Performing authentication

US 10,791,121 B1
Filed: 07/27/2018
Issued: 09/29/2020
Est. Priority Date: 08/09/2006
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a processor configured to;

receive;

authentication input of a first type provided by a user, a cookie associated with the user, and physical location information associated with the user;

perform a security determination based at least in part on;

the authentication input provided by the user, the cookie associated with the user, and the physical location information associated with the user, wherein performing the security determination comprises determining, based at least in part on;

the authentication input of the first type provided by the user, the cookie associated with the user, and the physical location information associated with the user, that a threshold has been exceeded; and

based at least in part on the determination that the threshold has been exceeded, initiate an action comprising requesting additional authentication input usable to authenticate the user, wherein the requested additional authentication input is of a second type different from the first type, and wherein requesting the additional authentication input usable to authenticate the user comprises at least one of requesting the user to make or receive a phone call, requesting the user to respond to an electronic message, requesting the user to provide user credentials, and requesting the user to indicate preferences for one or more items; and

a memory coupled to the processor and configured to provide the processor with instructions.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Preference data is received. The received preference data is compared to stored preference data associated with a user with which the received preference data is associated. A determination is made whether to authorize an action based at least on the comparison. The preference data is received as a selection.

76 Citations

View as Search Results

23 Claims

1. A system, comprising:
- a processor configured to;
  
  receive;
  
  authentication input of a first type provided by a user, a cookie associated with the user, and physical location information associated with the user;
  
  perform a security determination based at least in part on;
  
  the authentication input provided by the user, the cookie associated with the user, and the physical location information associated with the user, wherein performing the security determination comprises determining, based at least in part on;
  
  the authentication input of the first type provided by the user, the cookie associated with the user, and the physical location information associated with the user, that a threshold has been exceeded; and
  
  based at least in part on the determination that the threshold has been exceeded, initiate an action comprising requesting additional authentication input usable to authenticate the user, wherein the requested additional authentication input is of a second type different from the first type, and wherein requesting the additional authentication input usable to authenticate the user comprises at least one of requesting the user to make or receive a phone call, requesting the user to respond to an electronic message, requesting the user to provide user credentials, and requesting the user to indicate preferences for one or more items; and
  
  a memory coupled to the processor and configured to provide the processor with instructions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system recited in claim 1 wherein the physical location information comprises at least one of GPS coordinates and an IP address.
  - 3. The system recited in claim 1 wherein performing the security determination comprises prompting the user to indicate whether they were previously in a physical location associated with the physical location information.
  - 4. The system recited in claim 1 wherein the processor is configured to select the threshold based at least in part on the presence of the cookie.
  - 5. The system recited in claim 1 wherein the processor is configured to select the threshold based at least in part on the physical location information associated with the user.
  - 6. The system recited in claim 5 wherein the processor is configured to select the threshold based at least in part on a relative distance between a physical location associated with the physical location information and a likely physical location of the user.
  - 7. The system recited in claim 5 wherein the physical location information comprises GPS coordinates and an IP address, and wherein the processor is configured to select the threshold based at least in part on an evaluation of a physical location associated with the GPS coordinates against a physical location associated with the IP address.
  - 8. The system recited in claim 1 wherein the threshold that has been exceeded comprises a threshold score.
  - 9. The system recited in claim 1 wherein the authentication input of the first type provided by the user comprises user provided indications of preferences for one or more items presented in an interface usable for authentication.
  - 10. The system recited in claim 9 wherein the processor is further configured to:
    - receive, during an enrollment phase, indications of preferences for a set of items;
      
      store the indications of preferences received for the set of items during the enrollment phase; and
      
      perform the security determination based at least in part on an evaluation of at least some of the user provided indications of preferences against at least some of the stored indications of preferences received during the enrollment phase.
  - 11. The system recited in claim 9 wherein the one or more items presented in the interface are selected from a set of available items, and wherein the processor is configured to randomize at least one of the selection of the one or more items from the set of available items and the interface used for authentication.

