Method for facilitating authentication using proximity

US 8,625,796 B1
Filed: 11/30/2012
Issued: 01/07/2014
Est. Priority Date: 11/30/2012
Status: Expired due to Fees

First Claim

Patent Images

1. A method for facilitating authentication comprising:

a first application runs onboard a first mobile device and obtains a first set of configuration parameters,whereby upon a user requesting an operation from a second application onboard a second terminal,if the distance between said second terminal and said first mobile device has stayed below a predetermined threshold during a recent period of time;

said second application automatically obtains a second set of configuration parameters from said first application using wireless communication,wherein said second set of configuration parameters corresponds to said first set of configuration parameters,

whereby upon authentication of said second set of configuration parameters, the user is authorized to perform the operation,whereby said second application does not request credentials from the user,wherein the recent period of time spans between the last time an application onboard said second terminal obtained configuration parameters from said first mobile device and the current time;

whereby if the distance between said second terminal and said first mobile device has exceeded a distance threshold during the recent period of time;

the user is requested to enter credentials selected from the group consisting of;

pass code, pass phrase, gesture, voice command, finger print, wherein the operation is selected from the group consisting of;

login, authorize payment, authorize access;

whereby if the second application is active,if the distance between said first mobile device and said second terminal exceeds a distance threshold;

said second application determines the current location information using a means selected from the group consisting of;

GPS, Wi-Fi triangulation, cell tower,

whereby if the current location is within a predetermined geo-location, said second application performs an action selected from the group consisting of;

no action, log out, revoke authentication, revoke a user token, cancel a transaction, lock a device, play a long sound file,

whereby if the current location is outside a predetermined geo-location, said second application performs an action selected from the group consisting of;

log out, revoke authentication, revoke a user token, cancel a transaction, play a long sound file, lock a device, play a long sound file, issue an audible alert, call a mobile phone and issue a message, encrypt data, delete data, delete said second application, clear memory, send an email message comprising the current location information, send a Short Message Service message comprising the current location information, send a message comprising the current location information to a remote server.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for facilitating authentication enables to automatically log the user to an application multiple times as long as the user has not left proximity of the terminal since the last successful login.

Citations

20 Claims

1. A method for facilitating authentication comprising:
- a first application runs onboard a first mobile device and obtains a first set of configuration parameters,whereby upon a user requesting an operation from a second application onboard a second terminal,if the distance between said second terminal and said first mobile device has stayed below a predetermined threshold during a recent period of time;
  
  said second application automatically obtains a second set of configuration parameters from said first application using wireless communication,wherein said second set of configuration parameters corresponds to said first set of configuration parameters,
  
  whereby upon authentication of said second set of configuration parameters, the user is authorized to perform the operation,whereby said second application does not request credentials from the user,wherein the recent period of time spans between the last time an application onboard said second terminal obtained configuration parameters from said first mobile device and the current time;
  
  whereby if the distance between said second terminal and said first mobile device has exceeded a distance threshold during the recent period of time;
  
  the user is requested to enter credentials selected from the group consisting of;
  
  pass code, pass phrase, gesture, voice command, finger print, wherein the operation is selected from the group consisting of;
  
  login, authorize payment, authorize access;
  
  whereby if the second application is active,if the distance between said first mobile device and said second terminal exceeds a distance threshold;
  
  said second application determines the current location information using a means selected from the group consisting of;
  
  GPS, Wi-Fi triangulation, cell tower,
  
  whereby if the current location is within a predetermined geo-location, said second application performs an action selected from the group consisting of;
  
  no action, log out, revoke authentication, revoke a user token, cancel a transaction, lock a device, play a long sound file,
  
  whereby if the current location is outside a predetermined geo-location, said second application performs an action selected from the group consisting of;
  
  log out, revoke authentication, revoke a user token, cancel a transaction, play a long sound file, lock a device, play a long sound file, issue an audible alert, call a mobile phone and issue a message, encrypt data, delete data, delete said second application, clear memory, send an email message comprising the current location information, send a Short Message Service message comprising the current location information, send a message comprising the current location information to a remote server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 whereby:
    - upon a user requesting an operation in a third application;
      
      if said third application determines that a Bluetooth signal between said first mobile device and a third terminal used for running said third application has stayed above a predetermined threshold during a recent period of time;
      
      the user is authorized to perform the operation,whereby said third application does not request credentials from the user,whereby if the Bluetooth signal between said first mobile device and said third terminal dropped below a predetermined threshold during the recent period of time;
      
      said third application requests credentials from the user,
      
      wherein said third terminal can be distinct from said second terminal,
      
      wherein said third application can be distinct from said second application.
  - 3. The method of claim 1 whereby:
    - said first mobile device is selected from the group consisting of;
      
      a Bluetooth keychain, a Bluetooth bracelet, a Bluetooth badge, a Bluetooth watch;
      
