User authentication based on FOB/indicia scan

US 9,565,195 B2
Filed: 02/09/2016
Issued: 02/07/2017
Est. Priority Date: 02/07/2014
Status: Active Grant

First Claim

Patent Images

1. A computer apparatus for authenticating a user, the apparatus comprising:

A non-transitory memory;

a computer processor;

a plurality of sensors, the sensors being configured to sense a plurality of authentication validating carriers; and

a module stored in the memory, executable by the processor, and configured to cause the processor to;

receive a first request from a user to access at least one first function associated with a first software application, the first software application comprising a plurality of functions, the plurality of functions comprising different levels of sensitivity;

determine that access to the at least one first function requires user authentication;

initiate sensing of a first authentication validating carrier comprising a first credential based on the first request;

determine the first credential based at least in part on the sensed first authentication validating carrier;

validate the first credential based on the first request, thereby resulting in a first successful user authentication;

grant access to the at least one first function associated with the first software application based at least in part on the first successful user authentication, wherein the access to at least one first function associated with the first software application expires after an occurrence of an expiration event, wherein the expiration event is at least one of a lapse of a period of time, an event associated with a third party application, an event associated with an operating system, and a user-initiated event;

receive a second request from the user for access to at least one second function associated with a second software application;

determine that access to at least one second function associated with the second software application requires user authentication;

receive a second credential from the user;

validate the second credential, thereby resulting in a second successful user authentication; and

grant access to the at least one second function associated with the second software application based on the second successful user authentication.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention are directed to systems, methods and computer program products for receiving a request from a user for access to at least one function associated with a first application; determining that access to at least one function requires user authentication; initiating sensing of an authentication validating carrier comprising a first credential; determining the first credential based at least in part on the sensed authentication validating carrier; validating the first credential, thereby resulting in a first successful user authentication; and granting access to at least one function associated with the first application based on the validation of the first successful user authentication.

170 Citations

16 Claims

1. A computer apparatus for authenticating a user, the apparatus comprising:
- A non-transitory memory;
  
  a computer processor;
  
  a plurality of sensors, the sensors being configured to sense a plurality of authentication validating carriers; and
  
  a module stored in the memory, executable by the processor, and configured to cause the processor to;
  
  receive a first request from a user to access at least one first function associated with a first software application, the first software application comprising a plurality of functions, the plurality of functions comprising different levels of sensitivity;
  
  determine that access to the at least one first function requires user authentication;
  
  initiate sensing of a first authentication validating carrier comprising a first credential based on the first request;
  
  determine the first credential based at least in part on the sensed first authentication validating carrier;
  
  validate the first credential based on the first request, thereby resulting in a first successful user authentication;
  
  grant access to the at least one first function associated with the first software application based at least in part on the first successful user authentication, wherein the access to at least one first function associated with the first software application expires after an occurrence of an expiration event, wherein the expiration event is at least one of a lapse of a period of time, an event associated with a third party application, an event associated with an operating system, and a user-initiated event;
  
  receive a second request from the user for access to at least one second function associated with a second software application;
  
  determine that access to at least one second function associated with the second software application requires user authentication;
  
  receive a second credential from the user;
  
  validate the second credential, thereby resulting in a second successful user authentication; and
  
  grant access to the at least one second function associated with the second software application based on the second successful user authentication.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The apparatus of claim 1, wherein the plurality of sensors comprises a first sensor for sensing the first authentication validating carrier and communicating carrier information based on the first authentication validating carrier to the processor;
    - andwherein determining the first credential is based at least in part on the carrier information.
  - 3. The apparatus of claim 2, wherein the first sensor comprises a camera;
    - wherein the carrier information comprises an image of indicia;
      
      wherein the first sensor is for sensing and communicating the image of indicia to the processor; and
      
      wherein determining the first credential comprises decoding the image of indicia, thereby resulting in the first credential.
  - 4. The apparatus of claim 2, wherein the first sensor comprises a microphone;
    - wherein the carrier information comprises an encoded audio message;
      
      wherein the first sensor is for sensing and communicating the encoded audio message to the processor; and
      
      wherein determining the first credential comprises decoding the encoded audio message, thereby resulting in the first credential.
  - 5. The apparatus of claim 2, wherein the first sensor is a near field communications (NFC) reader;
    - wherein the carrier information comprises a signal comprised of an encoded message emitted from a fob;
      
      wherein the first sensor is for sensing and communicating the signal from the fob to the processor; and
      
      wherein determining the first credential comprises decoding the encoded message, thereby resulting in the first credential.
  - 6. The apparatus of claim 2, wherein the first sensor comprises a short range data transceiver;
    - wherein the carrier information comprises a signal comprised of an encoded message emitted from a short range data emitter;
      
      wherein the first sensor is for sensing and communicating the signal from the short range data emitter to the processor; and
      
      wherein determining the first credential comprises decoding the encoded message, thereby resulting in the first credential.
  - 7. The apparatus of claim 2, wherein the first sensor comprises an accelerometer;
    - wherein the carrier information comprises movement from the apparatus;
      
      wherein the first sensor is for sensing and communicating the movement from the apparatus to the processor; and
      
