Geolocation-based two-factor authentication
US-10206099-B1 · Feb 12, 2019 · US
Methods and systems for secure digital credentials
US2022045998A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2022045998-A1 |
| Application number | US-202117452183-A |
| Country | US |
| Kind code | A1 |
| Filing date | Oct 25, 2021 |
| Priority date | Dec 28, 2015 |
| Publication date | Feb 10, 2022 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Methods and systems for resetting a digital credential within a digital credential based authentication system. The method includes logging a first administrative user into the digital credential system, receiving, from the first administrative user, a first portion of authentication credentials for a first customer, validating, by the first administrative user using the digital credential system, the first portion, logging a second administrative user into the digital credential system, receiving, from the second administrative user, a second portion of authentication credentials for the first customer, receiving the second portion by the second administrative user, validating, by the second administrative user using the digital credential system, the second portion; and resetting the authentication credentials based on the validation of the first portion and second portion.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method for improving the security of a digital credential based authentication system, the method comprising: receiving, from a first administrative user: a first login location; and a first portion of authentication credentials for a first customer; validating the first portion of authentication credentials for the first customer; receiving, from a second administrative user: a second login location; and a second portion of authentication credentials for the first customer different from the first portion; validating the second portion of authentication credentials for the first customer; and authenticating an identity of the first customer based on the validation of the first portion and the second portion, wherein at least one of receiving the second portion of authentication credentials for the first customer or validating the second portion of authentication credentials for the first customer comprises receiving information from the first customer and occurs via a physical interaction while the first customer is at the second login location. 2 . The method of claim 1 , wherein the second login location is within a threshold distance of an address associated with the first customer. 3 . The method of claim 2 , further comprising preventing validation of the second portion of the authentication credentials when the physical location is not within the threshold distance of the address associated with the first user. 4 . The method of claim 1 , further comprising: selecting, by the first customer, the second login location for validation of the second portion of the authentication credentials; verifying, by the digital credential system, that the receiving of the second portion of the authentication credentials occurs at the second login location; and validating, by the digital credential system, the second portion at least in part in response to verifying that the receiving of the second portion of the authentication credentials occurs at the selected second login location. 5 . The method of claim 4 , wherein verifying that the receiving of the second portion of the authentication credentials occurs at the selected second login location comprises: receiving GPS coordinates from a terminal of a logged-in second administrative user, and determining whether the received GPS coordinates are associated with the selected second login location. 6 . The method of claim 1 , wherein the first portion includes at least one or more of a name, a date of birth, an e-mail address, answers to secret questions, mother's maiden name, or address of the first customer. 7 . The method of claim 1 , wherein the second portion includes one or more of physicality information, biometric information, or information from a government issued identification for the first customer. 8 . An apparatus for improving the security of a digital credential based authentication system, the apparatus comprising: one or more electronic hardware processors; a memory, operably connected to the one or more processors, and storing instructions that configure the one or more electronic hardware processors to: receive, from a first administrative user: a first login location, and a first portion of authentication credentials for a first customer; validate the first portion of authentication credentials for the first customer; receive, from a second administrative user: a second login location, and a second portion of authentication credentials for the first customer different from the first portion; validate the second portion of authentication credentials for the first customer; and authenticate an identity of the first customer based on the validation of the first portion and the second portion, wherein at least one of receiving the second portion of authentication credentials for the first customer or validating the second portion of authentication credentials for the first customer comprises receiving information from the first customer and occurs via a physical interaction while the first customer is at the second login location. 9 . The apparatus of claim 8 , wherein the instructions further configure the one or more electronic hardware processors to second login location is within a threshold distance of an address associated with the first customer. 10 . The apparatus of claim 8 , wherein the instructions further configure the one or more electronic hardware processors to: enable the first customer to select the second login location for validation of the second portion of the authentication credentials; verify that the receiving of the second portion of the authentication credentials occurs at the second login location; and validate the second portion at least in part in response to verifying that the receiving of the second portion of the authentication credentials occurs at the selected second login location. 11 . The apparatus of claim 10 , wherein the instructions that configure the one or more electronic hardware processors to verify that the receiving of the second portion of the authentication credentials occurs at the selected second login location comprise instructions that configure the one or more electronic hardware processors to: receive GPS coordinates from a terminal of a logged-in second administrative user, and determine whether the received GPS coordinates are associated with the selected second login location. 12 . The apparatus of claim 8 , wherein the first portion includes at least one or more of a name, a date of birth, an e-mail address, answers to secret questions, mother's maiden name, or address of the first customer. 13 . The apparatus of claim 8 , wherein the second portion includes one or more of physicality information, biometric information, or information from a government issued identification for the first customer. 14 . A method of improving the security of a web service accessible digital credential, the method comprising: validating, by a first administrative user, a first portion of authentication credentials for a first user; receiving a digital credential reset request message for a user account of the first user, the message identifying a physical location to which at least one of a second administrative user or the first user travels to perform an identity verification of the first user using: a second portion of the authentication credentials for the first user, and an identification type to use for the identity verification; displaying an indication of the identification type to use for the identity verification; and receiving, from the second administrative user or the second electronic device, an indication of whether the indicated identification type was verified based on a physical interaction between at least one of the second administrative user or the second electronic device and the first user while at the physical location. 15 . The method of claim 14 , wherein the physical location is within a threshold distance of an address associated with the first user. 16 . The method of claim 15 , further comprising preventing validation of the second portion of the authentication credentials when the physical location is not within the threshold distance of the address associated with the first user. 17 . The method of claim 14 , further comprising: selecting, by the first user, the physical location for validation of the second portion of the authentication credentials; verifying, by the digital credential system, that the receiving of the second po
Assignees
Inventors
Classifications
using an additional device, e.g. smartcard, SIM or a different communication terminal (cryptographic mechanisms or cryptographic arrangements for entity authentication involving additional secure or trusted devices H04L9/3234) · CPC title
using passwords (cryptographic mechanisms or cryptographic arrangements for entity authentication using a predetermined code H04L9/3226) · CPC title
Location-dependent; Proximity-dependent · CPC title
using different networks or channels, e.g. using out of band channels (cryptographic mechanisms or cryptographic arrangements for key distribution involving distinctive intermediate devices or communication paths H04L9/0827; cryptographic mechanisms or cryptographic arrangements for authentication using a plurality of channels H04L9/3215) · CPC title
Entity profiles · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2022045998A1 cover?
- Methods and systems for resetting a digital credential within a digital credential based authentication system. The method includes logging a first administrative user into the digital credential system, receiving, from the first administrative user, a first portion of authentication credentials for a first customer, validating, by the first administrative user using the digital credential syst…
- Who is the assignee on this patent?
- United States Postal Service
- What technology area does this patent fall under?
- Primary CPC classification H04L63/08. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Feb 10 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).