System and method for credential management and identity verification

US 9,436,818 B1
Filed: 07/28/2015
Issued: 09/06/2016
Est. Priority Date: 06/30/2014
Status: Active Grant

First Claim

Patent Images

1. A system of credential management and identity verification for use with a computing device, comprising:

a portable input computing device in data communication with the computing device, said portable input computing device being configured to store a plurality of credentials and to store a plurality of user-supplied mask data;

an application that, when executed on the portable input computing device;

detects a request for credentials being published on a display of the computing device, wherein said portable input computing device receives the request for credentials in response to the computing device accessing at least one of a locally accessible resource, a resource accessible via a network, and a resource accessible via the Internet;

provides at least one alert to a user of the computing device to confirm identity via submission of at least one of a biometric and a non-biometric input to the input device;

receives the at least one of the biometric and non-biometric input;

verifies identity of the user based on the received input;

transmits respective mask data associated with the verified user identity to the computing device that is configured to visually block said request for credentials;

transmits respective credentials to the computing device associated with the verified user identity;

wherein said application, when executed on said portable input computing device;

detects an identity of a source of said request for credentials;

determines respective mask data associated with the verified user identity and the identified source; and

transmits said determined mask data to the computing device that is associated with both the verified user identity and the identified source.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system of credential management and identity verification includes a portable input device and an application that, when executed on the input device, authenticates a user of the input device and provides associated credentials to a computing device. The application detects a request for credentials presented by a proximate computing device. Then, the application alerts a user of the computing device to confirm his identity by submitting one of a biometric or non-biometric authenticating input to the input device. The authenticating input is received by the input device and used to verify the identity of the user. If the identity is verified, the application transmits the associated encrypted credentials and mask data to the computing device. The input device may be a pointing device connected wirelessly or via wired connection to the computer. User authentication data is provided to the input device at an initial or predetermined time.

Citations

19 Claims

1. A system of credential management and identity verification for use with a computing device, comprising:
- a portable input computing device in data communication with the computing device, said portable input computing device being configured to store a plurality of credentials and to store a plurality of user-supplied mask data;
  
  an application that, when executed on the portable input computing device;
  
  detects a request for credentials being published on a display of the computing device, wherein said portable input computing device receives the request for credentials in response to the computing device accessing at least one of a locally accessible resource, a resource accessible via a network, and a resource accessible via the Internet;
  
  provides at least one alert to a user of the computing device to confirm identity via submission of at least one of a biometric and a non-biometric input to the input device;
  
  receives the at least one of the biometric and non-biometric input;
  
  verifies identity of the user based on the received input;
  
  transmits respective mask data associated with the verified user identity to the computing device that is configured to visually block said request for credentials;
  
  transmits respective credentials to the computing device associated with the verified user identity;
  
  wherein said application, when executed on said portable input computing device;
  
  detects an identity of a source of said request for credentials;
  
  determines respective mask data associated with the verified user identity and the identified source; and
  
  transmits said determined mask data to the computing device that is associated with both the verified user identity and the identified source.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system of claim 1, wherein said application, wherein said respective mask data transmitted to the computing device includes instructions to display said respective mask data directly in front of said request for credentials so as to completely visually block said request for credentials and to block said transmitted credentials.
  - 3. The system of claim 1, wherein said application, wherein said respective mask data transmitted to the computing device includes instructions to display said respective mask data adjacent said request for credentials so as to completely visually block said request for credentials and to block said transmitted credentials only if said transmitted mask data is moved in front of said request for credentials using a graphic user interface of the computing device.
  - 4. The system of claim 1, wherein said portable input computing device provides the at least one alert using at least one of a visible, audible, and vibratory signal.
  - 5. The system of claim 1, wherein the portable input computing device transmits the credentials in encrypted format and does not reveal the credentials to the user.
  - 6. The system of claim 4, wherein the portable input computing device provides alerts customized for each of the plurality of users of the computing device.
  - 7. The system of claim 1, wherein the portable input computing device communicates with the computing device via at least one of a wired and wireless connection.
  - 8. The system of claim 1, wherein the portable input computing device is a pointing device in data communication with the computing device.
  - 9. The system of claim 1, wherein:
    - the biometric input comprises a fingerprint of the user; and
      
      the non-biometric input comprises machine-readable indicia provided by a portable card.

