Systems and methods for geolocation-based authentication and authorization
First Claim
1. A method, comprising:
- determining, by a device and based on receiving a first request for a first data access session from a mobile device, a first geographic location of the mobile device,the first geographic location of the mobile device being determined by one or more of;
cell identification,cellular tower triangulation,Wi-Fi, orGPS;
authorizing, by the device and based on the first geographic location being within an authorization zone, the first data access session for the mobile device based on the first request;
determining, by the device and based on receiving a second request for a second data access session from the mobile device, a second geographic location of the mobile device,the second geographic location of the mobile device being determined by one or more of;
cell identification,cellular tower triangulation,Wi-Fi, orGPS;
determining, by the device, a first security level for authorization based on the second geographic location not being within the authorization zone,the first security level for authorization corresponding to a predetermined restriction zone;
denying, by the device, the second request for the second data access session based on determining that the first security level corresponds to the predetermined restriction zone,the predetermined restriction zone comprising a geo-fenced area in which access by the mobile device to application resources or functionality is restricted;
determining, by the device and based on receiving a third request for a third data access session from the mobile device, a third geographic location of the mobile device,the third geographic location of the mobile device being determined by one or more of;
cell identification,cellular tower triangulation,Wi-Fi, orGPS;
determining, by the device, a second security level for authorization based on the third geographic location not being within the authorization zone,the second security level for authorization corresponding to a multi-phase authorization zone;
requesting authorization information from the mobile device based on determining that the second security level corresponds to the multi-phase authorization zone.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided for controlling the authentication or authorization of a mobile device user for enabling access to the resources or functionality associated with an application or service executable at the user'"'"'s mobile device. The user or user'"'"'s mobile device may be automatically authenticated or authorized to access application or system resources at the device when the current geographic location of the user'"'"'s mobile device is determined to be within a preauthorized zone, e.g., based on a predetermined geo-fence corresponding to the preauthorized zone. A security level or amount of authorization credentials required to authorize a user for data access may be varied according any of a plurality of security levels, when the current or last known geographic location of the user'"'"'s mobile device is determined to be outside the preauthorized zone.
-
Citations
17 Claims
-
1. A method, comprising:
-
determining, by a device and based on receiving a first request for a first data access session from a mobile device, a first geographic location of the mobile device, the first geographic location of the mobile device being determined by one or more of; cell identification, cellular tower triangulation, Wi-Fi, or GPS; authorizing, by the device and based on the first geographic location being within an authorization zone, the first data access session for the mobile device based on the first request; determining, by the device and based on receiving a second request for a second data access session from the mobile device, a second geographic location of the mobile device, the second geographic location of the mobile device being determined by one or more of; cell identification, cellular tower triangulation, Wi-Fi, or GPS; determining, by the device, a first security level for authorization based on the second geographic location not being within the authorization zone, the first security level for authorization corresponding to a predetermined restriction zone; denying, by the device, the second request for the second data access session based on determining that the first security level corresponds to the predetermined restriction zone, the predetermined restriction zone comprising a geo-fenced area in which access by the mobile device to application resources or functionality is restricted; determining, by the device and based on receiving a third request for a third data access session from the mobile device, a third geographic location of the mobile device, the third geographic location of the mobile device being determined by one or more of; cell identification, cellular tower triangulation, Wi-Fi, or GPS; determining, by the device, a second security level for authorization based on the third geographic location not being within the authorization zone, the second security level for authorization corresponding to a multi-phase authorization zone; requesting authorization information from the mobile device based on determining that the second security level corresponds to the multi-phase authorization zone. - View Dependent Claims (2, 3, 4, 12, 13)
-
-
5. A non-transitory computer-readable medium storing instructions, the instructions comprising:
one or more instructions that, when executed by one or more processors of a device, cause the one or more processors to; determine, based on receiving a first request for a first data access session from a mobile device, a first geographic location of the mobile device, the first geographic location of the mobile device being determined by one or more of; cell identification, cellular tower triangulation, Wi-Fi, or GPS; authorize, based on the first geographic location being within an authorization zone, the first data access session for the mobile device based on the first request; determine, based on receiving a second request for a second data access session from the mobile device, a second geographic location of the mobile device, the second geographic location of the mobile device being determined by one or more of; cell identification, cellular tower triangulation, Wi-Fi, or GPS; determine a first security level for authorization based on the second geographic location not being within the authorization zone, the first security level for authorization corresponding to a predetermined restriction zone; deny the second request for the second data access session based on determining that the first security level corresponds to a restriction zone, the restriction zone comprising a geo-fenced area in which access by the mobile device to application resources or functionality is restricted; determine, based on receiving a third request for a third data access session from the mobile device, a third geographic location of the mobile device, the third geographic location of the mobile device being determined by one or more of; cell identification, cellular tower triangulation, Wi-Fi, or GPS; determine a second security level for authorization based on the third geographic location not being within the authorization zone, the second security level for authorization corresponding to a multi-phase authorization zone; and request authorization information from the mobile device based on determining that the second security level corresponds to the multi-phase authorization zone. - View Dependent Claims (6, 7, 8, 14, 15)
-
9. A device, comprising:
-
one or more memories; and one or more processors, communicatively coupled to the one or more memories, to; request, based on receiving a first request for a first data access session from a mobile device, a first geographic location of the mobile device, the first geographic location of the mobile device being determined by one or more of; cell identification, cellular tower triangulation, Wi-Fi, or GPS; authorize, based on the first geographic location being within an authorization zone, the first data access session for the mobile device based on the first request; request, based on receiving a second request for a second data access session from the mobile device, a second geographic location of the mobile device, the second geographic location of the mobile device being determined by one or more of; cell identification, cellular tower triangulation, Wi-Fi, or GPS; determine a first security level for authorization based on the second geographic location not being within the authorization zone, the first security level for authorization corresponding to a predetermined restriction zone; determine the second request for the second data access session based on determining that the first security level corresponds to a restriction zone, the restriction zone comprising a geo-fenced area in which access by the mobile device to application resources or functionality is restricted; determine, based on receiving a third request for a third data access session from the mobile device, a third geographic location of the mobile device, the third geographic location of the mobile device being determined by one or more of; cell identification, cellular tower triangulation, Wi-Fi, or GPS; determine a second security level for authorization based on the third geographic location not being within the authorization zone, the second security level for authorization corresponding to a multi-phase authorization zone; and request authorization information from the mobile device based on determining that the second security level corresponds to the multi-phase authorization zone. - View Dependent Claims (10, 11, 16, 17)
-
Specification