Compliant authentication based on dynamically-updated credentials

US 9,544,308 B2
Filed: 11/01/2014
Issued: 01/10/2017
Est. Priority Date: 11/01/2014
Status: Active Grant

First Claim

Patent Images

1. A dynamic method for identifying, and authenticating a user of a computing device based on user credentials, the method comprising:

a. requesting the user to enrol by downloading an application and signing a personal consent release document presented to user by the computing device;

b. capturing, by the computing device having a downloaded application, one or more biometric data of the user;

c. obtaining, by the computing device, one or more of the user'"'"'s biographical information from the user;

d. capturing, by a camera of the computing device, one or more aliveness data by recording a live video sequences of the user;

e. requesting, by the computing device, one or more of the user'"'"'s current biographical data from authoritative government, commercial and private databases;

f. determining, by the computing device, geographical location and identifier of the computing device;

g. establishing, by the computing device, aliveness data of the user by analyzing movements of the captured live video sequences of the user;

h. verifying, by the computing device, differences of the biographical information with the biographical data;

i. prompting, by the computing device, to seek correction of the biographical information from the user for the verified differences;

j. generating and storing, by the computing device, a secure entity authentication label (SEAL) by combining the biographical information, biometric data and the aliveness data;

k. requesting, by the computing device, a subset of randomly selected biographical information, biometric data and aliveness data from the user upon a user'"'"'s request for a service;

l. generating, by the computing device, a new SEAL using the subset of randomly selected biographical information, biometric data and aliveness data from the user;

m. comparing, by the computing device, the new SEAL with the stored SEAL;

n. authenticating, by the computing device, service access to the requested service based on the compared result;

o. updating, by the computing device, the stored SEAL by using the new SEAL.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method and a computer-readable medium for authenticating a user in a live manner in non-face-to-face transactions, including a user downloading an authentication application from a server to a pervasive computing device, and after downloading the application, having an icon residing on the display of the device. When the authentication application is activated by the user, biographical and multi-biometric information of the user is requested by the application, and subsequently submitted to an authentication engine residing in a secure network cloud. The authentication process further includes, verifying by the authentication engine all of the requested information, compliance with government regulations such as CFT/AML, and the 4^thData Protection Principle. Users have the ability to check their biographical data through a system called, RITE, forming part of this application. Memorised IDs and passwords are not required. The aliveness of the user is verified at each transaction request.

Citations

14 Claims

1. A dynamic method for identifying, and authenticating a user of a computing device based on user credentials, the method comprising:
- a. requesting the user to enrol by downloading an application and signing a personal consent release document presented to user by the computing device;
  
  b. capturing, by the computing device having a downloaded application, one or more biometric data of the user;
  
  c. obtaining, by the computing device, one or more of the user'"'"'s biographical information from the user;
  
  d. capturing, by a camera of the computing device, one or more aliveness data by recording a live video sequences of the user;
  
  e. requesting, by the computing device, one or more of the user'"'"'s current biographical data from authoritative government, commercial and private databases;
  
  f. determining, by the computing device, geographical location and identifier of the computing device;
  
  g. establishing, by the computing device, aliveness data of the user by analyzing movements of the captured live video sequences of the user;
  
  h. verifying, by the computing device, differences of the biographical information with the biographical data;
  
  i. prompting, by the computing device, to seek correction of the biographical information from the user for the verified differences;
  
  j. generating and storing, by the computing device, a secure entity authentication label (SEAL) by combining the biographical information, biometric data and the aliveness data;
  
  k. requesting, by the computing device, a subset of randomly selected biographical information, biometric data and aliveness data from the user upon a user'"'"'s request for a service;
  
  l. generating, by the computing device, a new SEAL using the subset of randomly selected biographical information, biometric data and aliveness data from the user;
  
  m. comparing, by the computing device, the new SEAL with the stored SEAL;
  
  n. authenticating, by the computing device, service access to the requested service based on the compared result;
  
  o. updating, by the computing device, the stored SEAL by using the new SEAL.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the biographical information comprising at least one of:
    - birth date, birth certificate number, residential information, personal names, names of next of kin, email address, social media addresses, phone numbers, fax, social security number, passport number, driver'"'"'s license number, student ID, Medicaid number, landed immigration number, major credit card numbers, bank account numbers, personal signature, and security questions to which only the user knows the answers.
  - 3. The method of claim 1, wherein the biometric data comprising at least one of:
    - digitized pictures of direct face and side views of the user, digitized complete set of fingerprints, digitized the voice prints of the user uttering set of alphanumeric characters, scan into the computing device a copy of any government supplied identity cards having photograph and signature of the user, iris scan data and retina analysis data, vein analysis data, and DNA data.
  - 4. The method of claim 1, wherein the live video sequences is the user uttering a set of alphanumeric characters presented to the user.
  - 5. The method of claim 3, wherein the biometric data is used to calculate an enrollment aliveness score by computing and storing:
    - a. shape of the mouth each time the user utters the set of alphanumeric characters;
      
      b. pupil and eyelids movement each time the user utters the set of alphanumeric characters;
      
