Authenticating to a computing device with a near-field communications card

US 8,880,027 B1
Filed: 12/29/2011
Issued: 11/04/2014
Est. Priority Date: 12/29/2011
Status: Active Grant

First Claim

Patent Images

1. A method performed by a computing device, the method comprising:

at the computing device, wirelessly receiving an authentication code from an authentication card via near-field communications (NFC);

providing the authentication code received wirelessly via NFC to an authentication service configured to authenticate a user of the computing device based on the authentication code; and

in response to the authentication service authenticating the user based on the authentication code received wirelessly via NFC, providing the user with access to a resource via the computing device;

wherein wirelessly receiving the authentication code from the authentication card via NFC is performed in response to the user attempting to access the resource via the computing device;

wherein the method further comprises, subsequent to providing the user with access to the resource via the computing device;

receiving a follow-up attempt request from the user to attempt to access the resource via the computing device again after a period of time;

performing a risk-based analysis to determine whether access to the resource is high-risk or low-risk; and

selectively;

allowing the user to access the resource without further use of the authentication card if the access to the resource has been determined to be low-risk by the risk-based analysis; and

prompting the user to present the authentication card for further authentication if the access to the resource has been determined to be high-risk by the risk-based analysis.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is performed by a computing device. The method includes, (a) at the computing device, wirelessly receiving an authentication code from an authentication card via near-field communications (NFC), (b) providing the authentication code received wirelessly via NFC to an authentication service configured to authenticate the user of the computing device based on the authentication code, and (c) in response to the authentication service authenticating the user based on the authentication code received wirelessly via NFC, providing the user with access to a resource via the computing device. Analogous computer program products and apparatuses are also provided described.

Citations

18 Claims

1. A method performed by a computing device, the method comprising:
- at the computing device, wirelessly receiving an authentication code from an authentication card via near-field communications (NFC);
  
  providing the authentication code received wirelessly via NFC to an authentication service configured to authenticate a user of the computing device based on the authentication code; and
  
  in response to the authentication service authenticating the user based on the authentication code received wirelessly via NFC, providing the user with access to a resource via the computing device;
  
  wherein wirelessly receiving the authentication code from the authentication card via NFC is performed in response to the user attempting to access the resource via the computing device;
  
  wherein the method further comprises, subsequent to providing the user with access to the resource via the computing device;
  
  receiving a follow-up attempt request from the user to attempt to access the resource via the computing device again after a period of time;
  
  performing a risk-based analysis to determine whether access to the resource is high-risk or low-risk; and
  
  selectively;
  
  allowing the user to access the resource without further use of the authentication card if the access to the resource has been determined to be low-risk by the risk-based analysis; and
  
  prompting the user to present the authentication card for further authentication if the access to the resource has been determined to be high-risk by the risk-based analysis.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1 wherein the authentication card is a thin, wallet-sized identification card having a photograph of the user and identifying text imprinted thereon.
  - 3. The method of claim 2 wherein:
    - the thin, wallet-sized identification card is an unpowered, passive NFC device, having a pre-assigned code associated with the user permanently encoded therein, the pre-assigned code also being stored by the authentication service; and
      
      authenticating the user includes comparing the authentication code received wirelessly via NFC to the pre-assigned code associated with the user stored by the authentication service.
  - 4. The method of claim 1 wherein:
    - the authentication card is an active NFC device, having a pre-assigned code associated with the user temporarily encoded therein, the pre-assigned code also being stored within the computing device;
      
      authenticating the user includes comparing the authentication code received wirelessly via NFC to the pre-assigned code associated with the user stored within the computing device; and
      
      the method further comprises;
      
      reassigning a new code to be associated with the user; and
      
      wirelessly sending the reassigned code to the authentication card via NFC to replace the preassigned code temporarily encoded within the authentication card to be used in a future authentication.
  - 5. The method of claim 1 wherein:
    - the authentication card is a powered, active NFC device having logic configured to dynamically calculate the authentication code based on a seed value and a predictably varying parameter;
      
      authenticating the user includes;
      
      dynamically calculating an expected code based on the seed value and the predictably varying parameter; and
      
      comparing the authentication code received wirelessly via NFC to the dynamically calculated expected code.
  - 6. The method of claim 1 wherein the computing device is a mobile telecommunications device.
  - 7. The method of claim 1 wherein the computing device is a network-connected personal computer.
  - 8. The method of claim 1 wherein:
    - the method further includes running the authentication service on the computing device to authenticate the user of the computing device based on the authentication code;
      
      the resource is a resource local to the computing device; and
      
      providing the user with access to the resource via the computing device includes permitting the user to access the resource local to the computing device.
  - 9. The method of claim 8 wherein the resource local to the computing device is a local application running on the computing device, access to the resource including access to data stored within the local application.
  - 10. The method of claim 8 wherein the resource local to the computing device is a local file stored on storage local to the computing device.
  - 11. The method of claim 1 wherein providing the authentication code to an authentication service includes sending the authentication code to a remote authentication server for remote authentication.
  - 12. The method of claim 11 wherein providing the user with access to the resource via the computing device includes displaying to the user, via a user interface local to the computing device, data from a remote data source stored on a remote data server, the remote data server being in a management domain managed by the remote authentication server.
  - 13. The method of claim 11 wherein providing the user with access to the resource via the computing device includes providing the user, via a user interface local to the computing device, with access to a remote service hosted on a remote web server, the remote web server being in a management domain managed by the remote authentication server.

