US20190005751A1 - Mobile device based authentication - Google Patents
Mobile device based authentication Download PDFInfo
- Publication number
- US20190005751A1 US20190005751A1 US16/027,265 US201816027265A US2019005751A1 US 20190005751 A1 US20190005751 A1 US 20190005751A1 US 201816027265 A US201816027265 A US 201816027265A US 2019005751 A1 US2019005751 A1 US 2019005751A1
- Authority
- US
- United States
- Prior art keywords
- user
- authentication
- security system
- electronic device
- authorized
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G07C9/00039—
-
- G—PHYSICS
- G08—SIGNALLING
- G08C—TRANSMISSION SYSTEMS FOR MEASURED VALUES, CONTROL OR SIMILAR SIGNALS
- G08C17/00—Arrangements for transmitting signals characterised by the use of a wireless electrical link
- G08C17/02—Arrangements for transmitting signals characterised by the use of a wireless electrical link using a radio link
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/22—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
- G07C9/23—Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder by means of a password
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/20—Individual registration on entry or exit involving the use of a pass
- G07C9/27—Individual registration on entry or exit involving the use of a pass with central registration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- G07C9/00103—
-
- G—PHYSICS
- G08—SIGNALLING
- G08C—TRANSMISSION SYSTEMS FOR MEASURED VALUES, CONTROL OR SIMILAR SIGNALS
- G08C2201/00—Transmission systems of control signals via wireless link
- G08C2201/30—User interface
- G08C2201/31—Voice input
-
- G—PHYSICS
- G08—SIGNALLING
- G08C—TRANSMISSION SYSTEMS FOR MEASURED VALUES, CONTROL OR SIMILAR SIGNALS
- G08C2201/00—Transmission systems of control signals via wireless link
- G08C2201/60—Security, fault tolerance
-
- G—PHYSICS
- G08—SIGNALLING
- G08C—TRANSMISSION SYSTEMS FOR MEASURED VALUES, CONTROL OR SIMILAR SIGNALS
- G08C2201/00—Transmission systems of control signals via wireless link
- G08C2201/90—Additional features
- G08C2201/93—Remote control using other portable devices, e.g. mobile phone, PDA, laptop
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/082—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/12—Messaging; Mailboxes; Announcements
- H04W4/14—Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]
Definitions
- an apparatus for voice control of an automation and security system includes a processor, a memory in electronic communication with the processor, and instructions stored in the memory which are executable by the processor to receive input from the user to perform at least one function of the automation and security system, receive confirmation that the user has received an authentication message at an electronic device carried by the user, and initiate the at least one function.
- the electronic device may be a cell phone and the authentication message is a text message.
- the authentication message may include information about the at least one function.
- the electronic device may include an application that displays the authentication message to the user.
- the instructions may be executable by the processor to receive a registration of the electronic device as being associated with the user.
- the instructions may be executable by the processor to receive a user authentication input from the user.
- the user authentication input may be a password or PIN code of the user.
- the input from the user may be received at a control panel of the automation and security system.
- the input from the user may be received as a voice command.
- the at least one function may be one of arming or disarming the automation and security system.
- the instructions may be executable by the processor to receive confirmation that the user has authorized the at least one function using the electronic device.
- the computer-program product includes a non-transitory computer-readable medium storing instructions executable by a processor to receive a first user authentication input from the user, receive confirmation that the user received an authentication message on an electronic device in the user's possession as a second user authentication input, receive input from the user to initiate at least one function of the automation and security system, and initiate the at least one function.
- the first user authentication input is one of a password and a PIN code.
- the instructions may be executable by the processor to receive confirmation that the user has authorized the at least one function using the electronic device.
- the first user authentication input may include confirmation of the user's presence at a property monitored by the automation and security system.
- the instructions may be executable by the processor to send the authentication message to the electronic device.
- a further embodiment relates to a computer-implemented method for authenticating a user of an automation and security system.
- the method includes determining a location of the user based on use of the automation and security system, authenticating the user by receiving confirmation that the user possesses a handheld electronic device, and initiating at least one function of the automation and security system after authenticating the user.
- the method may further include sending a message to the handheld electronic device, and authenticating the user may include receiving an input entered on the handheld electronic device by the user in response to the message. Authenticating the user may include receiving an input entered on the handheld electronic device by the user authorizing the at least one function. Determining a location of the user may include receiving at least one of a user command and a user authentication input.
- FIG. 1 is a block diagram of an environment in which the present systems and methods may be implemented
- FIG. 2 is a block diagram of another environment in which the present systems and methods may be implemented;
- FIG. 3 is a block diagram of another environment in which the present systems and methods may be implemented.
- FIG. 4 is a block diagram of an example authentication module of the environments shown in FIGS. 1-3 ;
- FIG. 5 is a block diagram of an example confirmation module of the environments shown in FIGS. 1-3 ;
- FIG. 6 is a flow diagram illustrating a method for controlling access to a home based on user occupancy
- FIG. 7 is a flow diagram illustrating another method for controlling access to a home based on user occupancy
- FIG. 8 is a flow diagram illustrating another method for controlling access to a home based on user occupancy
- FIG. 9 is a block diagram of a computer system suitable for implementing the systems and methods of FIGS. 1-8 ;
- FIG. 10 is a block diagram of an example of a mobile device.
- the systems and methods described herein relate to home automation and home security, and related security systems and automation for use in commercial and business settings.
- the automation and security systems and methods disclosed herein may generally be referred to as monitoring systems, may include automation and/or security functionality, and may include systems and methods for use in home and business and/or commercial settings.
- the systems and methods described herein relate generally to controlling operation, set up, and/or modification of a monitoring system. Some aspects of the present disclosure relate to improving processes for authenticating users of the monitoring system to provide enhanced certainty that only authorized users are permitted to perform certain functions related to the monitoring system. Other aspects relate to simplification of the authenticating process to provide improved ease of operating and/or interfacing with the automation and security system.
- the systems and methods disclosed herein may have particular relevance in at least two scenarios.
- a first scenario there is an objective to provide improved security to perform certain functionality related to the monitoring system.
- the monitoring system may require input of a password or PIN code as an initial authentication step for accessing and/or controlling certain aspects of the monitoring system.
- the present systems and methods may provide for an additional step of authentication, and may be referred to as a multi-factor authentication system or protocol.
- the user In addition to entering the password or PIN code, the user must confirm receipt of an authentication message via an electronic device in the possession of the user (e.g., a cell phone, tablet, computer, or the like).
- the user's presence or interaction with the monitoring system in any way may be used as the initial authentication factor, and confirming receipt of an authentication message via the electronic device may be used as a second authentication factor.
- the user's presence or interaction with the monitoring system may include, for example, interacting with a control panel, providing a voice command, being detected with a motion sensor or video camera, or actuating a lock mechanism or door opener associated with the property being monitored by the monitoring system.
- the systems and methods disclosed herein may provide improved ease of operating the monitoring system by eliminating, for example, the need to navigate a user interface at a control panel or in an app on an electronic device, operate keys to unlock a door, enter a password or pin code, or take other information specific steps.
- a user may state a voice command that is received by the monitoring system.
- the monitoring system then authenticates the command and user by requesting feedback from the user via the electronic device in the possession of the user.
- the user may be able to initiate some functionality related to the monitoring system by simply stating a command and then performing a simple interaction with the electronic device held in his possession (e.g., touching the screen, opening a text message, selecting a response display by an app on the electronic device, etc.).
- the systems and methods disclosed herein may apply to situations in which someone tries to initiate an action via the monitoring system. Some level of authentication occurs in association with this attempted initiated action, but the assurance level of the authentication is insufficient for the requested action.
- the monitoring system may be programmed to require a higher level of assurance for authentication before initiating the action. Before initiating the action, the monitoring system reaches out to an electronic device in the possession of the user via, for example, a mobile app, text message, or the like. Because the electronic device has been pre-registered and known to be associated with the user or an authorized set of users, receiving a confirmation from the user that he has received an authentication message from the electronic device (or answers a question via the electronic device) will provide the required authentication.
