User authentication based on FOB/indicia scan

US 9,584,527 B2
Filed: 02/09/2016
Issued: 02/28/2017
Est. Priority Date: 02/07/2014
Status: Active Grant

First Claim

Patent Images

1. A computer apparatus for authenticating a user, the apparatus comprising:

a non-transitory memory;

a computer processor; and

a module stored in the memory, executable by the processor, and configured to cause the processor to;

receive a first request from a user to access at least one first function associated with a first application;

determine that access to the at least one first function requires user authentication;

initiate sensing of an authentication validating carrier comprising a first credential;

determine the first credential based at least in part on the sensed authentication validating carrier;

validate the first credential, thereby resulting in a first successful user authentication;

grant access to the at least one first function associated with the first application based at least in part on the first successful user authentication, wherein the access to at least one first function associated with the first application expires after an occurrence of an expiration event, wherein the expiration event is at least one of a lapse of a period of time, an event associated with a third party application, an event associated with an operating system, and a user-initiated event;

receive a second request from the user for access to at least one second function associated with a second application;

determine that access to at least one second function associated with the second application requires user authentication;

receive a second credential from the user;

validate the second credential, thereby resulting in a second successful user authentication; and

grant access to the at least one second function associated with the second application based on the second successful user authentication.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention are directed to systems, methods and computer program products for receiving a request from a user for access to at least one function associated with a first application; determining that access to at least one function requires user authentication; initiating sensing of an authentication validating carrier comprising a first credential; determining the first credential based at least in part on the sensed authentication validating carrier; validating the first credential, thereby resulting in a first successful user authentication; and granting access to at least one function associated with the first application based on the validation of the first successful user authentication.

169 Citations

16 Claims

1. A computer apparatus for authenticating a user, the apparatus comprising:
- a non-transitory memory;
  
  a computer processor; and
  
  a module stored in the memory, executable by the processor, and configured to cause the processor to;
  
  receive a first request from a user to access at least one first function associated with a first application;
  
  determine that access to the at least one first function requires user authentication;
  
  initiate sensing of an authentication validating carrier comprising a first credential;
  
  determine the first credential based at least in part on the sensed authentication validating carrier;
  
  validate the first credential, thereby resulting in a first successful user authentication;
  
  grant access to the at least one first function associated with the first application based at least in part on the first successful user authentication, wherein the access to at least one first function associated with the first application expires after an occurrence of an expiration event, wherein the expiration event is at least one of a lapse of a period of time, an event associated with a third party application, an event associated with an operating system, and a user-initiated event;
  
  receive a second request from the user for access to at least one second function associated with a second application;
  
  determine that access to at least one second function associated with the second application requires user authentication;
  
  receive a second credential from the user;
  
  validate the second credential, thereby resulting in a second successful user authentication; and
  
  grant access to the at least one second function associated with the second application based on the second successful user authentication.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The apparatus of claim 1, wherein the apparatus further comprises at least one sensor for sensing the authentication validating carrier and communicating carrier information based on the authentication validating carrier to the processor;
    - andwherein determining the first credential is based at least in part on the carrier information.
  - 3. The apparatus of claim 2, wherein the at least one sensor comprises a camera;
    - wherein the carrier information comprises an image of indicia;
      
      wherein the sensor is for sensing and communicating the image of indicia to the processor; and
      
      wherein determining the first credential comprises decoding the image of indicia, thereby resulting in the first credential.
  - 4. The apparatus of claim 2, wherein the at least one sensor comprises a microphone;
    - wherein the carrier information comprises an encoded audio message;
      
      wherein the sensor is for sensing and communicating the encoded audio message to the processor; and
      
      wherein determining the first credential comprises decoding the encoded audio message, thereby resulting in the first credential.
  - 5. The apparatus of claim 2, wherein the at least one sensor is a near field communications (NFC) reader;
    - wherein the carrier information comprises a signal comprised of an encoded message emitted from a fob;
      
      wherein the at least one sensor is for sensing and communicating the signal from the fob to the processor; and
      
      wherein determining the first credential comprises decoding the encoded message, thereby resulting in the first credential.
  - 6. The apparatus of claim 2, wherein the at least one sensor comprises a short range data transceiver;
    - wherein the carrier information comprises a signal comprised of an encoded message emitted from a short range data emitter;
      
      wherein the at least one sensor is for sensing and communicating the signal from the short range data emitter to the processor; and
      
      wherein determining the first credential comprises decoding the encoded message, thereby resulting in the first credential.
  - 7. The apparatus of claim 2, wherein the at least one sensor comprises an accelerometer;
    - wherein the carrier information comprises movement from the apparatus;
      
      wherein the at least one sensor is for sensing and communicating the movement from the apparatus to the processor; and
      