      wherein determining the first credential comprises analyzing the movement from the apparatus thereby resulting in the first credential.
  - 8. The apparatus of claim 2, wherein the first sensor comprises a light sensor;
    - wherein the carrier information comprises a pulsed light signal;
      
      wherein the first sensor is for sensing and communicating the pulsed light signal to the processor;
      
      wherein determining the first credential comprises analyzing the pulsed light signal thereby resulting in the first credential.
  - 9. The apparatus of claim 1, wherein the module is further configured to cause the processor to:
    - receive a third credential from the user;
      
      validate the third credential, thereby resulting in a third successful user authentication; and
      
      wherein granting access to the at least one first function associated with the first software application is further based at least in part on the third successful user authentication.
  - 10. The apparatus of claim 1, wherein the expiration of the at least one first function associated with the first software application is extended based at least in part on successfully validating the second credential.
  - 11. The apparatus of claim 10, wherein the number of times the expiration may be extended is limited as set by at least one of the user, the first software application, the second software application, a third party application, and an operating system.
  - 12. The apparatus of claim 1, wherein the apparatus is further configured to deny access to the at least one first function associated with the first software application if the second credential cannot be verified.
  - 13. The apparatus as of claim 1, wherein the at least one first function associated with the first software application is a subset of functions of the at least one second function associated with the second software application.
  - 14. The apparatus of claim 1, wherein validating the first credential comprises:
    - receiving an encrypted key from a remote server;
      
      decrypting the encrypted key from the remote server using a common key;
      
      encrypting the first credential using the decrypted key;
      
      sending the encrypted first credential to the remote server using a network connection; and
      
      receiving a message from the remote server indicating whether the first credential was effectively validated.

15. A method for authenticating a user, the method comprising:
- receiving, by a computer processor, a request from a user to access at least one first function associated with a first software application, the first software application comprising a plurality of functions, the functions comprising different levels of sensitivity;
  
  determining, by a computer processor, that access to the at least one first function requires user authentication;
  
  initiating sensing, by a computer processor using a first sensor of a plurality of sensors, of a first authentication validating carrier comprising a firsts credential based on the first request, the sensors being configured to sense a plurality of authentication validating carriers;
  
  determining, by a computer processor, the first credential based at least in part on the sensed authentication validating carrier;
  
  validating, by a computer processor, the first credential based on the first request, thereby resulting in a first successful user authentication;
  
  granting access, by a computer processor, to the at least one first function associated with the first software application based at least in part on the first successful user authentication, wherein the access to at least one first function associated with the first software application expires after an occurrence of an expiration event, wherein the expiration event is at least one of a lapse of a period of time, an event associated with a third party application, an event associated with an operating system, and a user-initiated event;
  
  receiving a second request from the user for access to at least one second function associated with a second software application;
  
  determining that access to at least one second function associated with the second software application requires user authentication;
  
  receiving a second credential from the user;
  
  validating the second credential, thereby resulting in a second successful user authentication; and
  
  granting access to the at least one second function associated with the second software application based on the second successful user authentication.

16. A computer program product for authenticating a user, the computer program product comprising a non-transitory computer-readable medium comprising:
- a first set of codes for receiving a request from a user for access to at least one first function associated with a first software application, the first software application comprising a plurality of functions, the functions comprising different levels of sensitivity;
  
  a second set of codes for determining that access to the at least one first function requires user authentication;
  
  a third set of codes for initiating sensing, using a first sensor of a plurality of sensors, of a first authentication validating carrier comprising a first credential based on the first request, the sensors being configured to sense a plurality of authentication validating carriers;
  
  a fourth set of codes for determining the first credential based at least in part on the sensed authentication validating carrier;
  
  a fifth set of codes for validating the first credential based on the first request, thereby resulting in a first successful user authentication;
  
  a sixth set of codes for granting access to the at least one first function associated with the first software application based at least in part on the successful user authentication, wherein the access to at least one first function associated with the first software application expires after an occurrence of an expiration event, wherein the expiration event is at least one of a lapse of a period of time, an event associated with a third party application, an event associated with an operating system, and a user-initiated event;
  
  a seventh set of codes for receiving a second request from the user for access to at least one second function associated with a second software application;
  
  an eighth sixth set of codes for determining that access to at least one second function associated with the second software application requires user authentication;
  
  a ninth set of codes for receiving a second credential from the user;
  
  a tenth set of codes for validating the second credential, thereby resulting in a second successful user authentication; and
  
  an eleventh set of codes for granting access to the at least one second function associated with the second software application based on the second successful user authentication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Grigg, David M., Burrell, Charles Jason, Bertanzetti, Peter John
Primary Examiner(s)
Truong, Thanhnga B

Application Number

US15/019,652
Publication Number

US 20160173504A1
Time in Patent Office

364 Days
Field of Search

726/4, 726/5, 726/7, 726/19, 726/20, 726/27, 726/28, 713/182, 707/770, 455/41.1, 705/16, 705/50
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/629   to features or functions of...

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2149   Restricted operating enviro...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04L 63/0876   based on the identity of th...

H04L 63/105   Multiple levels of security

H04L 63/107   wherein the security polici...

H04L 9/3226   using a predetermined code,...

H04W 4/80   Services using short range ...

User authentication based on FOB/indicia scan

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

170 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

User authentication based on FOB/indicia scan

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

170 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links