      whereby said first mobile device obtains said first set of configuration parameters from a remote server through a relay application,whereby said relay application runs in a browser on a third device,whereby said third device connects to said remote server using TCP/IP,whereby said third device connects to said first mobile device using Bluetooth short wireless communication,whereby said first mobile device stores said first set of configuration parameters in a flash memory onboard said first mobile device.
  - 4. The method of claim 1 whereby:
    - said first application and said second application generate a shared secret key using Diffie-Hellman algorithm,whereby said shared secret key is different from a previously generated shared secret key,whereby said first application uses said shared secret key to encrypt data comprising at least a part of said first set of configuration parameters,whereby said second application uses said shared secret key to decrypt the encrypted data.
  - 5. The method of claim 1 whereby:
    - upon said first application receiving a request,said first application generates a one-time password using a method selected from the group consisting of;
      
      run a third party one-time password API, call a one-time password function;
      
      whereby said first application sends said one-time password to said second application using Bluetooth short wireless communication,whereby a remote server authenticates said one-time password.
  - 6. The method of claim 1 comprising:
    - displaying a challenge question,wherein the displayed challenge question is different from a previously displayed challenge question,whereby said second application sends a challenge question identifier corresponding to the displayed challenge question to said first application,whereby if said first mobile device obtains a user response, said first application authenticates the user response,whereby if the user response is not authenticated,said first application performs an action selected from the group consisting of;
      
      close, issue an audible alert, log out, delete application, clear memory, block communication,
      
      wherein the user response is selected from the group consisting of;
      
      a voice response to a challenge question, a phrase, a fingerprint, an iris scan, a photo capture.
  - 7. The method of claim 1 whereby:
    - upon the user requesting access to a second application onboard said second terminal;
      
      if said second terminal cannot connect to said first mobile device using Bluetooth short wireless communication, said second terminal automatically connects to a third mobile device using Bluetooth short wireless communication,whereby said second application obtains the user credentials from said third mobile device,wherein said third mobile device is distinct from said first mobile device.
  - 8. The method of claim 1 whereby:
    - said second application generates a user report, wherein the user report provides document compliance with U.S. Food and Drug Administration requirements.
  - 9. The method of claim 1 comprising:
    - a remote server storing at least one first set of configuration parameters,wherein said first set of configuration parameters comprises authentication data selected from the group consisting of;
      
      user credentials, user certificates, user keys, user account information, commands, one time password function, user rules,whereby said first set of configuration parameters comprises a set of authorized terminal identifiers;
      
      whereby said first application authenticates said second terminal using said set of authorized terminal identifiers,wherein said set of authorized terminal identifiers is obtained from said remote server.

10. A method for facilitating authentication comprising:
- a first application runs onboard a first mobile device and obtains a first set of configuration parameters,whereby upon a user requesting an operation from a second application onboard a second terminal,if the distance between said second terminal and said first mobile device has stayed below a predetermined threshold during a recent period of time;
  
  said second application automatically obtains a second set of configuration parameters from said first application using wireless communication,wherein said second set of configuration parameters corresponds to said first set of configuration parameters,
  
  whereby upon authentication of said second set of configuration parameters,the user is authorized to perform the operation,whereby said second application does not request credentials from the user,wherein the recent period of time spans between the last time an application onboard said second terminal obtained configuration parameters from said first mobile device and the current time,
  
  wherein the operation is selected from the group consisting of;
  
  login, authorize payment, authorize access,
  
  wherein said credentials are selected from the group consisting of;
  
  pass code, pass phrase, gesture, voice command, finger print;
  
  whereby if said second application determines the distance between said second terminal and said first mobile device exceeded a predetermined threshold during the recent period of time;
  
  said second application requests credentials from the user.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method of claim 10 whereby:
    - upon a user requesting an operation in a third application onboard said second terminal,if said second application determines that a Bluetooth signal between said second terminal and said first mobile device has stayed above a predetermined threshold during a recent period of time;
      
      the user is authorized to perform the operation,whereby said third application does not request credentials from the user;
      
      whereby if the Bluetooth signal between said second terminal and said first mobile device dropped below a predetermined threshold during the recent period of time;
      
      said third application requests credentials from the user,wherein said third application is distinct from said second application.
  - 12. The method of claim 10 whereby:
    - upon a user requesting an operation in a third application onboard a third terminal;
      
      if said third application determines that a Bluetooth signal between said third terminal and said first mobile device has stayed above a predetermined threshold during a recent period of time;
      
      the user is authorized to perform the operation,whereby said third application does not request credentials from the user,whereby if the Bluetooth signal between said third terminal and said first mobile device dropped below a predetermined threshold during the recent period of time;
      
      said third application requests credentials from the user,wherein said third terminal is distinct from said second terminal.
  - 13. The method of claim 10 whereby:
    - if the second application is active,if the Bluetooth signal between said first mobile device and said second terminal drops below a predetermined threshold;
      