- the mobile app is activated to notify the user of the attempted initiated action, and the user is required to take an action on the electronic device to prove that they are in possession of the electronic device.
- the mobile app may interrupt the user (e.g., provide an audible sound or vibration) and/or display a message or request confirmation in some way so that the user may respond with authorization of the attempted initiated action, or at least confirmation that he possesses the electronic device.
- the monitoring system may carry out the requested action.
- the systems and methods disclosed herein relate to circumstances in which an action is initiated independently of an electronic device in the possession of the user associated with a monitoring system (e.g., a cell phone) and the electronic device.
- a monitoring system e.g., a cell phone
- the electronic device is typically remote and separate from the user interface with the monitoring system and is used to confirm authentication of the user.
- an electronic device in the possession of a user typically requires a preliminary step of registering the electronic device.
- the electronic device may be registered in a number of ways using, for example, an identifier associated with the electronic device.
- Cell phones typically include a phone number identifier.
- Other devices may include an address or other identifier (e.g., a Mac address associated with an Apple® brand device) that may be used to confirm that the electronic device is owned and/or controlled by a particular user. Since a user may own multiple electronic devices that may be in their possession at any given time, the monitoring system may provide the option of confirming receipt of an authentication message at any one of the plurality of electronic devices, or any single electronic device preselected by the user.
- FIG. 1 is a block diagram illustrating one embodiment of an environment 100 in which the present systems and methods may be implemented.
- the systems and methods described herein may be performed on a monitoring system 105 (e.g., an automation system or security system for use with a home or business).
- the environment 100 may include the monitoring system 105 and an electronic device 115 which communicate over at least one network 130 .
- Monitoring system 105 may include an authentication module 110 .
- Electronic device 115 may include a confirmation module 120 .
- the network 130 provides communication via, for example, wired or wireless connections. Further, network 130 may include a plurality of communication mediums.
- monitoring system 105 may be in communication with one or more sensors associated with, for example, an automation system and/or a security system.
- a sensor may include, for example, a camera sensor, an audio sensor, a forced entry sensor, shock sensor, proximity sensor, boundary sensor, appliance sensor, light fixture sensor, temperature sensor, light beam sensor, three-dimensional (3-D) sensor, motion sensor, smoke sensor, glass break sensor, door sensor, window sensor, carbon monoxide sensor, accelerometer, global positioning system (GPS) sensor, Wi-Fi positioning system sensor, capacitance sensor, radio frequency sensor, near-field sensor, heart beat sensor, breathing sensor, oxygen sensor, carbon dioxide sensor, brain wave sensor, movement sensor, voice sensor, and the like.
- GPS global positioning system
- Wi-Fi positioning system sensor capacitance sensor, radio frequency sensor, near-field sensor, heart beat sensor, breathing sensor, oxygen sensor, carbon dioxide sensor, brain wave sensor, movement sensor, voice sensor, and the like.
- monitoring system 105 may include additional components such as, for example, those components described below with reference to FIG. 3 .
- Authentication module 110 which is described in further detail below related to FIG. 4 , is operable to provide functionality related to authenticating users of monitoring system 105 .
- Authentication module 110 may provide multiple levels of authentication. One level of authentication may be receiving a password, PIN code, voice command, face recognition information, or other sensor signal that confirms and/or authenticates a particular user or one of a plurality of authorized users for monitoring system 105 .
- Authentication module 110 may be operable to provide another authentication factor in response to interactions with electronic device 115 .
- Electronic device 115 may be a preregistered device associated with a user of monitoring system 105 .
- Electronic device 115 may include, for example, a mobile computing device (e.g., a tablet computing device, a smart phone, etc.) or a mobile personal computing device (e.g., a laptop), or a fab or similar electronic device having limited and/or specific functionality.
- Electronic device 115 is typically remote and separately operable from the monitoring system 105 .
- the user may interact with electronic device 115 in response to communications with authentication module 110 to confirm that the user possesses electronic device 115 and/or provide authorization for the requested actions initiated at the monitoring system 105 .
- Authentication module 110 may, for example, detect activity associated with monitoring system 105 that would require authentication via electronic device 115 , initiate functionality at electronic device 115 that would require user confirmation at electronic device 115 , receive an authentication confirmation from electronic device 115 , and provide execution of activities at monitoring system 105 that required authentication via electronic device 115 .
- Confirmation module 120 of electronic device 115 may be operable to, for example, receive prompts from authentication module 110 via network 130 , generate signals or messages to which the user possessing electronic device 115 may respond to, and generate confirmation signals to be sent back to authentication module 110 reflecting the user's response to authentication messages generated by a confirmation module 120 .
- monitoring system 105 operates in a home as at least one of an automation system and a security system.
- a user who is interacting with monitoring system 105 may wish to disarm a security feature of monitoring system 105 prior to entering the home.
- the user may speak a command such as “disarm system” prior to attempting to unlock a front door of the home.
- Authentication module 110 may recognize the voice command and activate the confirmation module 120 to provide a message to the user on electronic device 115 .
- the message may simply state “do you want to disarm the security system at home?” with reply buttons on a display screen of electronic device 115 marked as “yes” and “no”.
- the user may then press the “yes” button, and confirmation module 120 prepares a response message that confirms the user's intent to disarm the system.
- Authentication module 110 then permits and/or carries out disarming of the security feature of monitoring system 105 .
- the user was able to avoid having to interact with the control panel on the inside of the home to disarm the system (e.g., entering a PIN code and pressing buttons to disarm the system).
- the user attempts to modify a rule of operation monitoring system 105 (e.g., change thermostat from 60 degrees to 70 degrees each morning at 6:00 to each morning at 10:00).
- Monitoring system 105 may require input of a PIN code or password as a first level of authentication to change the rule.
- Authentication module 110 may require additional authentication to change this particular rule.
- Authentication module 110 may require authentication at electronic device 115 to confirm that the user requesting the rule change is in possession of the electronic device 115 .
- Confirmation module 120 may operate an app loaded onto electronic device 115 to display a prompt (e.g., red button) which the user presses to confirm that he possesses the electronic device 115 .
- Confirmation module 120 may provide an authentication message to authentication module 110 , which is used by authentication module 110 as a second level of authentication to then permit the requested rule change.
- Confirmation module 120 may operate in a variety of ways to obtain different types of information from the user.
- the two scenarios described above explain two types of information, wherein one type is confirmation of a specific action requested at monitoring system 105 , and the second type is simply confirmation that the electronic device is in the possession of the user.
- Other examples include sending a text message to the user on the electronic device 115 that the user must either open or respond to with a return text comprising certain information (e.g., a code, password, yes/no terms, or the like).
- a plurality of options are presented to the user, any or all of which the user may select or respond to with a yes/no answer (e.g., Disarm system? Unlock door? Turn on lights? Turn on HVAC? Permit Joey to enter house?).
- One potential advantage related to the environment 100 is that an authorized user of monitoring system 105 may more easily make it possible for other people to receive authorization to perform actions associated with monitoring system 105 .
- users of a particular monitoring system 105 may be required to become familiar with how to interface with the monitoring system 105 (e.g., via a control panel, certain voice command, terminology, etc.). Since various monitoring systems have different user interfaces and functionality, a significant amount of time may be required to learn how to properly navigate the monitoring system.
- an authorized user is typically required to give out a secret password or PIN code in order to have a friend, neighbor, cleaning person, maintenance person, etc., to operate the monitoring system 105 .
- the systems and methods disclosed herein may avoid some of those potentially complicating factors by simply registering an electronic device in possession of the temporary user that the authentication module 110 can communicate with to provide the desired authentication for that temporary user and the actions that he requests of monitoring system 105 .
- the authorized user may loan his own pre-registered electronic device to the temporary user.
- the registration of an electronic device carried by a temporary user may be performed by the temporary user downloading an app that operates on the electronic device, wherein the app is registered using authorization codes, identifiers, or other information provided by the authorized user.
- the temporary user may be able to avoid some of the difficulties otherwise associated with operating monitoring system 105 (e.g., interfacing with the control panel, entering a secret PIN code, etc.).
- environment 200 may include the components of environment 100 described above, and may further include a control center 205 .
