Determining user authentication based on user/device interaction

US 9,965,606 B2
Filed: 10/30/2015
Issued: 05/08/2018
Est. Priority Date: 02/07/2014
Status: Active Grant

First Claim

Patent Images

1. An apparatus for user authentication based on user/device interactions, the apparatus comprising:

a memory;

one or more processors; and

a security module stored in the memory, executable by the one or more processors, and configured to cause the one or more processors to;

communicate, to a computing device, code executable by the computing device that causes the computing device to monitor user patterns of a user based on the user physically interacting with the computing device;

receive, from the computing device, a baseline set of physical user patterns of the user for identifying the user, wherein the physical user patterns of the user comprise a manner in which the user performs correction of typing errors;

identify, from the baseline set of physical user patterns, one or more routine actions performed by the user while physically interacting with the computing device;

receive, from the user, a request to perform a transaction using the computing device, wherein the transaction is associated with a level of security that must be authenticated prior to completing the transaction;

receive, from the computing device, an identification set of physical user patterns of the user based on the user physically interacting with the computing device;

determine a threshold score based on comparing the identification set of physical user patterns with the baseline set of physical user patterns;

based on the threshold score, alter the level of security that must be authenticated prior to completing the transaction;

cause the one or more processors to update the baseline set of physical user patterns using the identification set of physical user patterns based on successfully validating one or more authentication credentials associated with the level of security;

communicate a request for the user to submit a response to one or more credentials associated with the level of security;

receive the response to the one or more credentials associated with the level of security;

authenticate the user based on validating the response to the one or more credentials associated with the level of security; and

perform the transaction based on authenticating the user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments are directed to systems, methods and computer program products for providing user authentication based on historical user patterns. Embodiments of the present invention may be configured to communicate code executable by a computing device that causes the computing device to monitor user patterns of a user based on the user interacting with the computing device; receive baseline user patterns to identify the user; identify, from the baseline user patterns, one or more routine actions performed by the user operating the computing device; receive a request to perform a transaction, wherein the transaction is associated with a level of security that must be authenticated; receive identification user patterns of the user based on the user interacting with the computing device; determine a threshold score based on comparing the identification user patterns with the baseline user patterns; and alter the level of security.

Citations

18 Claims

1. An apparatus for user authentication based on user/device interactions, the apparatus comprising:
- a memory;
  
  one or more processors; and
  
  a security module stored in the memory, executable by the one or more processors, and configured to cause the one or more processors to;
  
  communicate, to a computing device, code executable by the computing device that causes the computing device to monitor user patterns of a user based on the user physically interacting with the computing device;
  
  receive, from the computing device, a baseline set of physical user patterns of the user for identifying the user, wherein the physical user patterns of the user comprise a manner in which the user performs correction of typing errors;
  
  identify, from the baseline set of physical user patterns, one or more routine actions performed by the user while physically interacting with the computing device;
  
  receive, from the user, a request to perform a transaction using the computing device, wherein the transaction is associated with a level of security that must be authenticated prior to completing the transaction;
  
  receive, from the computing device, an identification set of physical user patterns of the user based on the user physically interacting with the computing device;
  
  determine a threshold score based on comparing the identification set of physical user patterns with the baseline set of physical user patterns;
  
  based on the threshold score, alter the level of security that must be authenticated prior to completing the transaction;
  
  cause the one or more processors to update the baseline set of physical user patterns using the identification set of physical user patterns based on successfully validating one or more authentication credentials associated with the level of security;
  
  communicate a request for the user to submit a response to one or more credentials associated with the level of security;
  
  receive the response to the one or more credentials associated with the level of security;
  
  authenticate the user based on validating the response to the one or more credentials associated with the level of security; and
  
  perform the transaction based on authenticating the user.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The apparatus of claim 1, wherein the level of security that must be authenticated prior to completing the transaction is one of a hard authentication and a soft authentication, wherein the hard authentication comprises two or more authentication credentials, and wherein the soft authentication comprises one authentication credential.
  - 3. The apparatus of claim 2, wherein altering the level of security that must be authenticated prior to completing the transaction comprises changing the level of security, if the level of security is the hard authentication, from the hard authentication to the soft authentication, or changing the level of security, if the level of security is the soft authentication to no authentication.
  - 4. The apparatus of claim 1, wherein the threshold score is associated with one of a fully authenticated tier, a partially authenticated tier, and no authenticated tier,wherein altering the level of security when the threshold score is associated with the fully authenticated tier comprises requiring no authentication credentials prior to performing the transaction,wherein altering the level of security when the threshold score is associated with the fully authenticated tier comprises requiring at least a partial number of the authentication credentials associated with the level of security prior to completing the transaction, andwherein altering the level of security when the threshold score is associated with the fully authenticated tier comprises requiring all of the authentication credentials associated with the level of security and at least one other authentication credential not associated with the level of security.
  - 5. The apparatus of claim 1, wherein the physical user patterns of the user further comprise at least one of a time of day when the user physically interacts with the computing device or specific applications stored on the computing device that the user accesses, an order in which the user accesses the specific applications stored on the computing device, an angle at which the user holds the computing device captured by the computing device using an accelerometer, contacts stored on the computing device, and the like.
  - 6. The apparatus of claim 1, wherein the security module is further configured to cause the one or more processors to update the baseline set of physical user patterns using the identification set of physical user patterns based on receiving validating one or more authentication credentials associated with the level of security.