14. An apparatus comprising:
- a near-field communications (NFC) transceiver;
  
  a processor; and
  
  memory, the memory storing a set of instructions, which when executed by the processor, cause the processor to perform the following operations;
  
  wirelessly receiving, via the NFC transceiver, an authentication code from an authentication card;
  
  providing the authentication code received wirelessly via the NFC transceiver to an authentication service configured to authenticate a user of the apparatus based on the authentication code; and
  
  in response to authenticating the user based on the authentication code received wirelessly via the NFC transceiver, providing the user with access to a resource via the apparatus;
  
  wherein the set of instructions, when executed by the processor, cause the processor to wirelessly receive the authentication code from the authentication card via the NFC transceiver in response to the user attempting to access the resource via the apparatus;
  
  wherein the set of instructions stored within memory, when executed by the processor, further cause the processor to, upon receiving a follow-up attempt request from the user to attempt to access the resource via the computing device again after a period of time;
  
  perform a risk-based analysis to determine whether access to the resource is high-risk or low-risk; and
  
  selectively;
  
  allow the user to access the resource without further use of the authentication card if the access to the resource has been determined to be low-risk by the risk-based analysis; and
  
  prompt the user to present the authentication card for further authentication if the access to the resource has been determined to be high-risk by the risk-based analysis.
- View Dependent Claims (15, 16, 17)
- - 15. The apparatus of claim 14 wherein:
    - the apparatus further comprises;
      
      a wireless network interface configured to connect to a remote authentication server and a remote file server via a wireless network, the remote authentication server providing the authentication service, the remote file server storing a remote file as the resource, the remote file server being in a management domain managed by the remote authentication server; and
      
      an embedded touch-sensitive display screen configured to display the remote file as the resource to the user once provided in response to authenticating the user; and
      
      the set of instructions, when executed by the processor, further cause the processor to send the authentication code received wirelessly via the NFC transceiver to the remote authentication server via the wireless network interface for authentication.
  - 16. The apparatus of claim 14 wherein:
    - the apparatus further comprises;
      
      local storage, the local storage storing a local file with protected access; and
      
      a display interface connected to a display screen, the display interface being configured to display on the display screen the local file as the resource to the user once provided in response to authenticating the user; and
      
      the set of instructions, when executed by the processor, further cause the processor to send the authentication code received wirelessly via the NFC transceiver to a local authentication service running on the apparatus to authenticate the user of the apparatus based on the authentication code.
  - 17. The apparatus of claim 16 wherein:
    - the apparatus further comprises;
      
      a network interface configured to connect to a remote authentication server via a network;
      
      local storage, the local storage storing a local file with protected access; and
      
      a display interface connected to a display screen, the display interface being configured to display on the display screen the local file as the resource to the user once provided in response to authenticating the user; and
      
      the set of instructions, when executed by the processor, further cause the processor to perform the following operations;
      
      sending the authentication code received wirelessly via the NFC transceiver to the remote authentication server via the network interface for authentication; and
      
      receiving a confirmation of authentication from the remote authentication server via the network interface.

18. A computer program product comprising a tangible non-transitory computer-readable storage medium storing instructions, which, when executed by a computing device, cause the computing device to perform the following operations:
- wirelessly receiving an authentication code from an authentication card via near-field communications (NFC);
  
  providing the authentication code received wirelessly via NFC to an authentication service configured to authenticate a user of the computing device based on the authentication code; and
  
  in response to the authentication service authenticating the user based on the authentication code received wirelessly via NFC, providing the user with access to a resource via the computing device;
  
  wherein the instructions, when executed by the computing device, cause the computing device to wirelessly receive the authentication code from the authentication card via NFC in response to the user attempting to access the resource via the computing device;
  
  wherein the instructions, when executed by the computing device, further cause the computing device to, upon receiving a follow-up attempt request from the user to attempt to access the resource via the computing device again after a period of time;
  
  perform a risk-based analysis to determine whether access to the resource is high-risk or low-risk; and
  
  selectively;
  
  allow the user to access the resource without further use of the authentication card if the access to the resource has been determined to be low-risk by the risk-based analysis; and
  
  prompt the user to present the authentication card for further authentication if the access to the resource has been determined to be high-risk by the risk-based analysis.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Darringer, Philip
Primary Examiner(s)
Khan, Mehmood B

Application Number

US13/339,570
Time in Patent Office

1,041 Days
Field of Search

455/410, 455/411, 455 411- 413, 455/558, 726 1- 10, 726 16- 21
US Class Current

455/411
CPC Class Codes

G06F 21/35   communicating wirelessly

H04M 1/67   by electronic means

H04M 2250/04   including near field commun...

Authenticating to a computing device with a near-field communications card

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Authenticating to a computing device with a near-field communications card

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links