- Control center 205 may provide at least some back-end support for monitoring system 105 .
- control center 205 may include memory and capability to communicate with third parties (e.g., fire, police, etc.).
- Messages to and from authentication module 110 and confirmation module 220 may be routed at least in part through control center 205 .
- At least some of the communications and activities performed by authentication module 110 and/or confirmation module 220 may be stored in control center 205 and be made available to a user.
- some features or functionality of authentication module 110 and/or confirmation module 220 may occur at control center 205 rather than at the monitoring system 105 and electronic device 115 .
- an environment 300 may include the components of environment 100 described above, and may further include a plurality of electronic devices 115 - a , and a number of additional features associated with a monitoring system 105 - a .
- Monitoring system 105 - a may be an example of monitoring system 105 illustrated in FIG. 1 .
- Electronic devices 115 - a may be examples of electronic device 115 illustrated in FIG. 1 .
- Monitoring system 105 - a may include, in addition to authentication module 110 , a display 305 , a user interface 310 , an automation controller 315 , an alarm 320 , a mobile computing device 325 , an application 330 , and a sensor 335 .
- Each of electronic devices 115 - a - 1 , 115 - a - 2 , 115 - a - 3 may include a confirmation module 120 .
- Environment 300 addresses at least two different scenarios in which a plurality of electronic devices are available for authenticating users of monitoring system 105 - a .
- a single user may have a plurality of electronic devices 115 - a that are registered and associated with that single user.
- Authentication module 110 may communicate with confirmation modules 120 of each of the electronic devices 115 - a in an attempt to receive confirmation from the user that either (1) the user is in possession of one of the electronic devices 115 - a - 1 , or (2) the user authorizes initiation of an action with monitoring system 105 - a upon receiving an authentication confirmation response from any one of confirmation modules 120 .
- Authentication module 110 may then permit carrying out of the requested initiated action.
- the electronic devices 115 - a are carried by separate authorized users of monitoring system 105 - a .
- authentication module 110 may communicate with each of the confirmation modules 120 of electronic devices 115 - a .
- An authentication confirmation response from any one of the confirmation modules 120 may provide the desired level of authentication needed to proceed with the requested initiated action.
- an authorized user carrying one of the electronic devices 115 - a may ask a neighbor to feed the user's dog at the user's house. The neighbor may enter the user's house and may be asked at a control panel of monitoring system 105 - a for a PIN code to confirm authentication.
- Authentication module 110 may communicate with confirmation modules 120 , whereupon any one of the authorized users carrying electronic devices 115 - a (which may be the neighbor carrying one of the electronic devices 115 - a ) may provide confirmation to disarm the security system.
- This scenario may eliminate the requirement for the neighbor to input a password or PIN code in order to disarm the security system at the house. In this way, the authorized user(s) do not have to give out their secret password or PIN code while still permitting disarming of the security system without being in the home and/or giving one of the electronic devices 115 - a to the neighbor.
- Monitoring system 105 - a may include any one or all of the following components: display 305 , user interface 310 , automation controller 315 , alarm 320 , mobile computing device 325 , application 330 , and sensor 335 .
- Display 305 may include, for example, a digital display as part of, for example, a control panel of monitoring system 105 - a .
- Display 305 may be provided via devices such as, for example, a desktop computer or mobile computing device 325 .
- User interface 310 may be integrated into display 305 .
- User interface 310 may include a plurality of menus, screens, microphones, speakers, camera, and other capabilities that permit interface with the user of monitoring system 105 - a .
- User interface 310 may be integrated into mobile computing device 325 or other devices (e.g., one of electronic devices 115 - a ).
- Automation controller 315 may provide features and functionality related to automation and/or security features of monitoring system 105 - a . Automation controller 315 may provide at least some of the logic, processing, and/or interaction among various components of monitoring system 105 - a.
- Alarm 320 may provide an audible sounds, lights, or the like that provide communication with one or more users on the premises being monitored by monitoring system 105 - a , or communications with a remote device or system related to a condition at a property being monitored by monitoring system 105 - a .
- Alarm 320 may be integrated into display 305 in the form of, for example, text, color displays, or the like.
- mobile computing device 325 may include one or more processors, one or more memory devices, and/or a storage device. Examples of mobile computing device 325 may include DVRs, personal video records (PVRs), and/or mobile computing devices, smart phones, personal computing devices, computers, servers, etc.
- DVRs digital video recorders
- PVRs personal video records
- mobile computing devices smart phones, personal computing devices, computers, servers, etc.
- Application 330 may allow a user to control (either directly or via automation controller 315 ) an aspect of the monitored property, including security, energy management, locking or unlocking a door, checking the status of a door, locating a user or item, controlling lighting, thermostats, or cameras, receiving notifications regarding a current status or anomaly associated with a home, office, place of business, and the like.
- application 330 may enable monitoring system 105 - a to interface with automation controller 315 and utilize the user interface 310 to display automation, security, and/or energy management content on display 305 , user interface 310 , mobile computing device 325 , or other feature of monitoring system 105 - a .
- application 330 via user interface 310 , may allow users to control aspects of their home, office, and/or other type of property. Further, application 330 may be installed on mobile computing device 325 in order to allow a user to interface with a function of monitoring system 105 - a (e.g., automation controller 315 ).
- a function of monitoring system 105 - a e.g., automation controller 315
- Sensor 335 may represent one or more separate sensors or a combination of two or more sensors in a single sensor device.
- sensor 335 may represent one or more camera sensors and one or more motion sensors connected to environment 300 .
- sensor 335 may represent a combination sensor such as both a camera sensor and the motion sensor integrated into the same sensor device.
- sensor 335 is depicted as connecting directly to monitoring system 105 - a , in some embodiments, sensor 335 may be connected to monitoring system 105 - a via network 130 . Additionally, or alternatively, sensor 335 may be integrated into a home appliance or fixture such as a light bulb fixture.
- Sensor 335 may include an accelerometer to enable sensor 335 to detect a movement.
- Sensor 335 may include a wireless communication device, enabling sensor 335 to send and receive data and/or information to and from one or more devices in environment 300 . Additionally, or alternatively, sensor 335 may include a GPS sensor to enable sensor 335 to track a location of sensor 335 . Sensor 335 may include a proximity sensor to enable sensor 335 to detect proximity of a user relative to a predetermined distance from a dwelling (e.g., geo-fencing). Sensor 335 may include one or more security detection sensors such as, for example, a glass break sensor, a motion detection sensor, or both. Additionally, or alternatively, sensor 335 may include a smoke detection sensor, a carbon monoxide sensor, or both.
- sensor 335 may detect presence of a user within a dwelling being monitored by monitoring system 105 - a , performing certain functions (e.g., opening a door or window), or speaking a voice command. Feedback from sensor 335 may function as at least one authentication factor used by authentication module 110 .
- a user may access the functions of monitoring system 105 - a (e.g., automation controller 315 ) from mobile computing device 325 .
- mobile computing device 325 includes a mobile application that interfaces with one or more functions of monitoring system 105 - a .
- Electronic devices 115 - a may be one example of mobile computing device 325 .
- Examples of automation controller 315 may include a dedicated home automation computing device (e.g., wall-mounted controller), a personal computing device (e.g., laptop, desktop, etc.), a mobile computing device (e.g., tablet computing device, smart phone, etc.), and the like.
- FIG. 4 is a block diagram 400 illustrating one example of an authentication module 110 - a .
- Authentication module 110 - a may be one example of authentication module 110 depicted in FIGS. 1, 2 , and/or 3 .
- authentication module 110 - a may include a detector module 405 and authentication confirmation module 410 , and a command execution module 415 .
- Authentication module 110 - a may include more or fewer modules and capabilities in other embodiments.
- authentication module 110 - a may include additional modules and functionality than that which is described with reference to block diagram 400 .
- Detector module 405 may operate to detect some interaction between a user and monitoring system 105 (see FIGS. 1-3 ).
- the user interaction may include, for example, a request to initiate some function of monitoring system 105 .
