Multiple user authentications on a communications device
First Claim
1. A computer-implemented method for authenticating a first user of a communications device having a biometric reader, the method comprising:
- receiving from the first user authentication credentials for authenticating the first user to a service, the service storing a copy of the authentication credentials;
storing on the communications device the authentication credentials;
receiving via the biometric reader of the communications device a first instance of a biometric characteristic from the first user;
storing on the communications device the first instance of the biometric characteristic in association with the stored authentication credentials;
after storing the first instance of the biometric characteristic and the authentication credentials,receiving via the biometric reader a second instance of the biometric characteristic of a user;
determining whether the second instance of the biometric characteristic matches the first instance of the biometric characteristic; and
in response to determining that the second instance of the biometric characteristic matches the first instance of the biometric characteristic,retrieving the authentication credentials that is stored in association with the first instance of the biometric characteristic; and
providing to the service the retrieved authentication credentials so that the service can authenticate the first user based on the stored copy of the authentication credentials.
2 Assignments
0 Petitions
Accused Products
Abstract
A communications device provides a biometric reader to authenticate users onto the communications device based on a single biometric input. The communications device maintains a local copy of the strong authentication credentials, such as a user identification and password, and the biometrics which were previously input by users of the communications device. Then, rather than requiring re-entry of the strong authentication credentials to authenticate (or re-authenticate) these users onto the communications device, the communications device is able to authenticate the users based on the input of the appropriate biometric. When a biometric input is received, the communications device identifies the locally stored strong authentication credentials that is associated with the input biometric, and uses the locally stored strong authentication credentials to authenticate the user.
-
Citations
22 Claims
-
1. A computer-implemented method for authenticating a first user of a communications device having a biometric reader, the method comprising:
-
receiving from the first user authentication credentials for authenticating the first user to a service, the service storing a copy of the authentication credentials; storing on the communications device the authentication credentials; receiving via the biometric reader of the communications device a first instance of a biometric characteristic from the first user; storing on the communications device the first instance of the biometric characteristic in association with the stored authentication credentials; after storing the first instance of the biometric characteristic and the authentication credentials, receiving via the biometric reader a second instance of the biometric characteristic of a user; determining whether the second instance of the biometric characteristic matches the first instance of the biometric characteristic; and in response to determining that the second instance of the biometric characteristic matches the first instance of the biometric characteristic, retrieving the authentication credentials that is stored in association with the first instance of the biometric characteristic; and providing to the service the retrieved authentication credentials so that the service can authenticate the first user based on the stored copy of the authentication credentials. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A device for authenticating a user of the device, the device comprising:
-
a biometric reader; one or more memories storing computer-executable instructions that control the device to; receive authentication credentials for a first user, the authentication credentials not being a biometric characteristic; receive via the biometric reader a first biometric characteristic for the first user; associate the first biometric characteristic with the authentication credentials; and after the first biometric characteristic is associated with the authentication credentials, receive via the biometric reader a second biometric characteristic for a user; determine whether the second biometric characteristic matches the first biometric characteristic; in response to determining that the second biometric characteristic matches the first biometric characteristic, provide the authentication credentials to authenticate the first user; and a processor for executing the computer-executable instructions stored in the one or more memories. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. One or more computer memories that store computer-executable instructions that control a communications device provide authentication credentials for authenticating a user of the communications device, the device having a biometric reader, the instructions comprising instructions control the communications device to:
-
receive authentication credentials from a first user; receive via the biometric reader a first biometric characteristic from the first user; encrypt the authentication credentials; create a first representation of the first biometric characteristic; store the encrypted authentication credentials and the first representation of the first biometric characteristic locally in non-volatile memory of the communications device; and after the first representation of the first biometric characteristic and the authentication credentials are stored, receive via the biometric reader a second biometric characteristic of a user; create a second representation of the second biometric characteristic; determine whether the second representation matches the first representation; and in response to determining that the second representation matches the first representation, retrieve the encrypted authentication credentials stored locally in non-volatile memory; decrypt the encrypted authentication credentials for use in authenticating the first user; and provide the decrypted authentication credentials for authenticating the first user. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
-
Specification