Method, device, and system of protecting a log-in process of a computerized service
US-2015213251-A1 · Jul 30, 2015 · US
System, device, and method of visual login
US10776476B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10776476-B2 |
| Application number | US-201816026073-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jul 3, 2018 |
| Priority date | Nov 29, 2010 |
| Publication date | Sep 15, 2020 |
| Grant date | Sep 15, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a possible attacker. A log-in process or a user-authentication process, is augmented or enriched by one or more incidental tasks, which force the user to perform additional on-screen interactions or input-unit interactions, which in turn enrich and augment the pool of user interactions from which the system extracts one or more user-specific features. The extracted user-specific features are used as part of the user authentication process, and are further used to differentiate among users.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: (a) generating an interactions-enriched log-in process for authenticating a user of an electronic device, by generating a log-in process that requires the user: (i) to enter at least a password, and (ii) to perform an on-screen task that enriches an ability of a user-interactions tracker to extract a user-specific feature from user interactions while performing said on-screen task; (b) tracking the user interactions while the user performs said on-screen task of said interactions-enriched log-in process, and extracting from said user interactions a user-specific feature; (c) determining that said user is authenticated, based on at least a combination of: (c1) a determination whether the user-specific feature that was extracted from a manner in which the user performs said on-screen task as part of said interactions-enriched log-in process, matches a previously-extracted user-specific characteristic that was previously extracted from one or more previous log-in interactions that said user performed in one or more previous usage sessions via said interactions-enriched log-in process; and also (c2) a determination whether the password entered by the user matches a pre-defined reference password. 2. The method of claim 1 , wherein said interactions-enriched log-in process requires the user to perform at least one of: (i) an on-screen drag-and-drop operation via a mouse; (ii) an on-screen drag-and-drop operation via a touch-pad; (iii) an on-screen drag-and-drop operation via a touch-screen. 3. The method of claim 1 , wherein said interactions-enriched log-in process requires the user to perform at least one of: (i) a set of on-screen drag-and-drop operations via a mouse; (ii) a set of on-screen drag-and-drop operations via a touch-pad; (iii) a set of on-screen drag-and-drop operations via a touch-screen. 4. The method of claim 1 , wherein said interactions-enriched log-in process requires the user to perform at least an on-screen drawing operation having an on-screen route that corresponds to at least a part of a particular shape. 5. The method of claim 1 , wherein said interactions-enriched log-in process requires the user to perform at least an on-screen drawing operation having an on-screen route that corresponds to at least a part of a particular shape; wherein said user-specific feature indicates whether said user performs either (i) a clockwise on-screen drawing movement, or (ii) a counter-clockwise on-screen drawing movement. 6. The method of claim 1 , wherein said interactions-enriched log-in process requires the user to perform at least on-screen tracing of an on-screen shape. 7. The method of claim 1 , wherein said task, which is part of said interactions-enriched log-in process, is an invisible implicit challenge that said user respond to without knowing that a challenge-response process is taking place. 8. The method of claim 1 , wherein said user-specific feature, that is extracted from user interactions while performing said on-screen task within said interactions-enriched log-in process, comprise at least a velocity of movement. 9. The method of claim 1 , wherein said user-specific feature, that is extracted from user interactions while performing said on-screen task within said interactions-enriched log-in process, comprise at least acceleration or deceleration. 10. The method of claim 1 , wherein said user-specific feature, that is extracted from user interactions while performing said on-screen task within said interactions-enriched log-in process, comprise at least curvature or linearity of movement. 11. The method of claim 1 , wherein said user-specific feature, that is extracted from user interactions while performing said on-screen task within said interactions-enriched log-in process, comprise at least vibrations or shaking during movement. 12. The method of claim 1 , wherein said interactions-enriched log-in process is performed via said electronic device which is a device selected from the group consisting of: a desktop computer, a laptop computer, a smartphone, a tablet, a touch-screen equipped device. 13. A system comprising: a hardware processor that is configured to perform: (a) generating an interactions-enriched log-in process for authenticating a user of an electronic device, by generating a log-in process that requires the user: (i) to enter at least a password, and (ii) to perform an on-screen task that enriches an ability of a user-interactions tracker to extract a user-specific feature from user interactions while performing said on-screen task; (b) tracking the user interactions while the user performs said on-screen task of said interactions-enriched log-in process, and extracting from said user interactions a user-specific feature; (c) determining that said user is authenticated, based on at least a combination of: (c1) a determination whether the user-specific feature that was extracted from a manner in which the user performs said on-screen task as part of said interactions-enriched log-in process, matches a previously-extracted user-specific characteristic that was previously extracted from one or more previous log-in interactions that said user performed in one or more previous usage sessions via said interactions-enriched log-in process; and also (c2) a determination whether the password entered by the user matches a pre-defined reference password. 14. A non-transitory storage medium having stored thereon instructions that, when executed by a hardware processor, causes the hardware processor to perform a method comprising: (a) generating an interactions-enriched log-in process for authenticating a user of an electronic device, by generating a log-in process that requires the user: (i) to enter at least a password, and (ii) to perform an on-screen task that enriches an ability of a user-interactions tracker to extract a user-specific feature from user interactions while performing said on-screen task; (b) tracking the user interactions while the user performs said on-screen task of said interactions-enriched log-in process, and extracting from said user interactions a user-specific feature; (c) determining that said user is authenticated, based on at least a combination of: (c1) a determination whether the user-specific feature that was extracted from a manner in which the user performs said on-screen task as part of said interactions-enriched log-in process, matches a previously-extracted user-specific characteristic that was previously extracted from one or more previous log-in interactions that said user performed in one or more previous usage sessions via said interactions-enriched log-in process; and also (c2) a determination whether the password entered by the user matches a pre-defined reference password.
Assignees
Inventors
Classifications
- G06F3/0488Primary
using a touch-screen or digitiser, e.g. input of commands through traced gestures · CPC title
Location-dependent; Proximity-dependent · CPC title
by graphic or iconic representation · CPC title
Drag-and-drop · CPC title
by observing the pattern of computer usage, e.g. typical user behaviour · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10776476B2 cover?
- Devices, systems, and methods of detecting user identity, differentiating between users of a computerized service, and detecting a possible attacker. A log-in process or a user-authentication process, is augmented or enriched by one or more incidental tasks, which force the user to perform additional on-screen interactions or input-unit interactions, which in turn enrich and augment the pool of…
- Who is the assignee on this patent?
- Biocatch Ltd
- What technology area does this patent fall under?
- Primary CPC classification G06F3/0488. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Sep 15 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).