- the interaction may detect the presence of the user generally at a premises being monitored by monitoring system 105 , or specific activities of the user on the premises. The detected interaction may be used to determine what level of authentication is used in order to carry out certain functions of monitoring system 105 either by the user or some other person.
- Authentication confirmation module 410 may provide communication to and from confirmation module 120 of electronic device 115 (see FIGS. 1-3 ). Authentication confirmation module 410 may initiate a request for user confirmation at at least one electronic device 115 . Authentication confirmation module 410 may send a message or provide instructions and/or input for sending or generating a message that is delivered to the user in possession of electronic device 115 . Confirmation module 120 may operate to receive communications from authentication confirmation module 410 and provide the type of interface with the user in possession of electronic device 115 required in order to obtain the level of authentication needed to permit the initiated action at monitoring system 105 . Authentication confirmation module 410 may receive a responsive authentication communication from confirmation module 120 required for authentication module 110 - a to permit or not permit the proposed initiated action of monitoring system 105 - a.
- Command execution module 415 may determine whether the responsive communication from confirmation module 120 meets the requirements to authenticate users and/or actions related to the proposed initiated action of monitoring system 105 - a . Command execution module 415 may send messages, generate signals, modify functionality of monitoring system 105 , or perform other functions associated with the proposed initiated action of monitoring system 105 .
- FIG. 5 is a block diagram 500 illustrating an example of a confirmation module 120 - a .
- Confirmation module 120 - a may be one example of confirmation module 120 depicted in FIGS. 1, 2 , and/or 3 .
- confirmation module 120 - a may include a notification module 505 and a generating module 510 .
- Confirmation module 120 - a may include additional or fewer modules and capability in other embodiments.
- Notification module 505 may receive notifications and communications from authentication module 110 and determine which type of notification or communication is needed to receive the authentication confirmation from the user in possession of the electronic device 115 upon which the confirmation module 120 - a operates. Notification module 505 may generate a number of notifications such as, for example, a request for confirmation that the user is in possession of electronic device 115 , ask a yes/no question related to a specific proposed initiated action of monitoring system 105 , request a return text message, or the like.
- Generating module 510 may generate a response to be delivered to authentication module 110 . Generating module 510 may format the response in any desired way to provide the type of authentication message needed for authentication module 110 to determine whether to permit carrying out the proposed initiated action of monitoring system 105 .
- Notification module 505 and generating module 510 may be integrated into an application that is loaded onto the electronic device 115 .
- the application e.g., mobile app
- the application may override other features and functionality of electronic device 115 such that the notification generated by notification module 505 is able to interrupt and/or display over other features or functionality that may be operating concurrently on electronic device 115 .
- FIG. 6 is a flow diagram illustrating one embodiment of a method 600 for authenticating a user of a monitoring system (e.g., automation system and/or security system).
- the method 600 may be implemented by the authentication module 110 of monitoring system 105 shown in FIGS. 1, 2, 3 , and/or 4 .
- method 600 may be performed generally by monitoring system 105 shown in FIGS. 1, 2 , and/or 3 , or even more generally by the environments 100 , 200 , and/or 300 shown in FIGS. 1-3 , respectively.
- method 600 may be implemented in conjunction with electronic devices 115 shown in FIGS. 1, 2 , and/or 3 .
- method 600 includes receiving input (e.g., instructions) from the user to perform at least one function of the home automation and security system.
- Block 610 includes receiving confirmation that the user has received an authentication message at an electronic device carried by the user.
- the method 600 includes initiating the at least one function. Initiating the at least one function may occur after receiving confirmation that the user has received the authentication message at the electronic device carried by the user.
- method 600 may include providing the electronic device as a cell phone and the authentication message as a text message.
- the authentication message may include information about the at least one function of the home automation and security system.
- the electronic device may include an application that displays the authentication message to the user.
- Method 600 may also include receiving a registration of the electronic device in association with the user.
- Method 600 may include receiving a user authentication input from the user.
- the user authentication input may include a password or PIN code of the user.
- the input from the user may be received at a control panel of the home automation and security system.
- the input from the user may be received as a voice command.
- the at least one function may be one of arming or disarming the home automation and security system.
- Method 600 may also include receiving confirmation that the user has authorized the function using the electronic device.
- FIG. 7 is a flow diagram illustrating one embodiment of a method 700 for authenticating a user of a monitoring system (e.g., an automation system and/or security system).
- the method 700 may be implemented by the authentication module 110 of monitoring system 105 shown in FIGS. 1, 2, 3 , and/or 4 .
- method 700 may be performed generally by monitoring system 105 shown in FIGS. 1, 2 , and/or 3 , or even more generally by the environments 100 , 200 , 300 shown in FIGS. 1-3 , respectively.
- method 700 may be implemented in conjunction with electronic devices 115 shown in FIGS. 1, 2 , and/or 3 .
- the method 700 includes receiving a first user authentication input from the user.
- Block 710 includes receiving confirmation that the user received an authentication message on an electronic device in the user's possession as a second user authentication input.
- method 700 includes receiving input (e.g., instructions) from the user to initiate at least one function of the home automation and security system.
- Block 720 includes initiating the at least one function.
- Method 700 may also include providing the first user authentication input as one of a password and a PIN code. Method 700 may include receiving confirmation that the user has authorized the function using the electronic device. The first user authentication input may include confirmation of the user's presence at a property monitored by the home automation and security system. Method 700 may include sending the authentication message to the electronic device.
- FIG. 8 is a flow diagram illustrating one example of a method 800 for authentication of a user of a monitoring system (e.g., an automation system and/or a security system).
- the method 800 may be implemented by the authentication module 110 of monitoring system 105 shown in FIGS. 1, 2, 3 , and/or 4 .
- method 800 may be performed generally by monitoring system 105 shown in FIGS. 1, 2 , and/or 3 , or even more generally by the environments 100 , 200 , 300 shown in FIGS. 1-3 , respectively.
- method 800 may be implemented in conjunction with electronic device 115 shown in FIGS. 1, 2 , and/or 3 .
- the method 800 includes determining a location of a user based on use of a home automation and security system.
- Block 810 includes authenticating the user by receiving confirmation that the user possesses a handheld electronic device.
- method 800 includes initiating at least one function of the home automation and security system after authenticating the user.
- Method 800 may also include sending a message to the handheld electronic device, wherein authenticating the user includes receiving an input entered on the handheld electronic device by the user in response to the message.
- Authenticating the user may include receiving an input entered on the handheld electronic device by the user that authorizes the at least one function.
- Determining a location of a user may include receiving at least one of a user command and a user authentication input.
- FIG. 9 depicts a block diagram of a controller 900 suitable for implementing the present systems and methods.
- the controller 900 may be an example of the mobile computing device 325 , and/or automation controller 315 illustrated in FIG. 3 .
- controller 900 includes a bus 905 which interconnects major subsystems of controller 900 , such as a central processor 910 , a system memory 915 (typically RAM, but which may also include ROM, flash RAM, or the like), an input/output controller 920 , an external audio device, such as a speaker system 925 via an audio output interface 930 , an external device, such as a display screen 935 via display adapter 940 , an input device 945 (e.g., remote control device interfaced with an input controller 950 ), multiple USB devices 965 (interfaced with a USB controller 970 ), and a storage interface 980 .
- at least one sensor 955 connected to bus 905 through a sensor controller 960 and a network interface 985 (coupled directly to
- Bus 905 allows data communication between central processor 910 and system memory 915 , which may include read-only memory (ROM) or flash memory (neither shown), and random access memory (RAM) (not shown), as previously noted.
- the RAM is generally the main memory into which the operating system and application programs are loaded.
- the ROM or flash memory can contain, among other code, the Basic Input-Output system (BIOS) which controls basic hardware operation such as the interaction with peripheral components or devices.
- BIOS Basic Input-Output system
- an authentication module 110 - b to implement the present systems and methods may be stored within the system memory 915 .
- the authentication module 110 - b may be an example of the authentication module 110 illustrated in FIGS. 1, 2, 3 , and/or 4 .