10. A method of credential management and identity verification for use with a computing device, comprising:
- providing a portable input computing device in data communication with the computing device detecting a request for credentials that is being displayed upon a display of the computing device, said portable input computing device being configured to store a plurality of credentials and a plurality of mask data,receiving by an application the request for credentials in response to the computing device accessing at least one of a locally accessible resource, a resource accessible via a network, and a resource accessible via the internet;
  
  providing by said portable input computing device at least one alert to a user of the computing device to confirm identity via submission of at least one of a biometric input and a non-biometric input to the portable input computing device;
  
  receiving by said portable input computing device the at least one of the biometric and non-biometric input;
  
  verifying by said portable input computing device an identity of the user based on the received input;
  
  determining by said portable input computing device respective mask data associated with the verified user identity;
  
  transmitting by said portable input computing device said mask data associated with the verified user identity to the computing device that is configured to visually block said request for credentials;
  
  transmitting by said portable input computing device the credentials to the computing device based on the verified user identity;
  
  said application detecting an identity of a source of said request for credentials;
  
  said application determining respective mask data associated with the verified user identity and the identified source; and
  
  transmitting by said application said determined mask data to the computing device that is associated with both the verified user identity and the identified source.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 11. The method of claim 10, further comprising said application transmitting to the computing device instructions to display said respective mask data directly in front of said request for credentials so as to completely visually block said request for credentials and to block said transmitted credentials.
  - 12. The method of claim 10, further comprising said application transmitting to the computing device instructions to display said respective mask data directly adjacent said request for credentials so as to completely visually block said request for credentials and to block said transmitted credentials only if said transmitted mask data is moved in front of said request for credentials using a graphic user interface of the computing device.
  - 13. The method of claim 10, further comprising the portable input computing device transmitting the credentials in encrypted format and wherein the credentials are not revealed to the user.
  - 14. The method of claim 10, wherein the portable input computing device verifies the identity of the user by comparing the at least one of said biometric input and said non-biometric input with files stored in at least one of persistent storage of said input device and removable storage of said input device.
  - 15. The method of claim 10, further comprising said portable input computing device transmitting credentials for a second user of said computing device based on the second user accessing at least one resource accessible locally on the computing device, accessible via a network, and accessible via the Internet and further based on said input device verifying at least one of said biometric and said non-biometric input entered by the second user.
  - 16. The method of claim 10, further comprising said portable input computing device transmitting credentials to a second computing device based on a third user of said second computing device accessing at least one resource accessible locally on said second computing device, accessible via a network, and accessible via the Internet and further based on said input device verifying at least one of said biometric and said non-biometric input entered by the third user.
  - 17. The method of claim 10, further comprising said portable input computing device detecting the request for credentials based on user action comprising at least one of navigating about an Internet page containing an authentication prompt, hovering a cursor over an authentication prompt, and clicking within a field accepting the credentials.
  - 18. The method of claim 17, wherein said portable input computing device recognizes an account associated with the user action and searches for stored files to compare with the at least one of said biometric and said non-biometric input entered by the user.
  - 19. The method of claim 18, wherein the credentials comprise at least one of a user name and password associated with the account and wherein additionally or alternatively the credentials comprise at least one of an account number, an address, a telephone number, a social security number, and an answer to a security question.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Macio P. Tooley II
Original Assignee
Macio P. Tooley II
Inventors
Tooley, Macio P. II
Primary Examiner(s)
Holder, Bradley
Assistant Examiner(s)
Jackson, Jenise

Application Number

US14/811,176
Publication Number

US 20160267261A1
Time in Patent Office

406 Days
Field of Search

726/6
US Class Current

1/1
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06F 21/45   Structures or tools for the...

G06F 2221/2129   Authenticate client device ...

System and method for credential management and identity verification

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for credential management and identity verification

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links