Allowing access to applications based on user authentication

US 9,684,776 B2
Filed: 11/12/2014
Issued: 06/20/2017
Est. Priority Date: 07/29/2014
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method to authenticate users to allow access to applications on user computing devices, comprising:

communicating, by a mobile computing devices, a request for user authorization data to two or more authentication technologies operating on the mobile computing device associated with a user;

receiving, by the mobile computing devices, the user authentication data from the two or more authentication technologies operating on the mobile computing device;

comparing, by the mobile computing devices, the user authentication data to a set of stored authorization data associated with the user;

identifying, by the mobile computing devices, an authentication state of the user for each of the two or more authentication technologies based on a match of the user authentication data and the set of stored user authentication data;

determining, by the mobile computing devices, that a match exists for the user authentication data for a first authentication technology of the two or more authentication technologies and the set of stored user authentication data, and that a match does not exist for the user authentication data for a second authentication technology of the two or more authentication technologies and the set of stored user authentication data;

allowing, by the mobile computing device, access to a first application of the one or more applications operating on the mobile computing device based on the determination; and

denying, by the mobile computing device, access to a second application of the one or more applications operating on the mobile computing device based on the determination.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Authenticating users comprises a computing device that receives a manual authentication input of a user and initiates a first user session between the user and the user computing device. The device communicates a request for a first user authorization data from an authentication technology associated with the one or more computing devices and receives the first user authentication data. The user or the device terminates the first user session and subsequently receives an input of the user to initiate a second user session. The device communicates a request for second user authentication data from the authentication technology and compares the first user authentication data and the second user authentication data. The device identifies a match of one or more features of the first user authentication data and one or more features of the second user authentication data and authorizes the user to conduct the second user session.

Citations

22 Claims

1. A computer-implemented method to authenticate users to allow access to applications on user computing devices, comprising:
- communicating, by a mobile computing devices, a request for user authorization data to two or more authentication technologies operating on the mobile computing device associated with a user;
  
  receiving, by the mobile computing devices, the user authentication data from the two or more authentication technologies operating on the mobile computing device;
  
  comparing, by the mobile computing devices, the user authentication data to a set of stored authorization data associated with the user;
  
  identifying, by the mobile computing devices, an authentication state of the user for each of the two or more authentication technologies based on a match of the user authentication data and the set of stored user authentication data;
  
  determining, by the mobile computing devices, that a match exists for the user authentication data for a first authentication technology of the two or more authentication technologies and the set of stored user authentication data, and that a match does not exist for the user authentication data for a second authentication technology of the two or more authentication technologies and the set of stored user authentication data;
  
  allowing, by the mobile computing device, access to a first application of the one or more applications operating on the mobile computing device based on the determination; and
  
  denying, by the mobile computing device, access to a second application of the one or more applications operating on the mobile computing device based on the determination.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the determining step comprises comparing, by mobile computing devices, a generated user authentication rating to a database of applications, the database comprising a particular user authentication rating required for the user to be allowed access to each particular application in the database.
  - 3. The method of claim 2, wherein the user authentication rating is a calculated percentage of a total number of user authentication technologies that produced a positive authorization result.
  - 4. The method of claim 1, wherein the user is not allowed access to any functions of the mobile computing device if a match does not exist for the user authentication data for any technology of the two or more authentication technologies and the set of stored user authentication data.
  - 5. The method of claim 1, wherein the user is allowed access to all functions of the mobile computing device if a match exists for the user authentication data for all technologies of the two or more authentication technologies and the set of stored user authentication data.
  - 6. The method of claim 2, wherein the authentication rating of the user is based on a weighted function of the identified authentication states.
  - 7. The method of claim 1, further comprising storing, by the mobile computing device, the authorization data associated with the user that is received at a time that a user session is active after receiving a manual authentication input of the user.
  - 8. The method of claim 1, wherein the user is prevented from accessing secure applications on the mobile computing device if the match does not exist for the user authentication data for a second technology of the two or more authentication technologies and the set of stored user authentication data.
  - 9. The method of claim 1, wherein a minimum configured number of authentication technologies must produce a match before the user is allowed access to any functions of the mobile computing device.
  - 10. The method of claim 1, wherein the set of stored authorization data is stored on the mobile computing device.