- Applications e.g., application 330 resident with controller 900 are generally stored on and accessed via a non-transitory computer readable medium, such as a hard disk drive (e.g., fixed disk 975 ) or other storage medium. Additionally, applications can be in the form of electronic signals modulated in accordance with the application and data communication technology when accessed via interface 985 .
- a non-transitory computer readable medium such as a hard disk drive (e.g., fixed disk 975 ) or other storage medium.
- applications can be in the form of electronic signals modulated in accordance with the application and data communication technology when accessed via interface 985 .
- Storage interface 980 can connect to a standard computer readable medium for storage and/or retrieval of information, such as a fixed disk drive 975 .
- Fixed disk drive 975 may be a part of controller 900 or may be separate and accessed through other interface systems.
- Network interface 985 may provide a direct connection to a remote server via a direct network link to the Internet via a POP (point of presence).
- Network interface 985 may provide such connection using wireless techniques, including digital cellular telephone connection, Cellular Digital Packet Data (CDPD) connection, digital satellite data connection, or the like.
- one or more sensors e.g., motion sensor, smoke sensor, glass break sensor, door sensor, window sensor, carbon monoxide sensor, and the like connect to controller 900 wirelessly via network interface 985 .
- controller 900 may be iOS®, ANDROID®, MS-DOS®, MS-WINDOWS®, OS/2®, UNIX®, LINUX®, or another known operating system.
- a signal can be directly transmitted from a first block to a second block, or a signal can be modified (e.g., amplified, attenuated, delayed, latched, buffered, inverted, filtered, or otherwise modified) between the blocks.
- a signal can be directly transmitted from a first block to a second block, or a signal can be modified (e.g., amplified, attenuated, delayed, latched, buffered, inverted, filtered, or otherwise modified) between the blocks.
- a signal input at a second block can be conceptualized as a second signal derived from a first signal output from a first block due to physical limitations of the circuitry involved (e.g., there will inevitably be some attenuation and delay). Therefore, as used herein, a second signal derived from a first signal includes the first signal or any modifications to the first signal, whether due to circuit limitations or due to passage through other circuit elements which do not change the informational and/or final functional aspect of the first signal.
- FIG. 10 is a block diagram 1000 of an electronic device 115 - c .
- Electronic device 115 - c may be one example of the electronic device 115 of FIGS. 1, 2 and/or 3 .
- the electronic device 115 - c may have any of various configurations, such as personal computers (e.g., laptop computers, netbook computers, tablet computers, etc.), cellular telephones, PDAs, digital video recorders (DVRs), internet appliances, gaming consoles, e-readers, etc.
- the electronic device 115 - c may have an internal power supply (not shown), such as a small battery, to facilitate mobile operation.
- the electronic device 115 - c includes antennas 1005 , a transceiver module 1010 , memory 1015 , and a processor module 1025 , which each may be in communication, directly or indirectly, with each other (e.g., via one or more buses).
- the transceiver module 1010 is configured to communicate bi-directionally, via the antennas 1005 and/or one or more wired or wireless links, with one or more networks, as described above.
- the transceiver module 1010 may be configured to communicate bi-directionally with authentication module 110 of FIGS. 1, 2 , and/or 3 .
- the transceiver module 1010 may include a modem configured to modulate the packets and provide the modulated packets to the antennas 1005 for transmission, and to demodulate packets received from the antennas 1005 . While the electronic device 115 - c may include a single antenna, the electronic device 115 - c will typically include multiple antennas 1005 for multiple links.
- the memory 1015 may include random access memory (RAM) and read-only memory (ROM).
- the memory 1015 may store computer-readable, computer-executable software code 1020 containing instructions that are configured to, when executed, cause the processor module 1025 to perform various functions described herein (e.g., call processing, database management, message routing, etc.).
- the software code 1020 may not be directly executable by the processor module 1025 but be configured to cause the computer (e.g., when compiled and executed) to perform functions described herein.
- the processor module 1025 may include an intelligent hardware device, e.g., a central processing unit (CPU), a microcontroller, an application specific integrated circuit (ASIC), etc.
- the processor module 1025 may include a speech encoder (not shown) configured to receive audio via a microphone, convert the audio into packets (e.g., 30 ms in length) representative of the received audio, provide the audio packets to the transceiver module 1010 , and provide indications of whether a user is speaking.
- an encoder may only provide packets to the transceiver module 1010 , with the provision or withholding/suppression of the packet itself providing the indication of whether a user is speaking.
- the electronic device 115 - c further includes a communications management module 1030 and a state module 1035 .
- the communications management module 1030 may manage communications with other electronic devices 115 - c .
- the communications management module 1030 may be a component of the electronic device 115 - c in communication with some or all of the other components of the electronic device 115 - c via a bus.
- functionality of the communications management module 1030 may be implemented as a component of the transceiver module 1010 , as a computer program product, and/or as one or more controller elements of the processor module 1025 .
- the state module 1035 may reflect and control the current device state (e.g., context, authentication, base station association, other connectivity issues).
- the components of the electronic device 115 - c may, individually or collectively, be implemented with one or more application-specific integrated circuits (ASICs) adapted to perform some or all of the applicable functions in hardware.
- ASICs application-specific integrated circuits
- the functions may be performed by one or more other processing units (or cores), on one or more integrated circuits.
- other types of integrated circuits may be used (e.g., Structured/Platform ASICs, Field Programmable Gate Arrays (FPGAs), and other Semi-Custom ICs), which may be programmed in any manner known in the art.
- the functions of each unit may also be implemented, in whole or in part, with instructions embodied in a memory, formatted to be executed by one or more general or application-specific processors.
- Each of the noted modules may be a means for performing one or more functions related to operation of the electronic device 115 - c.
- the terms “a” or “an,” as used in the specification and claims, are to be construed as meaning “at least one of”
- the words “including” and “having,” as used in the specification and claims are interchangeable with and have the same meaning as the word “comprising.”
- the term “based on” as used in the specification and the claims is to be construed as meaning “based at least upon.”
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
- Alarm Systems (AREA)
Abstract
Description
- The present application is a continuation of U.S. patent application Ser. No. 14/231,458, filed Mar. 31, 2014, titled “MOBILE DEVICE BASED AUTHENTICATION,” the disclosure of which is incorporated herein in its entirety by this reference.
- Advancements in media delivery systems and media-related technologies continue to increase at a rapid pace. Increasing demand for media has influenced the advances made to media-related technologies. Computer systems have increasingly become an integral part of the media-related technologies. Computer systems may be used to carry out several media-related functions. The wide-spread access to media has been accelerated by the increased use of computer networks, including the Internet and cloud networking.
- Many homes and businesses use one or more computer networks to generate, deliver, and receive data and information between the various computers connected to computer networks. Users of computer technologies continue to demand increased access to information and an increase in the efficiency of these technologies. Improving the efficiency of computer technologies is desirable to those who use and rely on computers.
- With the wide-spread use of computers and mobile devices has come an increased presence of home/business automation and security products. Advancements in mobile devices allow users to monitor and/or control an aspect of a home or business. As automation and security products expand to encompass other systems and functionality in the home or business, opportunities exist for improved authentication of users of the automation and security products and greater ease of operating the automation and security products.
- Methods and systems are described for voice control of an automation and/or security system. According to at least one embodiment, an apparatus for voice control of an automation and security system includes a processor, a memory in electronic communication with the processor, and instructions stored in the memory which are executable by the processor to receive input from the user to perform at least one function of the automation and security system, receive confirmation that the user has received an authentication message at an electronic device carried by the user, and initiate the at least one function.
- In another example, the electronic device may be a cell phone and the authentication message is a text message. The authentication message may include information about the at least one function. The electronic device may include an application that displays the authentication message to the user. The instructions may be executable by the processor to receive a registration of the electronic device as being associated with the user. The instructions may be executable by the processor to receive a user authentication input from the user. The user authentication input may be a password or PIN code of the user. The input from the user may be received at a control panel of the automation and security system. The input from the user may be received as a voice command. The at least one function may be one of arming or disarming the automation and security system. The instructions may be executable by the processor to receive confirmation that the user has authorized the at least one function using the electronic device.