      c. number of head and eyebrow movements each time the user utters the set of alphanumeric characters;
      
      d. length of time the user takes to utter each alphanumeric character.
  - 6. The method of claim 1, wherein the identifier of the computing device comprises at least one of Internet Protocol (IP) address and Media Access Control (MAC) address;
    - and the geographical location as given by the Global Positioning System (GPS) coordinates.
  - 7. The method of claim 1, further comprising:
    - a. Scoring and ranking each of the one or more biographical information, each of the one or more biometric data, and each of the one or more aliveness data in the SEAL based on importance;
      
      b. Scoring and ranking each biographic information, biometric data and aliveness data in the new SEAL based on importance;
      
      c. Calculating an authentication label score using at least a combination of at least partial of the scores of the SEAL and at least partial of the scores of the new SEAL;
      
      d. Granting the user access to the requested service when the authentication label score exceeds a predetermined threshold value.

8. An apparatus for identifying, and authenticating a user based on user credentials, the apparatus comprising:
- A processor;
  
  A memory;
  
  A camera;
  
  A downloaded application, comprising computer program, wherein when processed by the processor, carries out the steps of;
  
  a. requesting the user to enrol by first signing a personal consent release document;
  
  b. capturing one or more biometric data of the user;
  
  c. obtaining one or more of the user'"'"'s biographical information from the user;
  
  d. capturing, by the camera, one or more aliveness data by recording a live video sequences of the user;
  
  e. requesting one or more of the user'"'"'s current biographical data from authoritative government, commercial and private databases;
  
  f. determining geographical location and identifier of the computing device;
  
  g. establishing aliveness data of the user by analyzing movements of the captured live video sequences of the user;
  
  h. verifying differences of the biographical information with the biographical data;
  
  i. prompting to seek correction of the biographical information from the user for the verified differences;
  
  j. generating and storing a secure entity authentication label (SEAL) by combining the biographical information, biometric data and the aliveness data;
  
  k. requesting a subset of randomly selected biographical information, biometric data and aliveness data from the user upon a user'"'"'s request for a service;
  
  l. generating a new SEAL using the subset of randomly selected biographical information, biometric data and aliveness data from the user;
  
  m. comparing the new SEAL with the stored SEAL;
  
  n. authenticating service access to the requested service based on the compared result;
  
  o. updating the stored SEAL by using the new SEAL.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The apparatus of claim 8, wherein the biographical information comprising at least one of:
    - birth date, birth certificate number, residential information, personal names, names of next of kin, email address, social media addresses, phone numbers, fax, social security number, passport number, driver'"'"'s license number, student ID, Medicaid number, landed immigration number, major credit card numbers, bank account numbers, personal signature, and security questions to which only the user knows the answers.
  - 10. The apparatus of claim 8, wherein the biometric data comprising at least one of:
    - digitized pictures of direct face and side views of the user, digitized complete set of fingerprints, digitized the voice prints of the user uttering set of alphanumeric characters, scan into the computing device a copy of any government supplied identity cards having photograph and signature of the user, iris scan data and retina analysis data, vein analysis data, and DNA data.
  - 11. The apparatus of claim 8, wherein the live video sequences is the user uttering a set of alphanumeric characters presented to the user.
  - 12. The apparatus of claim 10, wherein the biometric data is used to calculate an enrollment aliveness score by computing and storing:
    - a. shape of the mouth each time the user utters the set of alphanumeric characters;
      
      b. pupil and eyelids movement each time the user utters the set of alphanumeric characters;
      
      c. number of head and eyebrow movements each time the user utters the set of alphanumeric characters;
      
      d. length of time the user takes to utter each alphanumeric character.
  - 13. The apparatus of claim 8, wherein the identifier of the computing device comprises at least one of Internet Protocol (IP) address and Media Access Control (MAC) address;
    - and the geographical location as given by the Global Positioning System (GPS) coordinates.
  - 14. The apparatus of claim 8, wherein the downloaded application, when processed by the processor, further carries out the steps of:
    - a. Scoring and ranking each of the one or more biographical information, each of the one or more biometric data, and each of the one or more aliveness data in the SEAL based on importance;
      
      b. Scoring and ranking each biographic information, biometric data and aliveness data in the new SEAL based on importance;
      
      c. Calculating an authentication label score using at least a combination of at least partial of the scores of the SEAL and at least partial of the scores of the new SEAL;
      
      d. Granting the user access to the requested service when the authentication label score exceeds a predetermined threshold value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Edward Tomes
Original Assignee
Ronald Henry Minter
Inventors
Minter, Ronald Henry, Ntake, Pasteur Lutashubanyuma, Tomes, Edward, Mwikalo, Rama Rama
Primary Examiner(s)
LIN, KENNY S

Application Number

US14/530,721
Publication Number

US 20160127359A1
Time in Patent Office

801 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06V 40/45   Detection of the body part ...

G06V 40/70   Multimodal biometrics, e.g....

H04L 63/0861   using biometrical features,...

H04L 63/107   wherein the security polici...

Compliant authentication based on dynamically-updated credentials

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Compliant authentication based on dynamically-updated credentials

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links