11. A computer program product, comprising:
- a non-transitory computer-readable storage device having computer-executable program instructions embodied thereon that when executed by a computer cause the computer to authenticate users to access applications, the computer readable instructions comprising;
  
  computer-executable program instructions to receive user authentication data from two or more authentication technologies operating on the computer associated with a user;
  
  computer-executable program instructions to compare the user authentication data to a set of stored authorization data associated with the user;
  
  computer-executable program instructions to identify an authentication state of the user for each of the two or more authentication technologies based on a match of the user authentication data and the set of stored user authentication data for each particular authentication technology;
  
  computer-executable program instructions to determine that a match exists for the user authentication data for a first authentication technology of the two or more authentication technologies and the set of stored user authentication data, and that a match foes not exist for the user authentication data for a second authentication technology of the two or more authentication technologies and the set of stored user authentication data; and
  
  computer-executable program instructions to allow access to a first application of the one or more applications operating on the mobile computing device based on the determination.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The computer program product of claim 11, wherein the determining step comprises computer-executable program instructions to compare a user authentication rating to a database of applications, the database comprising a minimum user authentication rating required for the user to be allowed access to each application in the database.
  - 13. The computer program product of claim 12, wherein the user authentication rating is a calculated percentage of a total number of user authentication technologies that produced a positive authorization result.
  - 14. The computer program product of claim 12, wherein the user is not allowed access to any functions of the computer if the user authentication rating is below a configured threshold.
  - 15. The computer program product of claim 12, wherein the user is allowed access to all functions of the computer if the user authentication rating is above a configured threshold.
  - 16. The computer program product of claim 12, wherein the authentication rating of the user is based on a weighted function of the identified authentication states.
  - 17. The computer program product of claim 11, the set of stored authorization data being stored on the computer.

18. A system to authenticate users to allow access to applications, comprising:
- one or more authentication technologies;
  
  a storage device; and
  
  a processor communicatively coupled to the storage device, wherein the processor executes application code instructions that are stored in the storage device to cause the system to;
  
  receive user authentication data from two or more authentication technologies of the system;
  
  compare the user authentication data to a set of authorization data associated with a user and stored in the storage device;
  
  identify an authentication state of the user for each of the one or more authentication technologies based on a match of the received user authentication data and the set of stored user authentication data;
  
  generate a user authentication rating based on the authentication state of the user for each of the two or more authentication technologies;
  
  wherein a higher authentication state is generated if a match exists for at least two of the two or more authentication technologies and a lower authentication state if generated if a match exists for one or less of the two or more authentication technologies;
  
  allow access to a first application based on the generated user authentication rating being higher than a rating required to allow access to the first application; and
  
  deny access to a second application based on the generated user authentication rating being lower than a rating required to allow access to the second application.
- View Dependent Claims (19, 20, 21, 22)
- - 19. The system of claim 18, the application code instructions further causing the system to receive the set of user authorization data at a time that a user session is active after receiving a manual authentication input of the user.
  - 20. The system of claim 18, wherein the authentication rating of the user is based on a weighted function of the identified authentication states.
  - 21. The system of claim 18, wherein the user is prevented from accessing secure applications if the user authentication rating is below a configured threshold.
  - 22. The system of claim 18, wherein the user authorization rating must be above a minimum level before the user is allowed access to any functions of the processor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
Chandra, Deepak
Primary Examiner(s)
Korsak, Oleg

Application Number

US14/540,023
Publication Number

US 20160034675A1
Time in Patent Office

951 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31 User authentication

Allowing access to applications based on user authentication

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Allowing access to applications based on user authentication

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links