- Another embodiment relates to a computer-program product for authenticating a user of an automation and security system. The computer-program product includes a non-transitory computer-readable medium storing instructions executable by a processor to receive a first user authentication input from the user, receive confirmation that the user received an authentication message on an electronic device in the user's possession as a second user authentication input, receive input from the user to initiate at least one function of the automation and security system, and initiate the at least one function.
- In one example, the first user authentication input is one of a password and a PIN code. The instructions may be executable by the processor to receive confirmation that the user has authorized the at least one function using the electronic device. The first user authentication input may include confirmation of the user's presence at a property monitored by the automation and security system. The instructions may be executable by the processor to send the authentication message to the electronic device.
- A further embodiment relates to a computer-implemented method for authenticating a user of an automation and security system. The method includes determining a location of the user based on use of the automation and security system, authenticating the user by receiving confirmation that the user possesses a handheld electronic device, and initiating at least one function of the automation and security system after authenticating the user.
- In one example, the method may further include sending a message to the handheld electronic device, and authenticating the user may include receiving an input entered on the handheld electronic device by the user in response to the message. Authenticating the user may include receiving an input entered on the handheld electronic device by the user authorizing the at least one function. Determining a location of the user may include receiving at least one of a user command and a user authentication input.
- The foregoing has outlined rather broadly the features and technical advantages of examples according to the disclosure in order that the detailed description that follows may be better understood. Additional features and advantages will be described hereinafter. The conception and specific examples disclosed may be readily utilized as a basis for modifying or designing other structures for carrying out the same purposes of the present disclosure. Such equivalent constructions do not depart from the spirit and scope of the appended claims. Features which are believed to be characteristic of the concepts disclosed herein, both as to their organization and method of operation, together with associated advantages will be better understood from the following description when considered in connection with the accompanying figures. Each of the figures is provided for the purpose of illustration and description only, and not as a definition of the limits of the claims.
- A further understanding of the nature and advantages of the embodiments may be realized by reference to the following drawings. In the appended figures, similar components or features may have the same reference label. Further, various components of the same type may be distinguished by following the reference label by a dash and a second label that distinguishes among the similar components. If only the first reference label is used in the specification, the description is applicable to any one of the similar components having the same first reference label irrespective of the second reference label.
-
FIG. 1 is a block diagram of an environment in which the present systems and methods may be implemented; -
FIG. 2 is a block diagram of another environment in which the present systems and methods may be implemented; -
FIG. 3 is a block diagram of another environment in which the present systems and methods may be implemented; -
FIG. 4 is a block diagram of an example authentication module of the environments shown inFIGS. 1-3 ; -
FIG. 5 is a block diagram of an example confirmation module of the environments shown inFIGS. 1-3 ; -
FIG. 6 is a flow diagram illustrating a method for controlling access to a home based on user occupancy; -
FIG. 7 is a flow diagram illustrating another method for controlling access to a home based on user occupancy; -
FIG. 8 is a flow diagram illustrating another method for controlling access to a home based on user occupancy; -
FIG. 9 is a block diagram of a computer system suitable for implementing the systems and methods ofFIGS. 1-8 ; and -
FIG. 10 is a block diagram of an example of a mobile device. - While the embodiments described herein are susceptible to various modifications and alternative forms, specific embodiments have been shown by way of example in the drawings and will be described in detail herein. However, the exemplary embodiments described herein are not intended to be limited to the particular forms disclosed. Rather, the instant disclosure covers all modifications, equivalents, and alternatives falling within the scope of the appended claims.
- The systems and methods described herein relate to home automation and home security, and related security systems and automation for use in commercial and business settings. The automation and security systems and methods disclosed herein may generally be referred to as monitoring systems, may include automation and/or security functionality, and may include systems and methods for use in home and business and/or commercial settings. The systems and methods described herein relate generally to controlling operation, set up, and/or modification of a monitoring system. Some aspects of the present disclosure relate to improving processes for authenticating users of the monitoring system to provide enhanced certainty that only authorized users are permitted to perform certain functions related to the monitoring system. Other aspects relate to simplification of the authenticating process to provide improved ease of operating and/or interfacing with the automation and security system.
- The systems and methods disclosed herein may have particular relevance in at least two scenarios. In a first scenario, there is an objective to provide improved security to perform certain functionality related to the monitoring system. For example, the monitoring system may require input of a password or PIN code as an initial authentication step for accessing and/or controlling certain aspects of the monitoring system. The present systems and methods may provide for an additional step of authentication, and may be referred to as a multi-factor authentication system or protocol. In addition to entering the password or PIN code, the user must confirm receipt of an authentication message via an electronic device in the possession of the user (e.g., a cell phone, tablet, computer, or the like). In another example, the user's presence or interaction with the monitoring system in any way may be used as the initial authentication factor, and confirming receipt of an authentication message via the electronic device may be used as a second authentication factor. The user's presence or interaction with the monitoring system may include, for example, interacting with a control panel, providing a voice command, being detected with a motion sensor or video camera, or actuating a lock mechanism or door opener associated with the property being monitored by the monitoring system.
- In another scenario, the systems and methods disclosed herein may provide improved ease of operating the monitoring system by eliminating, for example, the need to navigate a user interface at a control panel or in an app on an electronic device, operate keys to unlock a door, enter a password or pin code, or take other information specific steps. For example, a user may state a voice command that is received by the monitoring system. The monitoring system then authenticates the command and user by requesting feedback from the user via the electronic device in the possession of the user. According to this scenario, the user may be able to initiate some functionality related to the monitoring system by simply stating a command and then performing a simple interaction with the electronic device held in his possession (e.g., touching the screen, opening a text message, selecting a response display by an app on the electronic device, etc.).
- Generally, the systems and methods disclosed herein may apply to situations in which someone tries to initiate an action via the monitoring system. Some level of authentication occurs in association with this attempted initiated action, but the assurance level of the authentication is insufficient for the requested action. The monitoring system may be programmed to require a higher level of assurance for authentication before initiating the action. Before initiating the action, the monitoring system reaches out to an electronic device in the possession of the user via, for example, a mobile app, text message, or the like. Because the electronic device has been pre-registered and known to be associated with the user or an authorized set of users, receiving a confirmation from the user that he has received an authentication message from the electronic device (or answers a question via the electronic device) will provide the required authentication.
- In the example of a mobile app that has been pre-downloaded onto the electric device, the mobile app is activated to notify the user of the attempted initiated action, and the user is required to take an action on the electronic device to prove that they are in possession of the electronic device. In one example, the mobile app may interrupt the user (e.g., provide an audible sound or vibration) and/or display a message or request confirmation in some way so that the user may respond with authorization of the attempted initiated action, or at least confirmation that he possesses the electronic device. Once the monitoring system receives the authentication response via the electronic device, the monitoring system may carry out the requested action. In essence, the systems and methods disclosed herein relate to circumstances in which an action is initiated independently of an electronic device in the possession of the user associated with a monitoring system (e.g., a cell phone) and the electronic device. The electronic device is typically remote and separate from the user interface with the monitoring system and is used to confirm authentication of the user.
- Using an electronic device in the possession of a user as one factor in authenticating the user typically requires a preliminary step of registering the electronic device. The electronic device may be registered in a number of ways using, for example, an identifier associated with the electronic device. Cell phones typically include a phone number identifier. Other devices may include an address or other identifier (e.g., a Mac address associated with an Apple® brand device) that may be used to confirm that the electronic device is owned and/or controlled by a particular user. Since a user may own multiple electronic devices that may be in their possession at any given time, the monitoring system may provide the option of confirming receipt of an authentication message at any one of the plurality of electronic devices, or any single electronic device preselected by the user.
