United Services Automobile Association – InsuranceNewsNet | #itsecurity | #infosec


2022 MAR 24 (NewsRx) — By a News Reporter-Staff News Editor at Insurance Daily NewsUnited Services Automobile Association (San Antonio, Texas, United States) has been issued patent number 11271918, according to news reporting originating out of Alexandria, Virginia, by NewsRx editors.

The patent’s inventors are Buckingham, Thomas (Fair Oaks Ranch, TX, US), Casillas, Debra (Helotes, TX, US), Davey, Richard Andrew (San Antonio, TX, US), Morris, Michael Frank (San Antonio, TX, US), Mortensen, Maland Keith (San Antonio, TX, US), Row, John David (San Antonio, TX, US).

This patent was filed on April 20, 2020 and was published online on March 8, 2022.

From the background information supplied by the inventors, news correspondents obtained the following quote: “The protection and security of customer information is vital from an organization’s perspective, not only to comply with applicable laws, but to earn and keep their customer’s trust. Enhanced security often comes at the cost of convenience for the user, such as by requiring the user to answer additional security questions or to provide a code generated from a token generator. Various methods are used in authenticating a user attempting to access an account. Security analysts have identified three authentication factors that can be used in making a positive identification: ownership, knowledge, and inherence. Elements used to verify the first factor, ownership, may include a phone, a security token, or a software token. Elements used to verify the knowledge factor may include a password, username, personal identification number (PIN) or answers to security questions. Elements used to verify the inherence factor may include biometric data.

“Verifying two of the factors, “two-factor authentication”, is commonly used to authenticate a user. For example, many applications on mobile devices require the user to enter a PIN, satisfying the knowledge factor, on a particular mobile device, satisfying the ownership factor. In some mobile devices, the ownership factor is generally assumed to be satisfied because many mobile devices such as smartphones are particular to one person. Thus an impersonator would be required not only to have the mobile device, but also to know the PIN in order to access the application. This enables users to simply input a PIN into an application on a mobile device to be authenticated.

“Personal computers (computing devices) pose additional complexities in authenticating users. Computing devices are commonly used by more than one person. Thus, it is not safe to assume that the identity of the computing device satisfies the ownership factor. Additionally, computing devices have been more easily compromised than other devices. Current solutions increase security, but are often inconvenient for users. For example, one solution includes providing users with some type of token, and requiring the user to prove that the user has the token such as by typing in a one-time code generated by the token, in combination with a username/password/PIN. Other solutions focus on the knowledge factor such as by requiring the user to answer additional security questions.”

Supplementing the background information on this patent, NewsRx reporters also obtained the inventors’ summary information for this patent: “Disclosed herein are methods and systems for verifying a user’s identity on a personal computer using two-factor authentication. More particularly, the system utilizes a personal identification number input by a user, together with one or more of a secure browsing feature, a device fingerprint, and a token generator to authenticate the user on the computer.

“While multiple embodiments are disclosed, still other embodiments of the present invention will become apparent to those skilled in the art from the following detailed description, which shows and describes illustrative embodiments of the invention. As will be realized, the invention is capable of modifications in various aspects, all without departing from the scope of the present invention. Accordingly, the drawings and detailed description are to be regarded as illustrative in nature and not restrictive.

“The drawings have not necessarily been drawn to scale. For example, the dimensions of some of the elements in the figures may be expanded or reduced to help improve the understanding of the embodiments of the present invention. Similarly, some components and/or operations may be separated into different blocks or combined into a single block for the purposes of discussion of some of the embodiments of the present invention. Moreover, while the invention is amenable to various modifications and alternative forms, specific embodiments have been shown by way of example in the drawings and are described in detail below. The intention, however, is not to limit the invention to the particular embodiments described. On the contrary, the invention is intended to cover all modifications, equivalents, and alternatives falling within the scope of the invention as defined by the appended claims.”

The claims supplied by the inventors are:

“1. A computer-implemented method comprising: installing an authentication system on a computing device associated with a user by: collecting information to identify the computing device, installing a token generator on the computing device, associating a key with the token generator, encrypting the key and embedding the encrypted key on the computing device, and associating the token generator with an identification number associated with the user; receiving a logon request at the computing device from the user, wherein the logon request comprises identifying information and a one-time code generated by the token generator; and in response to verifying the one-time code with a code associated with the token generator, the user to operate the computing device without further interaction with the user.