      said second application performs an action selected from the group consisting of;
      
      log out, revoke authentication, revoke a user token, cancel a transaction, lock a device, play a long sound file, issue an audible alert, call a mobile phone and issue a message, encrypt data, delete data, delete said second application, clear memory, send an email message comprising the current location information, send a Short Message Service message comprising the current location information, send a message comprising the current location information to a remote server.
  - 14. The method of claim 10 whereby:
    - upon said first application receiving a request, said first application generates a one-time password using a method selected from the group consisting of;
      
      run a third party one-time password API, call a one-time password function;
      
      whereby said first application sends said one-time password to said second application using Bluetooth short wireless communication,whereby a remote server authenticates said one-time password.
  - 15. The method of claim 10 whereby:
    - said second application generates a user report, wherein the user report provides document compliance with U.S. Food and Drug Administration requirements.
  - 16. The method of claim 10 whereby:
    - upon a user requesting an operation in a second application;
      
      if the recent period of time exceeded a predetermined threshold, said second application requests credentials from said user.
  - 17. The method of claim 10 whereby:
    - said second application verifies the Bluetooth signal is above a predetermined threshold only if user input is not detected for a predetermined period of time,wherein user input is selected from the group consisting of;
      
      typing on a keyboard, touching a screen, moving a mouse.

18. A method for facilitating authentication comprising:
- a first application runs onboard a first mobile device and obtains a first set of configuration parameters from a remote server,whereby said first mobile device connects to said remote server using a cellular data service,wherein said first set of configuration parameters comprises authentication data selected from the group consisting of;
  
  user credentials, user certificates, keys, account information, commands, one time password function,whereby said first set of configuration parameters comprises a set of authorized terminal identifiers;
  
  whereby upon a user requesting an operation from a second application onboard a second terminal,if a Bluetooth signal between said first mobile device and said second terminal has stayed above a predetermined threshold during a recent period of time;
  
  said second application requests information from said first application using Bluetooth short wireless communication,whereby said first application authenticates said second terminal using said set of authorized terminal identifiers,
  
  wherein said set of authorized terminal identifiers is obtained from said remote server,whereby upon successful authentication,
  
  said second application automatically obtains a second set of configuration parameters from said first application,wherein said second set of configuration parameters corresponds to said first set of configuration parameters,
  
  whereby upon authentication of said second set of configuration parameters,the user is authorized to perform the operation,
  
  wherein said second application does not request credentials from the user,
  
  wherein the recent period of time spans between the last time an application onboard said second terminal obtained configuration parameters from said first mobile device and the current time,
  
  wherein said credentials are selected from the group consisting of;
  
  pass code, pass phrase, gesture, voice command, finger print,
  
  wherein the operation is selected from the group consisting of;
  
  login, authorize payment, authorize access;
  
  whereby if the Bluetooth signal between said first mobile device and said second terminal has dropped below a predetermined threshold during the recent period of time;
  
  said second application requests credentials from the user.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18 whereby:
    - when said second application authorizes a user,if said first mobile device is outside a predetermined distance from said second terminal, said second application determines the current location information using a means selected from the group consisting of;
      
      GPS, Wi-Fi triangulation, cell tower,whereby if the current location is within a predetermined zone,said second application performs an action selected from the group consisting of;
      
      no action, log out, revoke authentication, revoke a user token, cancel a transaction, lock a device, play a long sound file,whereby if the current location is outside a predetermined zone,said second application performs an action selected from the group consisting of;
      
      log out, revoke authentication, revoke a user token, cancel a transaction, lock a device, play a long sound file, issue an audible alert, call a mobile phone and issue a message, encrypt data, delete data, delete said second application, clear memory, send an email message comprising the current location information, send a Short Message Service message comprising the current location information, send a message comprising the current location information to a remote server.
  - 20. The method of claim 18 whereby:
    - upon a user requesting an operation in a third application onboard said second terminal,if said second application determines that a Bluetooth signal between said second terminal and said first mobile device has stayed above a predetermined threshold during a recent period of time;
      
      the user is authorized to perform the operation,whereby said third application does not request credentials from the user,whereby if the Bluetooth signal between said second terminal and said first mobile device dropped below a predetermined threshold during the recent period of time;
      
      said third application requests credentials from the user,wherein said third application is distinct from said second application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Optima Direct, LLC (2S Ventures, LLC)
Original Assignee
Mourad Ben Ayed
Inventors
Ben Ayed, Mourad
Primary Examiner(s)
Zecher, Cordelia

Application Number

US13/689,760
Time in Patent Office

403 Days
Field of Search

None
US Class Current

380/258
CPC Class Codes

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04W 12/068   using credential vaults, e....

H04W 12/33   using wearable devices, e.g...

H04W 12/64   using geofenced areas

H04W 12/68   Gesture-dependent or behavi...

Method for facilitating authentication using proximity

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method for facilitating authentication using proximity

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links