Device, system, and method of differentiating among users based on detection of hardware components
US-2017193526-A1 · Jul 6, 2017 · US
System, device, and method of visual login and stochastic cryptography
US10032010B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10032010-B2 |
| Application number | US-201615256744-A |
| Country | US |
| Kind code | B2 |
| Filing date | Sep 6, 2016 |
| Priority date | Nov 29, 2010 |
| Publication date | Jul 24, 2018 |
| Grant date | Jul 24, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a possible attacker. A log-in process or a user-authentication process, is augmented or enriched by one or more incidental tasks, which force the user to perform additional on-screen interactions or input-unit interactions, which in turn enrich and augment the pool of user interactions from which the system extracts one or more user-specific features. The extracted user-specific features are used as part of the user authentication process, and are further used to differentiate among users.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: (a) generating an interactions-enriched log-in process for authenticating a user of an electronic device, by generating a log-in process that requires the user: (i) to enter at least a password, and (ii) to perform an on-screen incidental task that enriches an ability of a user-interactions tracker to extract a user-specific feature from user interactions while performing said on-screen incidental task; (b) tracking the user interactions while the user performs said on-screen incidental task of said interactions-enriched log-in process, and extracting from said user interactions a user-specific feature; (c) determining that said user is authenticated, based on a combination of both: (I) whether the password entered by the user matches a pre-defined reference password, and also (II) whether the user-specific feature that was extracted from a manner in which the user performs said on-screen incidental task as part of said interactions-enriched log-in process, matches a previously-extracted user-specific characteristic that was previously extracted from other interactions of said user. 2. The method of claim 1 , wherein step (c) comprises: determining that said user is authenticated, based on a combination of both: (I) whether the password entered by the user matches a pre-defined reference password, and also (II) whether the user-specific feature that was extracted from a manner in which the user performs said on-screen incidental task as part of said interactions-enriched log-in process, matches a previously-extracted user-specific characteristic that was previously extracted from one or more previous log-in interactions that said user performed in one or more previous usage sessions of said interactions-enriched log-in process. 3. The method of claim 1 , wherein step (c) comprises: determining that said user is authenticated, based on a combination of both: (I) whether the password entered by the user matches a pre-defined reference password, and also (II) whether the user-specific feature that was extracted from a manner in which the user performs said on-screen incidental task as part of said interactions-enriched log-in process, matches a previously-extracted user-specific characteristic that was previously extracted from one or more previous usage sessions in which said user was already authenticated as a logged-in user. 4. The method of claim 1 , wherein step (a) comprises: generating said interactions-enriched log-in process which requires the user to perform an on-screen drag-and-drop operation; extracting said user-specific feature from tracked interactions of the user while the user performs said on-screen drag-and-drop operation of said interactions-enriched log-in process; determining that said user is authenticated, based on a combination of both: (I) whether the password entered by the user matches the pre-defined reference password, and also (II) whether the user-specific feature that was extracted from a manner in which the user performs said on-screen drag-and-drop operation as part of said interactions-enriched log-in process, matches a previously-extracted user-specific characteristic that was previously extracted from one or more previous log-in interactions that said user performed in one or more previous usage sessions of said interactions-enriched log-in process. 5. The method of claim 1 , wherein step (a) comprises: generating said interactions-enriched log-in process which requires the user to perform a set of multiple on-screen drag-and-drop operations; wherein step (b) comprises: extracting said user-specific feature from tracked interactions of the user while the user performs said on-screen drag-and-drop operation of said interactions-enriched log-in process, wherein the user-specific feature reflects at least an order in which said user chooses to perform said set of multiple on-screen drag-and-drop operations; wherein step (c) comprises: determining that said user is authenticated, based on a combination of both: (I) whether the password entered by the user matches the pre-defined reference password, and also (II) whether the user-specific feature that was extracted from the order in which the user performs said set of multiple on-screen drag-and-drop operations as part of said interactions-enriched log-in process, matches a previously-extracted user-specific characteristic that was previously extracted from one or more previous log-in interactions that said user performed in one or more previous usage sessions of said interactions-enriched log-in process. 6. The method of claim 1 , wherein step (a) comprises: generating said interactions-enriched log-in process which requires the user to perform an on-screen operation having an on-screen route that corresponds to at least a part of a circle; wherein step (b) comprises: extracting said user-specific feature from tracked interactions of the user while the user performs said on-screen operation of said interactions-enriched log-in process; wherein step (c) comprises: determining that said user is authenticated, based on a combination of both: (I) whether the password entered by the user matches the pre-defined reference password, and also (II) whether the user-specific feature that was extracted from a manner in which the user performs said on-screen operation as part of said interactions-enriched log-in process, matches a previously-extracted user-specific characteristic that was previously extracted from one or more previous log-in interactions that said user performed in one or more previous usage sessions of said interactions-enriched log-in process. 7. The method of claim 1 , wherein step (a) comprises: generating said interactions-enriched log-in process which requires the user to perform an on-screen operation having an on-screen route that corresponds to at least a part of a circle; wherein step (b) comprises: extracting said user-specific feature from tracked interactions of the user while the user performs said on-screen operation of said interactions-enriched log-in process, wherein said user-specific feature indicates whether said user performs either (i) a clockwise movement to achieve said at least part of the circle, or (ii) a counter-clockwise movement to achieve said at least part of the circle; wherein step (c) comprises: determining that said user is authenticated, based on a combination of both: (I) whether the password entered by the user matches the pre-defined reference password, and also (II) whether the user-specific feature that was extracted from a manner in which the user performs said on-screen operation as part of said interactions-enriched log-in process, matches a previously-extracted user-specific characteristic that was previously extracted from one or more previous log-in interactions that said user performed in one or more previous usage sessions of said interactions-enriched log-in process. 8. The method of claim 1 , wherein step (a) comprises: generating said interactions-enriched log-in process which requires the user to perform an on-screen task of drawing an on-screen shape; wherein step (b) comprises: extracting said user-specific feature from tracked interactions of the user while the user performs said on-screen operation of said interactions-enriched log-in process, wherein said user-specific feature indicates whether said user performs either (i) a generally-clockwise movement to draw said on-screen shape, or (ii) a generally counter-clockwise movement to draw said on-screen shape; wherein step (c) comprises: determining that said user is authenticated, based on a combination of both: (I) whether the password e
Assignees
Inventors
Classifications
Drag-and-drop · CPC title
Selection of displayed objects or displayed text elements (G06F3/0482 takes precedence) · CPC title
Authentication · CPC title
- G06F21/316Primary
by observing the pattern of computer usage, e.g. typical user behaviour · CPC title
applying multi-factor authentication · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10032010B2 cover?
- Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a possible attacker. A log-in process or a user-authentication process, is augmented or enriched by one or more incidental tasks, which force the user to perform additional on-screen interactions or input-unit interactions, which in turn enrich and augment the pool of…
- Who is the assignee on this patent?
- Biocatch Ltd
- What technology area does this patent fall under?
- Primary CPC classification G06F21/316. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jul 24 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).