Methods and systems for distributed blockchain functionalities
US-2024396754-A1 · Nov 28, 2024 · US
Mobile human challenge-response test
US2015195289A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2015195289-A1 |
| Application number | US-201514663288-A |
| Country | US |
| Kind code | A1 |
| Filing date | Mar 19, 2015 |
| Priority date | Feb 7, 2012 |
| Publication date | Jul 9, 2015 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Methods and systems for verifying whether a submission of a request is likely from a human user or an automated program are described. A request may be received from a user device. A human challenge-response test adapted for displaying on the user device is displayed on the user device. Upon viewing the human challenge-response test, the user enters the user's solution to the human challenge-response test on the user device. A response hash value is created based on the user's solution. The response hash value is sent to a computing device for verification.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method comprising: sending, from a user device to a computing device, a request including a device identifier (ID) identifying the user device; receiving, from the computing device, a request ID and a human challenge-response test, the request ID being at least one of an application ID or a one-time key generated by the computing device; receiving, from a user interface of the user device, a user's solution to the human challenge-response test; sending, to the computing device, the request ID and a response hash value generated on the user's solution, and at least one of the application ID, the device ID, or the one-time key; and receiving, from the computing device, an indicator indicating whether the request is permitted. 2 . The method of claim 1 , wherein the request is for account access. 3 . The method of claim 2 , wherein permission for the request determined by using the human challenge-response test requires no more than two communications sent from the user device to the computing device. 4 . The method of claim 1 , wherein the request further includes at least one of a username or a password. 5 . The method of claim 1 , wherein the user interface of the user device is one of a keypad, a keyboard, a touch-sensitive panel, a camera, or a microphone. 6 . A method comprising: receiving, from a user device, a request including a device identifier (ID) identifying the user device; generating a request ID and a human challenge-response test, the request ID being at least one of an application ID or a one-time key; sending, to the user device, the request ID and the human challenge-response test; receiving, from the user device, the request ID and a response hash value; generating a verification hash value based on a correct solution to the human challenge-response test and at least one of the application ID, the device ID or the one-time key; and sending, to the user device, an indicator indicating whether the request is permitted, wherein permission for the request is determined based at least on a comparison of the response hash value and the verification hash value. 7 . The method of claim 6 , wherein the request is for account access. 8 . The method of claim 7 , further comprising: storing account credentials of the account in an account database when the response hash value matches the verification hash value. 9 . The method of claim 6 , further comprising: in response to receiving the request from the user device, setting an expiration time period for receiving the response hash value from the user device, and wherein the permission for the request is further based on whether the expiration time period has lapsed when the response hash value is received form the user device. 10 . The method of claim 9 , further comprising: storing the request ID and the device ID in a temporary storage element; and removing one or more of the request ID or the device ID from the temporary storage element when the expiration time period has lapsed. 11 . The method of claim 6 , wherein the application ID is generated based at least on application data and the device ID. 12 . The method of claim 6 , wherein the one-time key is a first character string and the human challenge-response test is an image of a second character string, and the length of first character string of the one-time key is based on the length of the second character string of the human challenge-response test. 13 . The method of claim 6 , wherein the human challenge-response test is generated based on device capabilities of the user device. 14 . A computing device comprising: at least one processor; and at least one memory coupled to the at least one processor, the at least one memory storing computer readable code, which when executed by the at least one processor, causes the at least one processor to perform a process for verifying a user for a request, the process comprising: receiving, from a user device, a request including a device identifier (ID) identifying the user device; generating a request ID and a human challenge-response test, the request ID being at least one of an application ID or a one-time key; sending, to the user device, the request ID and the human challenge-response test; receiving, from the user device, the request ID and a response hash value; generating a verification hash value based on the human challenge-response test and at least one of the application ID, the device ID, and the one-time key; and sending, to the user device, an indicator indicating whether the request is permitted, wherein permission for the request is determined based at least on a comparison of the response hash value and the verification hash value. 15 . The computing device of claim 14 , wherein the request is for account access. 16 . The computing device of claim 15 , wherein the process further comprises: storing account credentials of the account in an account database when the response hash value matches the verification hash value. 17 . The computing device of claim 14 , wherein the process further comprises: in response to receiving the device ID from the user device, setting an expiration time period for receiving the response hash value from the user device, and wherein the permission for the request is further based on whether the expiration time period has lapsed when the response hash value is received form the user device. 18 . The computing device of claim 17 , wherein the process further comprises: storing the request ID, the application data, and the device ID in a temporary storage element; and removing one or more of the request ID, the application data, or the device ID from the temporary storage element when the expiration time period has lapsed. 19 . The computing device of claim 14 , wherein the application ID is generated based at least on the application data and the device ID 20 . The computing device of claim 14 , wherein the one-time key is a first character string and the human challenge-response test is an image of a second character string, and the length of first character string of the one-time key is based on the length of the second character string of the human challenge-response test. 21 . The computing device of claim 14 , wherein the human challenge-response test is generated based on device capabilities of the user device.
Assignees
Inventors
Classifications
- H04L63/12Primary
Applying verification of the received information (cryptographic mechanisms or cryptographic arrangements for data integrity or data verification H04L9/32) · CPC title
Integrity · CPC title
using passwords (cryptographic mechanisms or cryptographic arrangements for entity authentication using a predetermined code H04L9/3226) · CPC title
Subscriber identity · CPC title
based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2015195289A1 cover?
- Methods and systems for verifying whether a submission of a request is likely from a human user or an automated program are described. A request may be received from a user device. A human challenge-response test adapted for displaying on the user device is displayed on the user device. Upon viewing the human challenge-response test, the user enters the user's solution to the human challenge-re…
- Who is the assignee on this patent?
- Visa Int Service Ass
- What technology area does this patent fall under?
- Primary CPC classification H04L63/12. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Jul 09 2015 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).