“2. The computer-implemented method of claim 1, wherein installing the authentication system further comprises: installing a secure browsing solution on the computing device and generating a device fingerprint of the computing device.

“3. The computer-implemented method of claim 1, wherein the token generator is removed after the user terminates a session.

“4. The computer-implemented method of claim 1, further comprising: prior to installing the authentication system on the computing device: verifying, using a first method of authentication, an identity of the user, requesting permission to install the authentication system onto the computing device, wherein the authentication system authenticates the user using a second method of authentication.

“5. The computer-implemented method of claim 1, wherein the identifying information comprises biometric data.

“6. The computer-implemented method of claim 1, wherein the method further comprises installing more than one token generator on the computing device, wherein each token generator is associated with a different user.

“7. The computer-implemented method of claim 1, wherein the method further comprises requesting irrelevant data to be included with the one-time code or the identifying information.

“8. A non-transitory computer-readable storage medium coupled to one or more processors and having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations for authenticating a user session on a system, the operations comprising: installing an authentication system on a computing device associated with a user by: collecting information to identify the computing device, installing a token generator on the computing device, associating a key with the token generator, encrypting the key and embedding the encrypted key on the computing device, and associating the token generator with an identification number associated with the user; receiving a logon request at the computing device from the user, wherein the logon request comprises identifying information and a one-time code generated by the token generator; and in response to verifying the one-time code with a code associated with the token generator, the user to operate the computing device without further interaction with the user.

“9. The non-transitory computer-readable storage medium of claim 8, wherein installing the authentication system further comprises: installing a secure browsing solution on the computing device and generating a device fingerprint of the computing device.

“10. The non-transitory computer-readable storage medium of claim 8, wherein the token generator is removed after the user terminates a session.

“11. The non-transitory computer-readable storage medium of claim 8, wherein the operations further comprise: prior to installing the authentication system on the computing device: verifying, using a first method of authentication, an identity of the user, requesting permission to install the authentication system onto the computing device, wherein the authentication system authenticates the user using a second method of authentication.

“12. The non-transitory computer-readable storage medium of claim 8, wherein the identifying information comprises biometric data.

“13. The non-transitory computer-readable storage medium of claim 8, wherein the operations further comprise installing more than one token generator on the computing device, wherein each token generator is associated with a different user.

“14. The non-transitory computer-readable storage medium of claim 8, wherein the operations further comprise requesting irrelevant data to be included with the one-time code or the identifying information.

“15. A system, comprising: one or more processors; and a computer-readable storage device coupled to the one or more processors and having instructions stored thereon which, when executed by the one or more processors, cause the one or more processors to perform operations comprising: installing an authentication system on a computing device associated with a user by: collecting information to identify the computing device, installing a token generator on the computing device, associating a key with the token generator, encrypting the key and embedding the encrypted key on the computing device, and associating the token generator with an identification number associated with the user; receiving a logon request at the computing device from the user, wherein the logon request comprises identifying information and a one-time code generated by the token generator; and in response to verifying the one-time code with a code associated with the token generator, the user to operate the computing device without further interaction with the user.

“16. The system of claim 15, wherein installing the authentication system further comprises: installing a secure browsing solution on the computing device and generating a device fingerprint of the computing device.

“17. The system of claim 15, wherein the token generator is removed after the user terminates a session.

“18. The system of claim 15, wherein the operations further comprise: prior to installing the authentication system on the computing device: verifying, using a first method of authentication, an identity of the user, requesting permission to install the authentication system onto the computing device, wherein the authentication system authenticates the user using a second method of authentication.

“19. The system of claim 15, wherein the operations further comprise installing more than one token generator on the computing device, wherein each token generator is associated with a different user.

“20. The system of claim 15, wherein the operations further comprise requesting irrelevant data to be included with the one-time code or the identifying information.”

For the URL and additional information on this patent, see: Buckingham, Thomas. Quick-logon for computing device. U.S. Patent Number 11271918, filed April 20, 2020, and published online on March 8, 2022. Patent URL: http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.htm&r=1&f=G&l=50&s1=11271918.PN.&OS=PN/11271918RS=PN/11271918

(Our reports deliver fact-based news of research and discoveries from around the world.)





Original Source link

Leave a Reply

Your email address will not be published.

+ twenty two = 23