Method and system for authenticating a user using media objects

US 9,219,720 B1
Filed: 12/06/2012
Issued: 12/22/2015
Est. Priority Date: 12/06/2012
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a user, comprising:

creating an account, wherein creating the account comprises;

presenting a category prompt to the user,receiving a selection of a category from the user,obtaining, from a media library, a plurality of stock media objects classified into the category, andreceiving, from the user, a selection of a valid media object from the plurality of stock media objects classified into the category, wherein the valid media object is one of the plurality of valid stock media objects;

receiving an account identifier from the user;

obtaining, based on the account identifier, a plurality of valid media objects;

presenting, to the user, a plurality of media objects comprising the plurality of valid media objects and a plurality of invalid media objects,receiving, from the user, a selection of a subset of the plurality of media objects to obtain a selected subset;

obtaining user metrics for risk analysis;

performing, by a computer hardware processor of a device, risk analysis to identify a risk level for authentication based on user metrics, wherein the risk level defines a number of attempts that the user is permitted to select the plurality of valid media objects;

authenticating, after receiving the selection, the user when a selected number of valid media objects in the selected subset satisfies a minimum number specified by the risk level, wherein the selected subset comprises at least one valid media object and at least one invalid media object; and

authorizing the user to access a resource when the user is authenticated.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for authenticating a user includes receiving an account identifier from the user, obtaining, based on the account identifier, a valid media objects, and presenting, to the user, media objects that include valid media objects and a invalid media objects. A selection of a subset of the media objects is received. The method further includes obtaining user metrics for risk analysis, performing, by a computer processor, risk analysis to identify a risk level based on user metrics, authenticating, based on the risk level and the selection of the subset, the user, and authorizing the user to access a resource when the user is authenticated.

Citations

24 Claims

1. A method for authenticating a user, comprising:
- creating an account, wherein creating the account comprises;
  
  presenting a category prompt to the user,receiving a selection of a category from the user,obtaining, from a media library, a plurality of stock media objects classified into the category, andreceiving, from the user, a selection of a valid media object from the plurality of stock media objects classified into the category, wherein the valid media object is one of the plurality of valid stock media objects;
  
  receiving an account identifier from the user;
  
  obtaining, based on the account identifier, a plurality of valid media objects;
  
  presenting, to the user, a plurality of media objects comprising the plurality of valid media objects and a plurality of invalid media objects,receiving, from the user, a selection of a subset of the plurality of media objects to obtain a selected subset;
  
  obtaining user metrics for risk analysis;
  
  performing, by a computer hardware processor of a device, risk analysis to identify a risk level for authentication based on user metrics, wherein the risk level defines a number of attempts that the user is permitted to select the plurality of valid media objects;
  
  authenticating, after receiving the selection, the user when a selected number of valid media objects in the selected subset satisfies a minimum number specified by the risk level, wherein the selected subset comprises at least one valid media object and at least one invalid media object; and
  
  authorizing the user to access a resource when the user is authenticated.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein, when presented, the plurality of media objects is arranged into a plurality of categories.
  - 3. The method of claim 2, wherein for each category of the plurality of categories, presenting the plurality of media objects comprises:
    - presenting a valid media object of the plurality of media objects and classified into the category intermixed with a subset of the plurality invalid media objects classified into the category.
  - 4. The method of claim 1, wherein the user metrics comprises an internet protocol address of the user, and wherein the risk level is set as high when the internet protocol address is from a geographic region identified as prone to instigating cyber attacks.
  - 5. The method of claim 1, wherein the user metrics comprises an internet protocol address of the user, and wherein the risk level is set according to historical activities from the internet protocol address.
  - 6. The method of claim 1, wherein the user metrics comprises a number of financial institutions that the user attempts to access, and wherein the risk level is proportionally related to the number of financial institutions.
  - 7. The method of claim 1, wherein the user metrics comprises previously recorded user behavior for accessing the resource, and wherein the risk level is proportionally related to a degree of similarity with the previously recorded user behavior.
  - 8. The method of claim 1, wherein the user metrics comprises types of device artifacts stored on a device of the user.
  - 9. The method of claim 1, wherein the plurality of valid media objects are at least a part of authentication credentials for the user, and wherein the plurality of invalid media objects obfuscate which of the plurality of media objects are the plurality of valid media objects.

10. A system for authenticating a user, comprising:
- a computer hardware processor;
  
  a data repository for storing an account comprising a plurality of valid media object identifiers; and
  
  an authentication engine connected to the data repository, executing on the computer hardware processor, and comprising;
  
  a plurality of software instructions configured to;
  
  create an account, wherein creating the account comprises;
  
  presenting a category prompt to the user,receiving a selection of a category from the user,obtaining, from a media library, a plurality of stock media objects classified into the category, andreceiving, from the user, a selection of a valid media object from the plurality of stock media objects classified into the category, wherein the valid media object is one of the plurality of valid stock media objects;
  
