Multi-factor authentication techniques
First Claim
1. A data processing system comprising:
- a memory that stores program code instructions and data;
a processing system including at least one processing unit, wherein the processing system executes at least a portion of the program code instructions and processes the data;
wherein the memory includes at least one authentication element executable by the processing system, wherein the at least one authentication element instructs the processing system to;
perform at least one teaching phase with respect to at least one user, wherein, in the at least one teaching phase, authentication information is collected for the user in at least two of the following at least three categories;
a first category on measurable physical characteristics of the user including at least image data for an image of the user performing at least one physical gesture;
a second category on communication resources provided by a mobile device associated with the user; and
a third category on knowledge possessed by the user, andperform at least one authentication phase with respect to the at least one user, wherein, the at least two categories of collected authentication information comprises at least the first category,wherein, in the at least one authentication phase, at least a portion of the collected authentication information is used to formulate at least one challenge for presentation to the user,wherein at least one response to the formulated challenge is received from the user and correctness of the received response is determined based at least partially on comparison with at least a portion of the collected authentication information,wherein at least one correctness metric is calculated for the at least one response received from the user; and
wherein the user is authenticated if the at least one calculated correctness metric meets or exceeds a first threshold value.
13 Assignments
0 Petitions
Accused Products
Abstract
An authentication technique with a teaching phase and authentication phase. In the teaching phase, authentication information is collected for a user in at least two categories, wherein one category relates to measurable physical characteristics of the user, another category relates to communication resources available to the user; and a third category relates to knowledge possessed by the user. In the authentication phase, some of the collected authentication information is used to formulate challenge(s) for presentation to the user. Response(s) to the formulated challenge(s) is/are received from the user and correctness of the received response is determined based at least partially on comparison with at least a portion of the collected authentication information. A correctness metric is calculated for the response(s). The user is authenticated if the correctness metric meets or exceeds a first threshold value.
-
Citations
35 Claims
-
1. A data processing system comprising:
-
a memory that stores program code instructions and data; a processing system including at least one processing unit, wherein the processing system executes at least a portion of the program code instructions and processes the data; wherein the memory includes at least one authentication element executable by the processing system, wherein the at least one authentication element instructs the processing system to; perform at least one teaching phase with respect to at least one user, wherein, in the at least one teaching phase, authentication information is collected for the user in at least two of the following at least three categories; a first category on measurable physical characteristics of the user including at least image data for an image of the user performing at least one physical gesture; a second category on communication resources provided by a mobile device associated with the user; and a third category on knowledge possessed by the user, and perform at least one authentication phase with respect to the at least one user, wherein, the at least two categories of collected authentication information comprises at least the first category, wherein, in the at least one authentication phase, at least a portion of the collected authentication information is used to formulate at least one challenge for presentation to the user, wherein at least one response to the formulated challenge is received from the user and correctness of the received response is determined based at least partially on comparison with at least a portion of the collected authentication information, wherein at least one correctness metric is calculated for the at least one response received from the user; and wherein the user is authenticated if the at least one calculated correctness metric meets or exceeds a first threshold value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
-
-
15. The data processing system of 12, wherein the biometric information comprises image data associated with at least one of a user'"'"'s face, and a user'"'"'s iris.
-
30. A method comprising:
-
storing program code instructions and data in a memory; executing at least a portion of the program code instructions and processing at least a portion of the data by a processing system that includes at least one processing unit; wherein said executing instructs the processing system to; perform at least one teaching phase with respect to at least one user, wherein, in the at least one teaching phase, authentication information is collected for the user in at least two of the following at least three categories; a first category on measurable physical characteristics of the user including at least image data for an image of the user performing at least one physical gesture; a second category on communication resources provided by a mobile device associated with the user; and a third category on knowledge possessed by the user, perform at least one authentication phase with respect to the at least one user, wherein, the at least two categories of collected authentication information comprises at least the first category, wherein, in the at least one authentication phase, at least a portion of the collected authentication information is used to formulate at least one challenge for presentation to the user, wherein at least one response to the formulated challenge is received from the user and correctness of the received response is determined based at least partially on comparison with at least a portion of the collected authentication information, wherein at least one correctness metric is calculated for the at least one response received from the user, and wherein the user is authenticated if the at least one calculated correctness metric meets or exceeds a first threshold value. - View Dependent Claims (31)
-
-
32. A non-transitory memory device comprising program code instructions and data, wherein executing at least a portion of the program code instructions and processing at least a portion of the data by a processing system that includes at least one processing unit instructs the processing system to:
-
perform at least one teaching phase with respect to at least one user, wherein, in the at least one teaching phase, authentication information is collected for the user in at least two of the following at least three categories; a first category on measurable physical characteristics of the user including at least image data for an image of the user performing at least one physical gesture; a second category on communication resources provided by a mobile device associated with the user; and a third category on knowledge possessed by the user, and perform at least one authentication phase with respect to the at least one user, wherein, the at least two categories of collected authentication information comprises at least the first category, wherein, in the at least one authentication phase, at least a portion of the collected authentication information is used to formulate at least one challenge for presentation to the user, wherein at least one response to the formulated challenge is received from the user and correctness of the received response is determined based at least partially on comparison with at least a portion of the collected authentication information, wherein at least one correctness metric is calculated for the at least one response received from the user, and wherein the user is authenticated if the at least one calculated correctness metric meets or exceeds a first threshold value. - View Dependent Claims (33)
-
-
34. A data processing system comprising:
-
a memory that stores program code instructions and data; a processing system including at least one processing unit, wherein the processing system executes at least a portion of the program code instructions and processes the data; wherein the memory includes at least one authentication element that is implemented in part on a server accessible to multiple users and at least one mobile device associated with a user, the user being an authentication subject whose identity is to be authenticated by the data processing system, wherein the at least one authentication element executable by the processing system instructs the processing system to; perform at least one teaching phase with respect to at least one user, wherein, in the at least one teaching phase, authentication information is collected for the user in at least two of the following at least three categories; a first category on measurable physical characteristics of the user including at least image data for an image of the user performing at least one physical gesture; a second category on communication resources provided by a mobile device associated with the user; and a third category on knowledge possessed by the user; wherein, the at least two categories of collected authentication information comprises the first category; perform at least one authentication phase with respect to the at least one user, wherein, in the at least one authentication phase, at least a portion of the collected authentication information is used to formulate at least one challenge for presentation to the user, wherein at least one response to the formulated challenge is received from the user and correctness of the received response is determined based at least partially on comparison with at least a portion of the collected authentication information, wherein at least one correctness metric is calculated for the at least one response received from the user; and wherein the user is authenticated if the at least one calculated correctness metric meets or exceeds a first threshold value. - View Dependent Claims (35)
-
Specification