Event driven second factor credential authentication
First Claim
Patent Images
1. A method, comprisingdetecting, at a reader, a credential within a read range of the reader;
- receiving, at the reader, credential data from the credential;
detecting, at the reader, user input related to a sequence of multiple events controlled by the reader to count time, wherein the sequence of multiple events controlled by the reader to count time is selected from a group of possible events including;
(i) a plurality of light flashes;
(ii) a plurality of illuminated light sources;
(iii) a pattern of illuminated versus non-illuminated light sources;
(iv) a color of a light source; and
(v) a plurality of beeps emitted by the reader;
analyzing the event-based user input, wherein the event-based user input corresponds to a single user action detected at a particular time during the sequence of multiple events controlled by the reader to count time;
based on a successful authentication of the event-based user input, releasing the credential data from the reader; and
upon determining that the credential data and the event-based user input are both valid, permitting user access to an asset protected by the reader.
2 Assignments
0 Petitions
Accused Products
Abstract
A reader configured to perform dual-factor authentication is provided. The reader is configured to analyze credential data as well as event-based user inputs. The event-based user inputs are received in response to the reader presenting one or more events to a user and monitoring the user'"'"'s reaction thereto. Utilization of an event-based user input enables the reader to perform dual-factor authentication without necessarily being provided with a keyboard or other advanced user input device.
-
Citations
19 Claims
-
1. A method, comprising
detecting, at a reader, a credential within a read range of the reader; -
receiving, at the reader, credential data from the credential; detecting, at the reader, user input related to a sequence of multiple events controlled by the reader to count time, wherein the sequence of multiple events controlled by the reader to count time is selected from a group of possible events including;
(i) a plurality of light flashes;
(ii) a plurality of illuminated light sources;
(iii) a pattern of illuminated versus non-illuminated light sources;
(iv) a color of a light source; and
(v) a plurality of beeps emitted by the reader;analyzing the event-based user input, wherein the event-based user input corresponds to a single user action detected at a particular time during the sequence of multiple events controlled by the reader to count time; based on a successful authentication of the event-based user input, releasing the credential data from the reader; and upon determining that the credential data and the event-based user input are both valid, permitting user access to an asset protected by the reader. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A reader, comprising:
-
a network interface that enables the reader to communicate with a networked device; a credential interface that enables the reader to communicate with a credential carried by a user and receive information from the credential describing a sequence of multiple events to be performed by the reader in connection with proving the user'"'"'s knowledge of a secret; a user interface configured to present the sequence of multiple events to the user as a count of time; a processor; and computer memory coupled with the processor, the computer memory comprising instructions that enable the processor to perform the following functions; monitor user reactions to the sequence of events, the user reactions including moving a credential closer to or further away from the reader at a particular time during a display of the sequence of multiple events; and determine, based on the user reaction, whether the user has provided a valid event-based user input that proves the secret is known by the user; wherein the reader forwards credential data to a networked device for analysis only in response to the processor determining that the event-based user input is valid. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method of performing dual-factor authentication, comprising:
-
receiving, at a reader, credential data from a credential; analyzing the credential data; upon determining that the credential data is valid, presenting to a user of the credential a sequence of multiple events controlled by the reader to count time, wherein the sequence of multiple events controlled by the reader to count time is selected from a group of possible events including;
(i) a number of light flashes;
(ii) a number of illuminated light sources;
(iii) a pattern of illuminated versus non-illuminated light sources;
(iv) a color of a light source; and
(v) a number of beeps emitted by the reader;receiving, at the reader, user input related to the sequence of events controlled by the reader to count time; analyzing the event-based user input, wherein the event-based user input corresponds to a single user action detected at a particular time during the sequence of multiple events controlled by the reader to count time; and based on a successful authentication of the event-based user input and determination that the credential data is valid, permitting the user access to an asset protected by the reader. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
Specification