Protection from unfamiliar login locations

US 9,177,125 B2
Filed: 07/06/2011
Issued: 11/03/2015
Est. Priority Date: 05/27/2011
Status: Active Grant

First Claim

Patent Images

1. A machine-implemented method for authenticating a user session, comprising:

using at least one hardware processor to implement;

recognizing a current location of a user login attempt to a user service;

executing a comparison of the current location to a user location profile associated with a user account;

presenting a user with an enhanced identity challenge for answering by the user before allowing user access based on the comparison;

designating the current location as a familiar location upon successful response to the enhanced identity challenge to indicate a level of security for a subsequent login attempt from the current location; and

updating the user location profile with the familiar location based on a login location history, wherein the familiar location further selects a challenge level for the enhanced identity challenge to grant user access.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, a user authentication server may use geo-location tracking to determine whether to present an enhanced identity challenge. A communication interface 180 may receive a user login attempt by a user and a current location of the user login attempt. A data storage 150 may store a user location profile of the user. A processor 120 may execute a comparison of the current location to the user location profile. The communication interface 180 may present the user with an enhanced identity challenge before allowing user access based on the comparison.

Citations

32 Claims

1. A machine-implemented method for authenticating a user session, comprising:
- using at least one hardware processor to implement;
  
  recognizing a current location of a user login attempt to a user service;
  
  executing a comparison of the current location to a user location profile associated with a user account;
  
  presenting a user with an enhanced identity challenge for answering by the user before allowing user access based on the comparison;
  
  designating the current location as a familiar location upon successful response to the enhanced identity challenge to indicate a level of security for a subsequent login attempt from the current location; and
  
  updating the user location profile with the familiar location based on a login location history, wherein the familiar location further selects a challenge level for the enhanced identity challenge to grant user access.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, further comprising:
    - tracking in the user location profile a previous location of the user.
  - 3. The method of claim 1, further comprising:
    - determining whether an immediately previous location is within traveling distance of the current location; and
      
      selecting the challenge level for the enhanced identity challenge based on whether the current location is within traveling distance.
  - 4. The method of claim 3, further comprising:
    - presenting the user with a high difficulty identity challenge if the current location is not within traveling distance.
  - 5. The method of claim 4, further comprising:
    - sending a short messaging system code to a mobile telephone associated with the user account.
  - 6. The method of claim 1, further comprising:
    - marking a user account as a compromised account upon a failed response to the enhanced identity challenge.
  - 7. The method of claim 1, further comprising:
    - decertifying a familiar location with an expired aging period.
  - 8. The method of claim 1, further comprising:
    - collecting a low difficulty identity challenge response and a high difficulty identity challenge response.
  - 9. The method of claim 1, further comprising:
    - collecting a login location history while in an observation mode; and
      
      determining a home region based on the login location history.
  - 10. The method of claim 9, further comprising:
    - resizing the home region based on at least one of user activity and system configuration.
  - 11. The method of claim 9, further comprising:
    - exiting observation mode upon reaching at least one of a location threshold and a learning period threshold.
  - 12. The method of claim 1, further comprising:
    - incrementing an unfamiliar login location counter; and
      
      presenting a user with an enhanced identity challenge if the unfamiliar login location counter exceeds an unfamiliar login location threshold.
  - 13. The method of claim 12, further comprising:
    - decrementing the unfamiliar login location counter upon successful response to the enhanced identity challenge.

14. A machine-readable storage device having a set of instructions detailing a method stored thereon that when executed by one or more processors cause the one or more processors to perform the method, the method comprising:
- creating a user location profile associated with a user account indicating a familiar location based on a login location history;
  
  executing a comparison of a current geo-location of a user login attempt to the familiar location of the user location profile;
  
  presenting a user with an enhanced identity challenge for answering by the user with a challenge level based on whether the current geo-location is the familiar location to determine user access; and
  
  updating the user location profile to designate the current location as a new familiar location after a successful login attempt.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The machine-readable storage device of claim 14, further comprising:
    - marking a user account as a compromised account upon a failed response to the enhanced identity challenge.
  - 16. The machine-readable storage device of claim 15, further comprising:
    - clearing a familiar location list of the compromised account.
  - 17. The machine-readable storage device of claim 14, further comprising:
    - factoring whether the user login attempt is from a trusted device into a determination to present the enhanced identity challenge.
  - 18. The machine-readable storage device of claim 14, further comprising:
    - selecting the challenge level for the enhanced identity challenge based on whether the current geo-location is a fraud hotspot.

