System and method for location-based authentication
First Claim
Patent Images
1. A location-aware method for user authentication comprising:
- determining a current location of a mobile device, wherein determining a current location of a mobile device comprises;
detecting, by a device proximity detection module, the presence of one or more peer or network infrastructure devices; and
performing, by the device proximity detection module, a correlation against historical presence data for the peer or network infrastructure devices, wherein a relatively higher correlation indicates that the mobile device is at a known location and a relatively lower correlation indicates that the mobile device is not at a known location;
identifying, by a location class determination module, a location class corresponding to the current location;
receiving, by an authentication policy engine, an authentication policy associated with a particular relying party, the authentication policy defining a set of one or more authentication techniques to provide a sufficient level of user authentication for a current transaction based on the identified location class; and
selecting, by the authentication policy engine, from the set of one or more authentication techniques to authenticate the user for the current transaction based on the identified location class.
3 Assignments
0 Petitions
Accused Products
Abstract
A system, apparatus, method, and machine readable medium are described for location-aware authentication. For example, one embodiment of a location-aware method for user authentication comprises: determining a current location of a mobile device; identifying a location class corresponding to the current location; selecting a set of one or more authentication techniques to provide a sufficient level of user authentication for a current transaction based on the identified location class.
159 Citations
24 Claims
-
1. A location-aware method for user authentication comprising:
-
determining a current location of a mobile device, wherein determining a current location of a mobile device comprises; detecting, by a device proximity detection module, the presence of one or more peer or network infrastructure devices; and performing, by the device proximity detection module, a correlation against historical presence data for the peer or network infrastructure devices, wherein a relatively higher correlation indicates that the mobile device is at a known location and a relatively lower correlation indicates that the mobile device is not at a known location; identifying, by a location class determination module, a location class corresponding to the current location; receiving, by an authentication policy engine, an authentication policy associated with a particular relying party, the authentication policy defining a set of one or more authentication techniques to provide a sufficient level of user authentication for a current transaction based on the identified location class; and selecting, by the authentication policy engine, from the set of one or more authentication techniques to authenticate the user for the current transaction based on the identified location class. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A location-aware system for user authentication comprising:
-
a memory device for storing program code comprising a plurality of instructions; at least one processor to execute the instructions to implement a plurality of different functional modules including; a location detection module to determine a current location of a mobile device, wherein determining a current location of the mobile device comprises a device proximity detection module to detect the presence of one or more peer or network infrastructure devices and to perform a correlation against historical presence data for the peer or network infrastructure devices, wherein a relatively higher correlation indicates that the mobile device is at a known location and a relatively lower correlation indicates that the mobile device is not at a known location; a location class determination module to identify a location class corresponding to the current location; an authentication policy engine to receive an authentication policy associated with a particular relying party, the authentication policy defining a set of one or more authentication techniques to provide a sufficient level of user authentication for a current transaction based on the identified location class, the authentication policy engine to select from the set of one or more authentication techniques to authenticate the user for the current transaction based on the identified location class. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
Specification