7. A method for user authentication based on user/device interactions, the method comprising:
- communicating, to a computing device, code executable by the computing device that causes the computing device to monitor user patterns of a user based on the user physically interacting with the computing device;
  
  receiving, from the computing device, a baseline set of physical user patterns of the user for identifying the user, wherein the physical user patterns of the user comprise a manner in which the user performs correction of typing errors;
  
  identifying, from the baseline set of physical user patterns, one or more routine actions performed by the user while operating the computing device;
  
  receiving, from the user, a request to perform a transaction using the computing device, wherein the transaction is associated with a level of security that must be authenticated prior to completing the transaction;
  
  receiving, from the computing device, an identification set of physical user patterns of the user based on the user physically interacting with the computing device;
  
  determining a threshold score based on comparing the identification set of physical user patterns with the baseline set of physical user patterns;
  
  based on the threshold score, altering the level of security that must be authenticated prior to completing the transaction;
  
  cause the one or more processors to update the baseline set of physical user patterns using the identification set of physical user patterns based on successfully validating one or more authentication credentials associated with the level of security;
  
  cause the one or more processors to update the baseline set of physical user patterns using the identification set of physical user patterns based on successfully validating one or more authentication credentials associated with the level of security;
  
  communicate a request for the user to submit a response to one or more credentials associated with the level of security;
  
  receive the response to the one or more credentials associated with the level of security;
  
  authenticate the user based on validating the response to the one or more credentials associated with the level of security; and
  
  perform the transaction based on authenticating the user.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, wherein the level of security that must be authenticated prior to completing the transaction is one of a hard authentication and a soft authentication, wherein the hard authentication comprises two or more authentication credentials, and wherein the soft authentication comprises one authentication credential.
  - 9. The method of claim 8, wherein altering the level of security that must be authenticated prior to completing the transaction comprises changing the level of security, if the level of security is the hard authentication, from the hard authentication to the soft authentication, or changing the level of security, if the level of security is the soft authentication to no authentication.
  - 10. The method of claim 7, wherein the threshold score is associated with one of a fully authenticated tier, a partially authenticated tier, and no authenticated tier,wherein altering the level of security when the threshold score is associated with the fully authenticated tier comprises requiring no authentication credentials prior to performing the transaction,wherein altering the level of security when the threshold score is associated with the fully authenticated tier comprises requiring at least a partial number of the authentication credentials associated with the level of security prior to completing the transaction, andwherein altering the level of security when the threshold score is associated with the fully authenticated tier comprises requiring all of the authentication credentials associated with the level of security and at least one other authentication credential not associated with the level of security.
  - 11. The method of claim 7, wherein the physical user patterns of the user comprise at least one of a time of day when the user physically interacts with the computing device or specific applications stored on the computing device that the user accesses, an order in which the user accesses the specific applications stored on the computing device, an angle at which the user holds the computing device captured by the computing device using an accelerometer, contacts stored on the computing device, and the like.
  - 12. The method of claim 7, wherein the method further comprises updating the baseline set of physical user patterns using the identification set of physical user patterns based on receiving validating one or more authentication credentials associated with the level of security.

13. A computer program product for user authentication based on user/device interactions, the computer program product comprising a non-transitory computer-readable medium comprising code causing a first apparatus to:
- communicate, to a computing device, code executable by the computing device that causes the computing device to monitor user patterns of a user based on the user physically interacting with the computing device;
  
  receive, from the computing device, a baseline set of physical user patterns of the user for identifying the user, wherein the physical user patterns of the user comprise a manner in which the user performs correction of typing errors;
  
  identify, from the baseline set of physical user patterns, one or more routine actions performed by the user while operating the computing device;
  
  receive, from the user, a request to perform a transaction using the computing device, wherein the transaction is associated with a level of security that must be authenticated prior to completing the transaction;
  
  receive, from the computing device, an identification set of physical user patterns of the user based on the user physically interacting with the computing device;
  
  determine a threshold score based on comparing the identification set of physical user patterns with the baseline set of physical user patterns;
  
  based on the threshold score, alter the level of security that must be authenticated prior to completing the transaction;
  