12. A method, comprising:
- receiving;
  
  authentication input of a first type provided by a user, a cookie associated with the user, and physical location information associated with the user;
  
  performing a security determination based at least in part on;
  
  the authentication input provided by the user, the cookie associated with the user, and the physical location information associated with the user, wherein performing the security determination comprises determining, based at least in part on;
  
  the authentication input of the first type provided by the user, the cookie associated with the user, and the physical location information associated with the user, that a threshold has been exceeded; and
  
  based at least in part on the determination that the threshold has been exceeded, initiating an action comprising requesting additional authentication input usable to authenticate the user, wherein the requested additional authentication input is of a second type different from the first type, and wherein requesting the additional authentication input usable to authenticate the user comprises at least one of requesting the user to make or receive a phone call, requesting the user to respond to an electronic message, requesting the user to provide user credentials, and requesting the user to indicate preferences for one or more items.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The method of claim 12 wherein the physical location information comprises at least one of GPS coordinates and an IP address.
  - 14. The method of claim 12 wherein performing the security determination comprises prompting the user to indicate whether they were previously in a physical location associated with the physical location information.
  - 15. The method of claim 12 further comprising selecting the threshold based at least in part on the presence of the cookie.
  - 16. The method of claim 12 further comprising selecting the threshold based at least in part on the physical location information associated with the user.
  - 17. The method of claim 16 further comprising selecting the threshold based at least in part on a relative distance between a physical location associated with the physical location information and a likely physical location of the user.
  - 18. The method of claim 16 wherein the physical location information comprises GPS coordinates and an IP address, and further comprising selecting the threshold based at least in part on an evaluation of a physical location associated with the GPS coordinates against a physical location associated with the IP address.
  - 19. The method of claim 12 wherein the threshold that has been exceeded comprises a threshold score.
  - 20. The method of claim 12 wherein the authentication input of the first type provided by the user comprises user provided indications of preferences for one or more items presented in an interface usable for authentication.
  - 21. The method of claim 20 further comprising:
    - receiving, during an enrollment phase, indications of preferences for a set of items;
      
      storing the indications of preferences received for the set of items during the enrollment phase; and
      
      performing the security determination based at least in part on an evaluation of at least some of the user provided indications of preferences against at least some of the stored indications of preferences received during the enrollment phase.
  - 22. The method of claim 20 wherein the one or more items presented in the interface are selected from a set of available items, and further comprising randomizing at least one of the selection of the one or more items from the set of available items and the interface used for authentication.

23. A computer program product embodied in a non-transitory computer readable storage medium and comprising computer instructions for:
- receiving;
  
  authentication input of a first type provided by a user, a cookie associated with the user, and physical location information associated with the user;
  
  performing a security determination based at least in part on;
  
  the authentication input provided by the user, the cookie associated with the user, and the physical location information associated with the user, wherein performing the security determination comprises determining, based at least in part on;
  
  the authentication input of the first type provided by the user, the cookie associated with the user, and the physical location information associated with the user, that a threshold has been exceeded; and
  
  based at least in part on the determination that the threshold has been exceeded, initiating an action comprising requesting additional authentication input usable to authenticate the user, wherein the requested additional authentication input is of a second type different from the first type, and wherein requesting the additional authentication input usable to authenticate the user comprises at least one of requesting the user to make or receive a phone call, requesting the user to respond to an electronic message, requesting the user to provide user credentials, and requesting the user to indicate preferences for one or more items.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RavenWhite Security, Inc. (Bjorn Markus Jakobsson)
Original Assignee
RavenWhite Security, Inc. (Bjorn Markus Jakobsson)
Inventors
Jakobsson, Bjorn Markus
Primary Examiner(s)
Holder, Bradley W

Application Number

US16/048,082
Time in Patent Office

795 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/00   Security arrangements for p...

G06F 21/31   User authentication

G06F 21/552   involving long-term monitor...

G06F 2221/2131   Lost password, e.g. recover...

H04K 1/00   Secret communication

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/605   Copy protection

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/083   using passwords cryptograph...

H04L 63/102   Entity profiles

H04L 63/107   wherein the security polici...

H04L 63/1483   service impersonation, e.g....

H04L 63/18   using different networks or...

H04L 9/0891   Revocation or update of sec...

H04W 4/02   Services making use of loca...

Performing authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

76 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Performing authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

76 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links