherein the decryption uses either symmetric decryption or public key decryption,logging the user to said first application using user login parameters corresponding to said first application,wherein said first application does not request any user pass code;
  
  if a drop in a Bluetooth signal between said first device and said remote mobile apparatus was detected during the period of time between the last time the user was logged to an application onboard said first device and the time of the user request for access,said first application requests a user pass code,wherein if said user pass code is authenticated,obtaining user information from a remote mobile apparatus,decrypting said user information to obtain the user login parameters, andautomatically logging the user to said first application using user login parameters corresponding to said first application.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18 wherein if the time period elapsed since the last time the user was logged in to an application onboard said first device until the current time exceeded a predetermined period of time,request a pass code from the user.
  - 20. The method of claim 18 comprising:
    - upon receiving a first request for access,searching a registry onboard said first device for a paired apparatus,if a paired apparatus is found, establish a wireless connection with a remote unitary mobile apparatus corresponding to said paired apparatus.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Optima Direct, LLC (2S Ventures, LLC)
Original Assignee
Mourad Ben Ayed
Inventors
Ben Ayed, Mourad
Primary Examiner(s)
WASHINGTON, ERIKA ALISE

Application Number

US13/214,245
Publication Number

US 20110293095A1
Time in Patent Office

708 Days
Field of Search

None
US Class Current

455/411
CPC Class Codes

G06F 21/31   User authentication

G06F 21/35   communicating wirelessly

G06F 21/572   Secure firmware programming...

H04L 63/0492   by using a location-limited...

H04L 63/083   using passwords cryptograph...

H04L 63/108   when the policy decisions a...

H04W 12/06   Authentication

H04W 12/50   Secure pairing of devices

Systems for intelligent authentication based on proximity

First Claim

2 Assignments

Litigations

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems for intelligent authentication based on proximity

First Claim

2 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links