  cause the one or more processors to update the baseline set of physical user patterns using the identification set of physical user patterns based on successfully validating one or more authentication credentials associated with the level of security;
  
  cause the one or more processors to update the baseline set of physical user patterns using the identification set of physical user patterns based on successfully validating one or more authentication credentials associated with the level of security;
  
  communicate a request for the user to submit a response to one or more credentials associated with the level of security;
  
  receive the response to the one or more credentials associated with the level of security;
  
  authenticate the user based on validating the response to the one or more credentials associated with the level of security; and
  
  perform the transaction based on authenticating the user.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The computer program product of claim 13, wherein the level of security that must be authenticated prior to completing the transaction is one of a hard authentication and a soft authentication, wherein the hard authentication comprises two or more authentication credentials, and wherein the soft authentication comprises one authentication credential.
  - 15. The computer program product of claim 14, wherein altering the level of security that must be authenticated prior to completing the transaction comprises changing the level of security, if the level of security is the hard authentication, from the hard authentication to the soft authentication, or changing the level of security, if the level of security is the soft authentication to no authentication.
  - 16. The computer program product of claim 13, wherein the threshold score is associated with one of a fully authenticated tier, a partially authenticated tier, and no authenticated tier,wherein altering the level of security when the threshold score is associated with the fully authenticated tier comprises requiring no authentication credentials prior to performing the transaction,wherein altering the level of security when the threshold score is associated with the fully authenticated tier comprises requiring at least a partial number of the authentication credentials associated with the level of security prior to completing the transaction, andwherein altering the level of security when the threshold score is associated with the fully authenticated tier comprises requiring all of the authentication credentials associated with the level of security and at least one other authentication credential not associated with the level of security.
  - 17. The computer program product of claim 13, wherein the physical user patterns of the user comprise at least one of a time of day when the user physically interacts with the computing device or specific applications stored on the computing device that the user accesses, an order in which the user accesses the specific applications stored on the computing device, an angle at which the user holds the computing device captured by the computing device using an accelerometer, contacts stored on the computing device, and the like.

18. A system for user authentication to perform at least one user action of a plurality of user actions associated with an application running on an apparatus and based on user/device interactions patterns, the system comprising:
- a memory;
  
  one or more processors; and
  
  computer-executable instructions stored in the memory, executable by the one or more processors, and configured to cause the one or more processors to;
  
  receive from a user, a request to execute the at least one user action from a plurality of user actions associated with an application, wherein execution of the at least one user action requires validation of one or more authentication credentials;
  
  collect a set of data comprising information related to one or more physical user patterns based on the user physically interacting with an apparatus, wherein the physical user patterns of the user comprise a manner in which the user performs correction of typing errors;
  
  determine a normal pattern of usage based on the collected set of data;
  
  determine a present pattern of usage based on the user physically interacting with the apparatus;
  
  determine a user pattern score of the user, comprising;
  
  comparing the present pattern of usage to the normal pattern of usage;
  
  determining that the present pattern of usage is outside the normal pattern of usage;
  
  setting the user pattern score by determining an extent to which the present pattern of usage is outside the normal pattern of usage;
  
  determine a level of security associated with the determined user pattern score;
  
  determine which one or more authentication types from a plurality of authentication types are associated with the level of security associated with the user pattern score;
  
  request one or more authentication credentials corresponding to the determined one or more authentication types;
  
  receive one or more authentication credentials from the user;
  
  validate the one or more authentication credentials, thereby resulting in a successful validation of the one or more authentication credentials;
  
  in response to the successful validation of the one or more authentication credentials, execute the at least one user action;
  
  cause the one or more processors to update the baseline set of physical user patterns using the identification set of physical user patterns based on successfully validating one or more authentication credentials associated with the level of security;
  
  cause the one or more processors to update the baseline set of physical user patterns using the identification set of physical user patterns based on successfully validating one or more authentication credentials associated with the level of security;
  
  communicate a request for the user to submit a response to one or more credentials associated with the level of security;
  
  receive the response to the one or more credentials associated with the level of security;
  
  authenticate the user based on validating the response to the one or more credentials associated with the level of security; and
  
  perform the transaction based on authenticating the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Votaw, Elizabeth S., Jones-McFadden, Alicia C., Grigg, David M., Bertanzetti, Peter John, Toth, Michael E., Hanson, Carrie Anne
Primary Examiner(s)
Gelagay, Shewaye
Assistant Examiner(s)
Fields, Courtney

Application Number

US14/928,332
Publication Number

US 20160055326A1
Time in Patent Office

921 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/316   by observing the pattern of...

G06F 21/45   Structures or tools for the...

G06F 2221/2113   Multi-level security, e.g. ...

H04L 2463/082   applying multi-factor authe...

H04L 63/08   for authentication of entit...

Determining user authentication based on user/device interaction

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Determining user authentication based on user/device interaction

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links