In-band identity verification and man-in-the-middle defense

US 9,584,530 B1
Filed: 06/24/2015
Issued: 02/28/2017
Est. Priority Date: 06/27/2014
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a hardware processor configured to;

receive, at a local device, a verification request from a remote user in conjunction with a contact made by the remote user with a local user, wherein the verification request includes a request for a representation of a cryptographic hash value of a cryptographic key of the local user;

in response to a confirmation received from the local user of the local device, initiate a verification process;

wherein the verification process includes capturing audiovisual content by the local device and the audiovisual content includes the representation of the cryptographic hash value;

and transmit a result of the verification process to the remote user; and

a memory coupled to the hardware processor and configured to provide the hardware processor with instructions.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A variety of techniques for performing identity verification are disclosed. As one example, a verification request is received from a remote user. The verification request pertains to a cryptographic key. In response to receiving a confirmation from a local user of the local device, a verification process is initiated. A result of the verification process is transmitted to the remote user. As a second example, a verification request can be received at the local device, from a local user of the device. A verification process with respect to the local user is initiated, and a result of the verification process is transmitted to a remote user that is different from the local user.

386 Citations

16 Claims

1. A system, comprising:
- a hardware processor configured to;
  
  receive, at a local device, a verification request from a remote user in conjunction with a contact made by the remote user with a local user, wherein the verification request includes a request for a representation of a cryptographic hash value of a cryptographic key of the local user;
  
  in response to a confirmation received from the local user of the local device, initiate a verification process;
  
  wherein the verification process includes capturing audiovisual content by the local device and the audiovisual content includes the representation of the cryptographic hash value;
  
  and transmit a result of the verification process to the remote user; and
  
  a memory coupled to the hardware processor and configured to provide the hardware processor with instructions.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system of claim 1 wherein the verification request comprises a fingerprint verification.
  - 3. The system of claim 1 wherein the verification process includes displaying a script to the local user.
  - 4. The system of claim 3 wherein the script includes a dynamic element.
  - 5. The system of claim 4 wherein the dynamic element includes at least one of a date and time.
  - 6. The system of claim 4 wherein the dynamic element includes a representation of a fingerprint.
  - 7. The system of claim 6 wherein the fingerprint corresponds to a public key associated with the local user.
  - 8. The system of claim 1 wherein the result, when viewed by the remote user, includes an audiovisual component and an overlay component.
  - 9. The system of claim 8 wherein the overlay component includes a representation of a fingerprint.
  - 10. The system of claim 8 wherein the overlay component is provided by a device used by the remote user to view the result.
  - 11. The system of claim 1 wherein the verification request is received from the remote user in conjunction with a first contact made by the remote user with the local user.

12. A system, comprising:
- a hardware processor configured to;
  
  receive at a local device, in conjunction with a contact made by a remote user with a local user, content purporting to establish an identity of the remote user at a remote device, wherein the content includes an audiovisual component;
  
  wherein the audiovisual component includes a representation of a cryptographic hash value of a cryptographic key of the remote user;
  
  display, to the local user, the received content;
  
  and record an authentication verdict provided by the local user in conjunction with reviewing the received response;
  
  wherein an indication of the verdict is provided to the remote user in a messaging interface;
  
  and a memory coupled to the hardware processor and configured to provide the processor with instructions.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The system of claim 12 wherein displaying the received response includes displaying an overlay component.
  - 14. The system of claim 13 wherein the overlay component includes a representation of a fingerprint.
  - 15. The system of claim 14 wherein the fingerprint is associated with the remote user.
  - 16. The system of claim 12 wherein the system is configured to transmit the verdict to a remote server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Wickr Inc. (Amazon.com, Inc.)
Inventors
Statica, Robert, Howell, Christopher A., Coppa, Kara Lynn
Primary Examiner(s)
Avery, Jeremiah

Application Number

US14/749,575
Time in Patent Office

615 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/606   by securing the transmissio...

G06F 21/6245   Protecting personal data, e...

G06F 21/73   by creating or determining ...

G06F 2221/2107   File encryption

G06F 2221/2137   Time limited access, e.g. t...

G06T 11/60   Editing figures and text; C...

G06V 40/1365   Matching; Classification

H04L 63/0428   wherein the data content is...

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0861   using biometrical features,...

H04L 63/123   received data contents, e.g...

H04L 63/126   the source of the received ...

H04L 9/0643   Hash functions, e.g. MD5, S...

H04L 9/3242   involving keyed hash functi...

H04W 12/068   using credential vaults, e....

In-band identity verification and man-in-the-middle defense

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

386 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

In-band identity verification and man-in-the-middle defense

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

386 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links