19. A user authentication server, comprising:
- a communication interface configured to receive a user login attempt by a user and a current geo-location of the user login attempt;
  
  a data storage configured to store a user location profile of the user indicating a familiar location based on a login location history; and
  
  a hardware processor configured to determine whether the geo-location is the familiar location, select a challenge level for an enhanced identity challenge for answering by the user based in part on whether the current geo-location is the familiar location to determine user access, and update the user location profile to designate the current location as a new familiar location after a successful login attempt.
- View Dependent Claims (20)
- - 20. The user authentication server of claim 19, wherein the data storage stores the current geo-location as a familiar location upon successful response to the identity challenge.

21. A machine-implemented method for authenticating a user session, comprising:
- recognizing a current location of a user login attempt;
  
  presenting with a computing device an enhanced identity challenge selected based on a comparison of the current location to a user location profile associated with a user account before allowing user access;
  
  designating the current location as a familiar location upon successful response to the enhanced identity challenge to indicate a level of security for a subsequent login attempt from the current location; and
  
  updating the user location profile with the familiar location based on a login location history, wherein the familiar location further selects a challenge level for the enhanced identity challenge to grant user access.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 22. The method of claim 21, further comprising:
    - marking the user account as a compromised account upon a failed response to the enhanced identity challenge.
  - 23. The method of claim 22, further comprising:
    - receiving a remediation attempt for the compromised account.
  - 24. The method of claim 21, further comprising:
    - decertifying a familiar location with an expired aging period.
  - 25. The method of claim 21, further comprising:
    - collecting a login location history while in an observation mode.
  - 26. The method of claim 25, further comprising:
    - exiting the observation mode upon reaching at least one of a location threshold and a learning period threshold.
  - 27. The method of claim 21, further comprising:
    - storing the user location profile having at least one of a range field, a time field, and a frequency field.
  - 28. The method of claim 21, further comprising:
    - disabling an ability to recognize the current location if a user kill switch is activated.
  - 29. The method of claim 21, further comprising:
    - incrementing an unfamiliar login location counter; and
      
      presenting a user with an enhanced identity challenge if the unfamiliar login location counter exceeds an unfamiliar login location threshold.
  - 30. The method of claim 21, further comprising:
    - decrementing an unfamiliar login location counter upon successful response to the enhanced identity challenge.

31. A user computing device, comprising:
- an input device configured to receive a user login attempt by a user;
  
  a data storage configured to store a user location profile of the user indicating a familiar location based on a login location history;
  
  an output device configured to present an enhanced identity challenge with a challenge level selected based on whether a current location is the familiar location in the user location profile to determine user access; and
  
  a hardware processor configured to update the user location profile to designate the current location as a new familiar location after a successful login attempt.
- View Dependent Claims (32)
- - 32. The user computing device of claim 31, wherein the familiar location has a low level of security.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Steeves, David, Abrams, Luke, Dangayach, Hersh, Fleischman, Eric, Raju, Prabu, Vitaldevara, Krishna, Shekar, Niyantha, Baral, Payoj, Ramaswamy, Meenakshi, Wong, Winfred, Rouskov, Yordan, Manne, Ramesh
Primary Examiner(s)
Chai, Longbit

Application Number

US13/176,762
Publication Number

US 20120304260A1
Time in Patent Office

1,581 Days
Field of Search

726/7, 726/2
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/316   by observing the pattern of...

G06F 2221/2111   Location-sensitive, e.g. ge...

H04L 2101/69   using geographic informatio...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 67/306   User profiles

H04L 67/535   Tracking the activity of th...

H04W 4/029   Location-based management o...

Protection from unfamiliar login locations

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Protection from unfamiliar login locations

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links