Authentication techniques including speech and/or lip movement analysis

US 10,637,853 B2
Filed: 08/05/2016
Issued: 04/28/2020
Est. Priority Date: 08/05/2016
Status: Active Grant

First Claim

Patent Images

1. An apparatus comprising:

a processor to execute an app; and

an authenticator to generate a first authentication key and to securely store the first authentication key,the authenticator to generate an attestation object usable by a relying party to confirm authenticity of the authenticator, the attestation object including a first component provided by the authenticator, a second component provided by the app and not by the authenticator, and a signature generated by the first authentication key over a combination of the first and second components, wherein the first component comprises one or more attributes of the authenticator, the one or more attributes of the authenticator including a firmware version of the authenticator.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, apparatus, method, and machine readable medium are described for attesting an authenticator. For example, one embodiment of an apparatus comprises: a processor to execute an app; and an authenticator to generate a first authentication key and to securely store the first authentication key, the authenticator to generate an attestation object usable by a relying party to confirm authenticity of the authenticator, the attestation object including a first component provided by the authenticator, a second component provided by the app, and a signature generated by the first authentication key over a combination of the first and second components.

449 Citations

24 Claims

1. An apparatus comprising:
- a processor to execute an app; and
  
  an authenticator to generate a first authentication key and to securely store the first authentication key,the authenticator to generate an attestation object usable by a relying party to confirm authenticity of the authenticator, the attestation object including a first component provided by the authenticator, a second component provided by the app and not by the authenticator, and a signature generated by the first authentication key over a combination of the first and second components, wherein the first component comprises one or more attributes of the authenticator, the one or more attributes of the authenticator including a firmware version of the authenticator.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The apparatus as in claim 1 wherein the second component comprises data generated by or associated with the app.
  - 3. The apparatus as in claim 1 wherein the first component includes text associated with a transaction as confirmed by a user or a personal identification number (PIN).
  - 4. The apparatus as in claim 3, wherein the first component further includes an actual length of the PIN.
  - 5. The apparatus as in claim 1 wherein the authenticator includes or is communicatively coupled to one or more biometric sensors to read biometric data to verify the user.
  - 6. The apparatus as in claim 5 wherein the biometric sensors comprise fingerprint sensors, microphones, and/or cameras.
  - 7. The apparatus as in claim 1 wherein the authenticator is to securely store the first authentication key in an embedded secure element, trusted platform module, or trusted execution environment.
  - 8. The apparatus as in claim 1 wherein the first authentication key comprises a private key of a public/private key pair, the public key being stored on the relying party.
  - 9. The apparatus as in claim 8 further comprising:
    - a camera capturing a sequence of images which include the user'"'"'s eyes as one or more screen layouts are displayed in response to a request to authenticate a user;
      
      an eye tracking module (a) performing eye movement detection across the sequence of images to identify a correlation between motion of the user'"'"'s eyes as the one or more screen layouts are presented and an expected motion of the user'"'"'s eyes as the one or more screen layouts are presented and/or (b) measuring the eye'"'"'s pupil size to identify a correlation between the effective light intensity of the screen and its effect on the user'"'"'s eye pupil size.
  - 10. The apparatus as in claim 9 further comprising:
    - a voice recognition module to perform voice recognition techniques to determine a correlation between captured audio of the user'"'"'s voice and one or more voice prints.
  - 11. The apparatus as in claim 10 further comprising:
    - a facial recognition engine to perform facial recognition to identify a correlation between one or more images of the user'"'"'s face and facial template data associated with the user.
  - 12. The apparatus as in claim 11 further comprising:
    - the authentication engine generating an assurance level based on one or more of;
      
      (a) the correlation between the images of the user'"'"'s face and facial template data associated with the user, (b) the correlation between the motion of the user'"'"'s eyes and an expected motion of the user'"'"'s eyes as the one or more screen layouts are presented; and
      
      (c) the correlation between the captured audio of the user'"'"'s voice and the one or more voice prints.

13. A system comprising:
- a client device comprising;
  
  a processor to execute an app; and
  
  an authenticator to generate a first authentication key and to securely store the first authentication key,the authenticator to generate an attestation object including a first component provided by the authenticator, a second component provided by the app and not by of the authenticator, and a signature generated by the first authentication key over a combination of the first and second components, wherein the first component comprises one or more attributes of the authenticator, the one or more attributes of the authenticator including a firmware version of the authenticator; and
  
  a relying party comprising an object verification module to confirm authenticity of the authenticator using the signature.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The system as in claim 13 wherein the object verification module is to use a second authentication key to generate a verification signature using metadata associated with the authenticator and to compare the verification signature with the signature generated by the authenticator, wherein if the signatures match, then the authenticity of the authenticator is confirmed.
  - 15. The system as in claim 14 wherein the first authentication key comprises a private key and the second authentication key comprises an associated public key.
  - 16. The system as in claim 13 wherein the second component comprises data generated by or associated with the app.
  - 17. The system as in claim 13 wherein the first component includes text associated with a transaction as confirmed by a user or a personal identification number (PIN).
  - 18. The system as in claim 13 wherein the authenticator includes or is communicatively coupled to one or more biometric sensors to read biometric data to verify the user.
  - 19. The system as in claim 18 wherein the biometric sensors comprise fingerprint sensors, microphones, and/or cameras.
  - 20. The system as in claim 13 wherein the authenticator is to securely store the first authentication key in an embedded secure element, trusted platform module, or trusted execution environment.

21. A method comprising:
- executing an app on a client device;
  
  generating and securely storing a first authentication key;
  
  generating an attestation object including a first component provided by an authenticator, a second component provided by the app and not by of the authenticator, and a signature generated by the first authentication key over a combination of the first and second components, wherein the first component comprises one or more attributes of the authenticator, the one or more attributes of the authenticator including a firmware version of the authenticator; and
  
  confirming authenticity of the authenticator at a relying party using the signature.
- View Dependent Claims (22, 23, 24)
- - 22. The method as in claim 21 further comprising:
    - using a second authentication key to generate a verification signature using metadata associated with the authenticator; and
      
      comparing the verification signature with the signature generated by the authenticator, wherein if the signatures match, then the authenticity of the authenticator is confirmed.
  - 23. The method as in claim 22 wherein the first authentication key comprises a private key and the second authentication key comprises an associated public key.
  - 24. The method as in claim 21 wherein the second component comprises data generated by or associated with the app.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nok Nok Labs Incorporated
Original Assignee
Nok Nok Labs Incorporated
Inventors
Lindemann, Rolf
Primary Examiner(s)
Waliullah, Mohammed

Application Number

US15/229,254
Publication Number

US 20180041503A1
Time in Patent Office

1,362 Days
Field of Search

713171
US Class Current
CPC Class Codes

H04L 2463/082   applying multi-factor authe...

H04L 63/0435   wherein the sending and rec...

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0861   using biometrical features,...

H04L 63/126   the source of the received ...

Authentication techniques including speech and/or lip movement analysis

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

449 Citations

24 Claims

Specification

Use Cases

Quick Links

Others

Authentication techniques including speech and/or lip movement analysis

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

449 Citations

24 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others