  obtain user metrics for risk analysis,perform risk analysis to identify a risk level for authentication based on the user metrics, wherein the risk level defines a number of attempts that the user is permitted to select the plurality of valid media objects,receive, from a user, an account identifier identifying the account,obtain, based on the account identifier, a plurality of valid media objects identified by the plurality of valid media object identifiers,present, to the user, a plurality of media objects comprising the plurality of valid media objects and a plurality of invalid media objects,receive, from the user, a selection of a subset of the plurality of media objects to obtain a selected subset,authenticate, after receiving the selection, the user when a selected number of valid media objects in the selected subset satisfies a minimum number specified by the risk level,wherein the selected subset comprises at least one valid media object and at least one invalid media object, andauthorize the user to access a resource when the user is authenticated.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The system of claim 10, further comprising:
    - a category classifier application configured to classify the plurality of media objects into a plurality of categories.
  - 12. The system of claim 10 further comprising:
    - a user interface configured to;
      
      present the plurality of media objects, wherein the media objects are arranged into a plurality of categories.
  - 13. The system of claim 12, wherein for each category of the plurality of categories, presenting the plurality of media objects comprises:
    - present a valid media object of the plurality of media objects and classified into the category intermixed with a subset of the plurality invalid media objects classified into the category.
  - 14. The system of claim 10, wherein the plurality of software instructions is further configured to create the account for a user, wherein the user selects the plurality of media objects from a plurality of stock media objects corresponding to a plurality of categories while creating the account.
  - 15. The system of claim 10, wherein the plurality of valid media objects are at least a part of authentication credentials for the user, and wherein the plurality of invalid media objects obfuscate which of the plurality of media objects are the plurality of valid media objects.

16. A non-transitory computer readable medium comprising computer readable program code for authenticating a user, the computer readable program code for:
- creating an account, wherein creating the account comprises;
  
  presenting a category prompt to the user,receiving a selection of a category from the user,obtaining, from a media library, a plurality of stock media objects classified into the category, andreceiving, from the user, a selection of a valid media object from the plurality of stock media objects classified into the category, wherein the valid media object is one of the plurality of valid stock media objects;
  
  receiving an account identifier from the user;
  
  obtaining, based on the account identifier, a plurality of valid media objects;
  
  presenting, to the user, a plurality of media objects comprising the plurality of valid media objects and a plurality of invalid media objects,receiving, from the user, a selection of a subset of the plurality of media objects to obtain a selected subset;
  
  obtaining user metrics for risk analysis;
  
  performing risk analysis to identify a risk level for authentication based on user metrics, wherein the risk level defines a number of attempts that the user is permitted to select the plurality of valid media objects;
  
  authenticating, after receiving the selection, the user when a selected number of valid media objects in the selected subset satisfies a minimum number specified by the risk level,wherein the selected subset comprises at least one valid media object and at least one invalid media object; and
  
  authorizing the user to access a resource when the user is authenticated.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24)
- - 17. The non-transitory computer readable medium of claim 16, wherein, when presented, the plurality of media objects is arranged into a plurality of categories.
  - 18. The non-transitory computer readable medium of claim 17, wherein for each category of the plurality of categories, presenting the plurality of media objects comprises:
    - presenting a valid media object of the plurality of media objects and classified into the category intermixed with a subset of the plurality invalid media objects classified into the category.
  - 19. The non-transitory computer readable medium of claim 16, wherein the user metrics comprises an internet protocol address of the user, and wherein the risk level is set as high when the internet protocol address is from a geographic region identified as prone to instigating cyber attacks.
  - 20. The non-transitory computer readable medium of claim 16, wherein the user metrics comprises an internet protocol address of the user, and wherein the risk level is set according to historical activities from the internet protocol address.
  - 21. The non-transitory computer readable medium of claim 16, wherein the user metrics comprises a number of financial institutions that the user attempts to access, and wherein the risk level is proportionally related to the number of financial institutions.
  - 22. The non-transitory computer readable medium of claim 16, wherein the user metrics comprises previously recorded user behavior for accessing the resource, and wherein the risk level is proportionally related to a degree of similarity with the previously recorded user behavior.
  - 23. The non-transitory computer readable medium of claim 16, wherein the user metrics comprises types of device artifacts stored on a device of the user.
  - 24. The non-transitory computer readable medium of claim 16, wherein the plurality of valid media objects are at least a part of authentication credentials for the user, and wherein the plurality of invalid media objects obfuscate which of the plurality of media objects are the plurality of valid media objects.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intuit, Inc.
Original Assignee
Intuit, Inc.
Inventors
Hurlbutt, Thomas E., Satpathy, Lalatendu, Galdes, Deborah Krawczak
Primary Examiner(s)
Sholeman, Abu
Assistant Examiner(s)
LWIN, MAUNG T

Application Number

US13/707,345
Time in Patent Office

1,111 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 21/36   by graphic or iconic repres...

G06F 21/46   by designing passwords or c...

G06F 21/577   Assessing vulnerabilities a...

G06F 21/6218   to a system of files or obj...

G06F 2221/2117   User registration

H04L 63/08   for authentication of entit...

H04L 63/102   Entity profiles

H04W 12/67   Risk-dependent, e.g. select...

Method and system for authenticating a user using media objects

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for authenticating a user using media objects

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links