-
FIG. 1 is a block diagram illustrating one embodiment of anenvironment 100 in which the present systems and methods may be implemented. In some embodiments, the systems and methods described herein may be performed on a monitoring system 105 (e.g., an automation system or security system for use with a home or business). Theenvironment 100 may include themonitoring system 105 and anelectronic device 115 which communicate over at least onenetwork 130.Monitoring system 105 may include anauthentication module 110.Electronic device 115 may include aconfirmation module 120. Thenetwork 130 provides communication via, for example, wired or wireless connections. Further,network 130 may include a plurality of communication mediums. - In some embodiments,
monitoring system 105 may be in communication with one or more sensors associated with, for example, an automation system and/or a security system. A sensor may include, for example, a camera sensor, an audio sensor, a forced entry sensor, shock sensor, proximity sensor, boundary sensor, appliance sensor, light fixture sensor, temperature sensor, light beam sensor, three-dimensional (3-D) sensor, motion sensor, smoke sensor, glass break sensor, door sensor, window sensor, carbon monoxide sensor, accelerometer, global positioning system (GPS) sensor, Wi-Fi positioning system sensor, capacitance sensor, radio frequency sensor, near-field sensor, heart beat sensor, breathing sensor, oxygen sensor, carbon dioxide sensor, brain wave sensor, movement sensor, voice sensor, and the like. - In some configurations,
monitoring system 105 may include additional components such as, for example, those components described below with reference toFIG. 3 .Authentication module 110, which is described in further detail below related toFIG. 4 , is operable to provide functionality related to authenticating users ofmonitoring system 105.Authentication module 110 may provide multiple levels of authentication. One level of authentication may be receiving a password, PIN code, voice command, face recognition information, or other sensor signal that confirms and/or authenticates a particular user or one of a plurality of authorized users formonitoring system 105.Authentication module 110 may be operable to provide another authentication factor in response to interactions withelectronic device 115.Electronic device 115 may be a preregistered device associated with a user ofmonitoring system 105.Electronic device 115 may include, for example, a mobile computing device (e.g., a tablet computing device, a smart phone, etc.) or a mobile personal computing device (e.g., a laptop), or a fab or similar electronic device having limited and/or specific functionality.Electronic device 115 is typically remote and separately operable from themonitoring system 105. The user may interact withelectronic device 115 in response to communications withauthentication module 110 to confirm that the user possesseselectronic device 115 and/or provide authorization for the requested actions initiated at themonitoring system 105. -
Authentication module 110 may, for example, detect activity associated withmonitoring system 105 that would require authentication viaelectronic device 115, initiate functionality atelectronic device 115 that would require user confirmation atelectronic device 115, receive an authentication confirmation fromelectronic device 115, and provide execution of activities atmonitoring system 105 that required authentication viaelectronic device 115. -
Confirmation module 120 ofelectronic device 115 may be operable to, for example, receive prompts fromauthentication module 110 vianetwork 130, generate signals or messages to which the user possessingelectronic device 115 may respond to, and generate confirmation signals to be sent back toauthentication module 110 reflecting the user's response to authentication messages generated by aconfirmation module 120. - In one scenario,
monitoring system 105 operates in a home as at least one of an automation system and a security system. A user who is interacting withmonitoring system 105 may wish to disarm a security feature ofmonitoring system 105 prior to entering the home. The user may speak a command such as “disarm system” prior to attempting to unlock a front door of the home.Authentication module 110 may recognize the voice command and activate theconfirmation module 120 to provide a message to the user onelectronic device 115. The message may simply state “do you want to disarm the security system at home?” with reply buttons on a display screen ofelectronic device 115 marked as “yes” and “no”. The user may then press the “yes” button, andconfirmation module 120 prepares a response message that confirms the user's intent to disarm the system.Authentication module 110 then permits and/or carries out disarming of the security feature ofmonitoring system 105. In this scenario, the user was able to avoid having to interact with the control panel on the inside of the home to disarm the system (e.g., entering a PIN code and pressing buttons to disarm the system). - In another scenario, the user attempts to modify a rule of operation monitoring system 105 (e.g., change thermostat from 60 degrees to 70 degrees each morning at 6:00 to each morning at 10:00).
Monitoring system 105 may require input of a PIN code or password as a first level of authentication to change the rule.Authentication module 110 may require additional authentication to change this particular rule.Authentication module 110 may require authentication atelectronic device 115 to confirm that the user requesting the rule change is in possession of theelectronic device 115.Confirmation module 120 may operate an app loaded ontoelectronic device 115 to display a prompt (e.g., red button) which the user presses to confirm that he possesses theelectronic device 115.Confirmation module 120 may provide an authentication message toauthentication module 110, which is used byauthentication module 110 as a second level of authentication to then permit the requested rule change. -
Confirmation module 120 may operate in a variety of ways to obtain different types of information from the user. The two scenarios described above explain two types of information, wherein one type is confirmation of a specific action requested atmonitoring system 105, and the second type is simply confirmation that the electronic device is in the possession of the user. Other examples include sending a text message to the user on theelectronic device 115 that the user must either open or respond to with a return text comprising certain information (e.g., a code, password, yes/no terms, or the like). In another example, a plurality of options are presented to the user, any or all of which the user may select or respond to with a yes/no answer (e.g., Disarm system? Unlock door? Turn on lights? Turn on HVAC? Permit Joey to enter house?). - One potential advantage related to the
environment 100 is that an authorized user ofmonitoring system 105 may more easily make it possible for other people to receive authorization to perform actions associated withmonitoring system 105. Typically, users of aparticular monitoring system 105 may be required to become familiar with how to interface with the monitoring system 105 (e.g., via a control panel, certain voice command, terminology, etc.). Since various monitoring systems have different user interfaces and functionality, a significant amount of time may be required to learn how to properly navigate the monitoring system. Additionally, an authorized user is typically required to give out a secret password or PIN code in order to have a friend, neighbor, cleaning person, maintenance person, etc., to operate themonitoring system 105. The systems and methods disclosed herein may avoid some of those potentially complicating factors by simply registering an electronic device in possession of the temporary user that theauthentication module 110 can communicate with to provide the desired authentication for that temporary user and the actions that he requests ofmonitoring system 105. In another example, the authorized user may loan his own pre-registered electronic device to the temporary user. - The registration of an electronic device carried by a temporary user may be performed by the temporary user downloading an app that operates on the electronic device, wherein the app is registered using authorization codes, identifiers, or other information provided by the authorized user. Once the temporary user possesses a registered
electronic device 115, the temporary user may be able to avoid some of the difficulties otherwise associated with operating monitoring system 105 (e.g., interfacing with the control panel, entering a secret PIN code, etc.). - Referring now to
FIG. 2 , in some embodiments,environment 200 may include the components ofenvironment 100 described above, and may further include acontrol center 205.Control center 205 may provide at least some back-end support formonitoring system 105. For example,control center 205 may include memory and capability to communicate with third parties (e.g., fire, police, etc.). Messages to and fromauthentication module 110 andconfirmation module 220 may be routed at least in part throughcontrol center 205. At least some of the communications and activities performed byauthentication module 110 and/orconfirmation module 220 may be stored incontrol center 205 and be made available to a user. In at least some examples, some features or functionality ofauthentication module 110 and/orconfirmation module 220 may occur atcontrol center 205 rather than at themonitoring system 105 andelectronic device 115. - Referring now to
FIG. 3 , in some embodiments, anenvironment 300 may include the components ofenvironment 100 described above, and may further include a plurality of electronic devices 115-a, and a number of additional features associated with a monitoring system 105-a. Monitoring system 105-a may be an example ofmonitoring system 105 illustrated inFIG. 1 . Electronic devices 115-a may be examples ofelectronic device 115 illustrated inFIG. 1 . Monitoring system 105-a may include, in addition toauthentication module 110, adisplay 305, a user interface 310, anautomation controller 315, analarm 320, amobile computing device 325, anapplication 330, and asensor 335. Each of electronic devices 115-a-1, 115-a-2, 115-a-3 may include aconfirmation module 120. -
