Location Determination for User Authentication
First Claim
1. A method for user authentication, the method comprising:
- receiving, by at least one processor, an authentication request from a client device;
acquiring, by the at least one processor, at least one HTTP (Hypertext Transfer Protocol) cookie from the client device, wherein the HTTP cookie includes metadata associated with a current geographical location;
acquiring, by the at least one processor, at least one HTTP cookie from the client device, wherein the HTTP cookie includes metadata associated with a trusted tolerance geographical area;
determining, by the at least one processor, whether the current geographical location of the client device is within the trusted tolerance geographical area; and
in response to the authentication request, authenticating the client device, by the at least one processor, based at least in part on a determination that the current geographical location of the client device is within the trusted tolerance geographical area.
1 Assignment
0 Petitions
Accused Products
Abstract
User authentication techniques based on geographical locations associated with a client device is provided. A network connection can be established between two or more host machines and a client device. Upon a request received from the client device by one of these host machines, round trip times of test messages may be measured between the client device and each of the host machines. The round trip times can be utilized to determine the current geographical location of the client device. If the location is within a tolerance geographical area, the client device may be authenticated. Otherwise, the authentication may fail or additional security procedures may be implemented. In some examples, a travel time from a historical geographical location to current geographical location can be determined. This data may be also utilized in the user authentication process.
1 Citation
20 Claims
-
1. A method for user authentication, the method comprising:
-
receiving, by at least one processor, an authentication request from a client device; acquiring, by the at least one processor, at least one HTTP (Hypertext Transfer Protocol) cookie from the client device, wherein the HTTP cookie includes metadata associated with a current geographical location; acquiring, by the at least one processor, at least one HTTP cookie from the client device, wherein the HTTP cookie includes metadata associated with a trusted tolerance geographical area; determining, by the at least one processor, whether the current geographical location of the client device is within the trusted tolerance geographical area; and in response to the authentication request, authenticating the client device, by the at least one processor, based at least in part on a determination that the current geographical location of the client device is within the trusted tolerance geographical area. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method for user authentication, the method comprising:
-
receiving, by at least one processor, an authentication request from a client device; acquiring, by the at least one processor, at least one HTTP (Hypertext Transfer Protocol) cookie from the client device, wherein the HTTP cookie includes metadata associated with a current geographical location; acquiring, by the at least one processor, at least one HTTP cookie from the client device, wherein the HTTP cookie includes metadata associated with one or more previous geographical locations where the client device has been successfully authenticated; determining, by the at least one processor, whether the current geographical location of the client device is within a predetermined distance from the one or more previous geographical locations where the client device has been successfully authenticated; and in response to the authentication request, authenticating the client device, by the at least one processor, based at least in part on a determination that the current geographical location of the client device is within a predetermined distance from the one or more previous geographical locations where the client device has been successfully authenticated. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification