Authentication based on proximity to mobile device
First Claim
1. A computer-readable storage medium storing computer software instructions executable by one or more data processing apparatus which, upon such execution, cause the one or more data processing apparatus to perform operations comprising:
- receiving, at a computer system, user input entered by a user through a user interface of the computer system;
determining, based on the user input, that the user has successfully completed an authentication factor for gaining access to the computer system;
receiving position data that includes (i) first GPS position data that specifies a position of a mobile computing device associated with the user, and (ii) second GPS position data that specifies a position of the computer system;
determining a distance between the position of the mobile computing device specified by the first GPS position data and the position of the computer system specified by the second GPS position data;
determining that the distance does not exceed a maximum threshold distance;
authenticating, by the computer system, the user for the access to the computer system based at least on determining that;
(i) the user has successfully completed the authentication factor, and(ii) the determined distance does not exceed the maximum threshold distance; and
in response to authenticating the user, providing the user access to a second user interface of the computer system.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for performing multi-factor authentication. In one aspect, a method includes determining that a user has successfully completed an authentication factor, determining whether a mobile device associated with the user is proximate to a computer; and authenticating the user based on determining that the user has successfully completed the authentication factor, and that the mobile device is proximate to the computer.
245 Citations
27 Claims
-
1. A computer-readable storage medium storing computer software instructions executable by one or more data processing apparatus which, upon such execution, cause the one or more data processing apparatus to perform operations comprising:
-
receiving, at a computer system, user input entered by a user through a user interface of the computer system; determining, based on the user input, that the user has successfully completed an authentication factor for gaining access to the computer system; receiving position data that includes (i) first GPS position data that specifies a position of a mobile computing device associated with the user, and (ii) second GPS position data that specifies a position of the computer system; determining a distance between the position of the mobile computing device specified by the first GPS position data and the position of the computer system specified by the second GPS position data; determining that the distance does not exceed a maximum threshold distance; authenticating, by the computer system, the user for the access to the computer system based at least on determining that; (i) the user has successfully completed the authentication factor, and (ii) the determined distance does not exceed the maximum threshold distance; and in response to authenticating the user, providing the user access to a second user interface of the computer system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system comprising:
-
one or more computers; and a computer-readable storage medium storing computer software instructions executable by the one or more computers which, upon such execution, cause the one or more computers to perform operations comprising; receiving, at a computer system, user input entered by a user through a user interface of the computer system; determining, based on the user input, that the user has successfully completed an authentication factor for gaining access to the computer system; accessing data specifying predetermined days or times when a mobile computing device is permitted to be used in authenticating the user; determining that a current day or a current time is within one of the predetermined days or times when the mobile computing device is permitted to be used to authenticate the user; receiving position data that specifies (i) a position of the mobile computing device associated with the user, and (ii) a position of the computer system; determining a distance between the position of the mobile computing device and the position of the computer system; determining that the distance does not exceed a maximum threshold distance; and authenticating, by the computer system, the user for the access to the computer system based at least on determining that; (i) the user has successfully completed the authentication factor, (ii) the current day or the current time is within one of the predetermined days or times when the mobile computing device is permitted to be used to authenticate the user, and (iii) the determined distance does not exceed the maximum threshold distance. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A computer-implemented method comprising:
-
receiving, at a computer system, user input entered by a user through a user interface of the computer system; determining, based on the user input, that the user has successfully completed an authentication factor for gaining access to the computer system; receiving position data that includes (i) first GPS position data that specifies a position of a mobile computing device associated with the user, and (ii) second GPS position data that specifies a position of the computer system; determining a distance between the position of the mobile computing device specified by the first GPS position data and the position of the computer system specified by the second GPS position data; determining that the distance does not exceed a maximum threshold distance; authenticating, by the computer system, the user for the access to the computer system based at least on determining that; (i) the user has successfully completed the authentication factor, and (ii) the determined distance does not exceed the maximum threshold distance; and
in response to authenticating the user, providing the user access to a second user interface of the computer system. - View Dependent Claims (17, 18)
-
-
19. A system comprising:
-
one or more computers; and a computer-readable storage medium storing computer software instructions executable by the one or more computers which, upon such execution, cause the one or more computers to perform operations comprising; receiving, at a computer system, user input entered by a user through a user interface of the computer system; determining, based on the user input, that the user has successfully completed an authentication factor for gaining access to the computer system; receiving position data that includes (i) first GPS position data that specifies a position of a mobile computing device associated with the user, and (ii) second GPS position data that specifies a position of the computer system; determining a distance between the position of the mobile computing device specified by the first GPS position data and the position of the computer system specified by the second GPS position data; determining that the distance does not exceed a maximum threshold distance; authenticating, by the computer system, the user for the access to the computer system based at least on determining that; (i) the user has successfully completed the authentication factor, and (ii) the determined distance does not exceed the maximum threshold distance; and in response to authenticating the user, providing the user access to a second user interface of the computer system. - View Dependent Claims (20, 21)
-
-
22. A computer-implemented method comprising:
-
receiving, at a computer system, user input entered by a user through a user interface of the computer system; determining, based on the user input, that the user has successfully completed an authentication factor for gaining access to the computer system; accessing data specifying predetermined days or times when a mobile computing device is permitted to be used in authenticating the user; determining that a current day or a current time is within one of the predetermined days or times when the mobile computing device is permitted to be used to authenticate the user; receiving position data that specifies (i) a position of the mobile computing device associated with the user, and (ii) a position of the computer system; determining a distance between the position of the mobile computing device and the position of the computer system; determining that the distance does not exceed a maximum threshold distance; and authenticating, by the computer system, the user for the access to the computer system based at least on determining that; (i) the user has successfully completed the authentication factor, (ii) the current day or the current time is within one of the predetermined days or times when the mobile computing device is permitted to be used to authenticate the user, and (iii) the determined distance does not exceed the maximum threshold distance. - View Dependent Claims (23, 24)
-
-
25. A computer-readable storage medium storing computer software instructions executable by one or more data processing apparatus which, upon such execution, cause the one or more data processing apparatus to perform operations comprising:
-
receiving, at a computer system, user input entered by a user through a user interface of the computer system; determining, based on the user input, that the user has successfully completed an authentication factor for gaining access to the computer system; accessing data specifying predetermined days or times when a mobile computing device is permitted to be used in authenticating the user; determining that a current day or a current time is within one of the predetermined days or times when the mobile computing device is permitted to be used to authenticate the user; receiving position data that specifies (i) a position of the mobile computing device associated with the user, and (ii) a position of the computer system; determining a distance between the position of the mobile computing device and the position of the computer system; determining that the distance does not exceed a maximum threshold distance; and authenticating, by the computer system, the user for the access to the computer system based at least on determining that; (i) the user has successfully completed the authentication factor, (ii) the current day or the current time is within one of the predetermined days or times when the mobile computing device is permitted to be used to authenticate the user, and (iii) the determined distance does not exceed the maximum threshold distance. - View Dependent Claims (26, 27)
-
Specification