      wherein determining the first credential comprises analyzing the movement from the apparatus thereby resulting in the first credential.
  - 8. The apparatus of claim 2, wherein the at least one sensor comprises a light sensor;
    - wherein the carrier information comprises a pulsed light signal;
      
      wherein the at least one sensor is for sensing and communicating the pulsed light signal to the processor;
      
      wherein determining the first credential comprises analyzing the pulsed light signal thereby resulting in the first credential.
  - 9. The apparatus of claim 1, wherein granting access to the at least one first function associated with the first application is further based at least in part on the second successful user authentication.
  - 10. The apparatus of claim 1, wherein the expiration of the at least one first function associated with the first application is extended based at least in part on successfully validating the second credential.
  - 11. The apparatus of claim 10, wherein the number of times the expiration may be extended is limited as set by at least one of the user, the first application, the second application, a third party application, and an operating system.
  - 12. The apparatus of claim 1, wherein the apparatus is further configured to deny access to the at least one first function associated with the first application if the second credential cannot be verified.
  - 13. The apparatus as of claim 1, wherein the at least one first function associated with the first application is a subset of functions of the at least one second function associated with the second application.
  - 14. The apparatus of claim 1, wherein validating the first credential comprises:
    - receiving an encrypted key from a remote server;
      
      decrypting the encrypted key from the remote server using a common key;
      
      encrypting the first credential using the decrypted key;
      
      sending the encrypted first credential to the remote server using a network connection; and
      
      receiving a message from the remote server indicating whether the first credential was effectively validated.

15. A method for authenticating a user, the method comprising:
- receiving, by a computer processor, a request from a user to access at least one first function associated with a first application;
  
  determining, by a computer processor, that access to the at least one first function requires user authentication;
  
  initiating sensing, by a computer processor, of an authentication validating carrier comprising a firsts credential;
  
  determining, by a computer processor, the first credential based at least in part on the sensed authentication validating carrier;
  
  validating, by a computer processor, the first credential, thereby resulting in a first successful user authentication;
  
  granting access, by a computer processor, to the at least one first function associated with the first application based at least in part on the first successful user authentication, wherein the access to at least one first function associated with the first application expires after an occurrence of an expiration event, wherein the expiration event is at least one of a lapse of a period of time, an event associated with a third party application, an event associated with an operating system, and a user-initiated event;
  
  receiving, by a computer processor, a second request from the user for access to at least one second function associated with a second application;
  
  determining, by a computer processor, that access to at least one second function associated with the second application requires user authentication;
  
  receiving, by a computer processor, a second credential from the user;
  
  validating, by a computer processor, the second credential, thereby resulting in a second successful user authentication; and
  
  granting access, by a computer processor, to the at least one second function associated with the second application based on the second successful user authentication.

16. A computer program product for authenticating a user, the computer program product comprising:
- a non-transitory computer-readable medium comprising;
  
  a first set of codes for receiving a request from a user for access to at least one first function associated with a first application;
  
  a second set of codes for determining that access to the at least one first function requires user authentication;
  
  a third set of codes for initiating sensing of an authentication validating carrier comprising a first credential;
  
  a fourth set of codes for determining the first credential based at least in part on the sensed authentication validating carrier;
  
  a fifth set of codes for validating the first credential, thereby resulting in a first successful user authentication; and
  
  a sixth set of codes for granting access to the at least one first function associated with the first application based at least in part on the successful user authentication, wherein the access to at least one first function associated with the first application expires after an occurrence of an expiration event, wherein the expiration event is at least one of a lapse of a period of time, an event associated with a third party application, an event associated with an operating system, and a user-initiated event;
  
  a seventh set of codes for receiving a second request from the user for access to at least one second function associated with a second application;
  
  an eighth set of codes for determining that access to at least one second function associated with the second application requires user authentication;
  
  a ninth set of codes for receiving a second credential from the user;
  
  a tenth set of codes for validating the second credential, thereby resulting in a second successful user authentication; and
  
  an eleventh set of codes for granting access to the at least one second function associated with the second application based on the second successful user authentication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Grigg, David M., Burrell, Charles Jason, Bertanzetti, Peter John
Primary Examiner(s)
Truong, Thanhnga B

Application Number

US15/019,627
Publication Number

US 20160164870A1
Time in Patent Office

385 Days
Field of Search

726/4, 726/5, 726/7, 726/19, 726/20, 726/27, 726/28, 713/182, 707/770, 455/41.1, 705/16, 705/50
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/629   to features or functions of...

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2149   Restricted operating enviro...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04L 63/0876   based on the identity of th...

H04L 63/105   Multiple levels of security

H04L 63/107   wherein the security polici...

H04L 9/3226   using a predetermined code,...

H04W 4/80   Services using short range ...

User authentication based on FOB/indicia scan

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

169 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

User authentication based on FOB/indicia scan

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

169 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links