Environment 300 addresses at least two different scenarios in which a plurality of electronic devices are available for authenticating users of monitoring system 105-a. In one scenario, a single user may have a plurality of electronic devices 115-a that are registered and associated with that single user.Authentication module 110 may communicate withconfirmation modules 120 of each of the electronic devices 115-a in an attempt to receive confirmation from the user that either (1) the user is in possession of one of the electronic devices 115-a-1, or (2) the user authorizes initiation of an action with monitoring system 105-a upon receiving an authentication confirmation response from any one ofconfirmation modules 120.Authentication module 110 may then permit carrying out of the requested initiated action. - In another scenario, the electronic devices 115-a are carried by separate authorized users of monitoring system 105-a. Upon receiving a requested initiation of an action at monitoring 105-a,
authentication module 110 may communicate with each of theconfirmation modules 120 of electronic devices 115-a. An authentication confirmation response from any one of theconfirmation modules 120 may provide the desired level of authentication needed to proceed with the requested initiated action. In one example, an authorized user carrying one of the electronic devices 115-a may ask a neighbor to feed the user's dog at the user's house. The neighbor may enter the user's house and may be asked at a control panel of monitoring system 105-a for a PIN code to confirm authentication.Authentication module 110 may communicate withconfirmation modules 120, whereupon any one of the authorized users carrying electronic devices 115-a (which may be the neighbor carrying one of the electronic devices 115-a) may provide confirmation to disarm the security system. This scenario may eliminate the requirement for the neighbor to input a password or PIN code in order to disarm the security system at the house. In this way, the authorized user(s) do not have to give out their secret password or PIN code while still permitting disarming of the security system without being in the home and/or giving one of the electronic devices 115-a to the neighbor. - Monitoring system 105-a may include any one or all of the following components:
display 305, user interface 310,automation controller 315,alarm 320,mobile computing device 325,application 330, andsensor 335.Display 305 may include, for example, a digital display as part of, for example, a control panel of monitoring system 105-a.Display 305 may be provided via devices such as, for example, a desktop computer ormobile computing device 325. User interface 310 may be integrated intodisplay 305. User interface 310 may include a plurality of menus, screens, microphones, speakers, camera, and other capabilities that permit interface with the user of monitoring system 105-a. User interface 310 may be integrated intomobile computing device 325 or other devices (e.g., one of electronic devices 115-a). -
Automation controller 315 may provide features and functionality related to automation and/or security features of monitoring system 105-a.Automation controller 315 may provide at least some of the logic, processing, and/or interaction among various components of monitoring system 105-a. -
Alarm 320 may provide an audible sounds, lights, or the like that provide communication with one or more users on the premises being monitored by monitoring system 105-a, or communications with a remote device or system related to a condition at a property being monitored by monitoring system 105-a.Alarm 320 may be integrated intodisplay 305 in the form of, for example, text, color displays, or the like. - In some embodiments,
mobile computing device 325 may include one or more processors, one or more memory devices, and/or a storage device. Examples ofmobile computing device 325 may include DVRs, personal video records (PVRs), and/or mobile computing devices, smart phones, personal computing devices, computers, servers, etc. -
Application 330 may allow a user to control (either directly or via automation controller 315) an aspect of the monitored property, including security, energy management, locking or unlocking a door, checking the status of a door, locating a user or item, controlling lighting, thermostats, or cameras, receiving notifications regarding a current status or anomaly associated with a home, office, place of business, and the like. In some configurations,application 330 may enable monitoring system 105-a to interface withautomation controller 315 and utilize the user interface 310 to display automation, security, and/or energy management content ondisplay 305, user interface 310,mobile computing device 325, or other feature of monitoring system 105-a. Thus,application 330, via user interface 310, may allow users to control aspects of their home, office, and/or other type of property. Further,application 330 may be installed onmobile computing device 325 in order to allow a user to interface with a function of monitoring system 105-a (e.g., automation controller 315). -
Sensor 335 may represent one or more separate sensors or a combination of two or more sensors in a single sensor device. For example,sensor 335 may represent one or more camera sensors and one or more motion sensors connected toenvironment 300. Additionally, or alternatively,sensor 335 may represent a combination sensor such as both a camera sensor and the motion sensor integrated into the same sensor device. Althoughsensor 335 is depicted as connecting directly to monitoring system 105-a, in some embodiments,sensor 335 may be connected to monitoring system 105-a vianetwork 130. Additionally, or alternatively,sensor 335 may be integrated into a home appliance or fixture such as a light bulb fixture.Sensor 335 may include an accelerometer to enablesensor 335 to detect a movement.Sensor 335 may include a wireless communication device, enablingsensor 335 to send and receive data and/or information to and from one or more devices inenvironment 300. Additionally, or alternatively,sensor 335 may include a GPS sensor to enablesensor 335 to track a location ofsensor 335.Sensor 335 may include a proximity sensor to enablesensor 335 to detect proximity of a user relative to a predetermined distance from a dwelling (e.g., geo-fencing).Sensor 335 may include one or more security detection sensors such as, for example, a glass break sensor, a motion detection sensor, or both. Additionally, or alternatively,sensor 335 may include a smoke detection sensor, a carbon monoxide sensor, or both. In at least some examples,sensor 335 may detect presence of a user within a dwelling being monitored by monitoring system 105-a, performing certain functions (e.g., opening a door or window), or speaking a voice command. Feedback fromsensor 335 may function as at least one authentication factor used byauthentication module 110. - In some embodiments, a user may access the functions of monitoring system 105-a (e.g., automation controller 315) from
mobile computing device 325. For example, in some embodiments,mobile computing device 325 includes a mobile application that interfaces with one or more functions of monitoring system 105-a. Electronic devices 115-a may be one example ofmobile computing device 325. Examples ofautomation controller 315 may include a dedicated home automation computing device (e.g., wall-mounted controller), a personal computing device (e.g., laptop, desktop, etc.), a mobile computing device (e.g., tablet computing device, smart phone, etc.), and the like. -
FIG. 4 is a block diagram 400 illustrating one example of an authentication module 110-a. Authentication module 110-a may be one example ofauthentication module 110 depicted inFIGS. 1, 2 , and/or 3. As depicted, authentication module 110-a may include adetector module 405 andauthentication confirmation module 410, and acommand execution module 415. Authentication module 110-a may include more or fewer modules and capabilities in other embodiments. Similarly, authentication module 110-a may include additional modules and functionality than that which is described with reference to block diagram 400. -
Detector module 405 may operate to detect some interaction between a user and monitoring system 105 (seeFIGS. 1-3 ). The user interaction may include, for example, a request to initiate some function ofmonitoring system 105. In another example, the interaction may detect the presence of the user generally at a premises being monitored by monitoringsystem 105, or specific activities of the user on the premises. The detected interaction may be used to determine what level of authentication is used in order to carry out certain functions ofmonitoring system 105 either by the user or some other person. -
Authentication confirmation module 410 may provide communication to and fromconfirmation module 120 of electronic device 115 (seeFIGS. 1-3 ).Authentication confirmation module 410 may initiate a request for user confirmation at at least oneelectronic device 115.Authentication confirmation module 410 may send a message or provide instructions and/or input for sending or generating a message that is delivered to the user in possession ofelectronic device 115.Confirmation module 120 may operate to receive communications fromauthentication confirmation module 410 and provide the type of interface with the user in possession ofelectronic device 115 required in order to obtain the level of authentication needed to permit the initiated action atmonitoring system 105.Authentication confirmation module 410 may receive a responsive authentication communication fromconfirmation module 120 required for authentication module 110-a to permit or not permit the proposed initiated action of monitoring system 105-a. -
Command execution module 415 may determine whether the responsive communication fromconfirmation module 120 meets the requirements to authenticate users and/or actions related to the proposed initiated action of monitoring system 105-a.Command execution module 415 may send messages, generate signals, modify functionality ofmonitoring system 105, or perform other functions associated with the proposed initiated action ofmonitoring system 105. -
FIG. 5 is a block diagram 500 illustrating an example of a confirmation module 120-a. Confirmation module 120-a may be one example ofconfirmation module 120 depicted inFIGS. 1, 2 , and/or 3. As depicted, confirmation module 120-a may include anotification module 505 and agenerating module 510. Confirmation module 120-a may include additional or fewer modules and capability in other embodiments. -
Notification module 505 may receive notifications and communications fromauthentication module 110 and determine which type of notification or communication is needed to receive the authentication confirmation from the user in possession of theelectronic device 115 upon which the confirmation module 120-a operates.Notification module 505 may generate a number of notifications such as, for example, a request for confirmation that the user is in possession ofelectronic device 115, ask a yes/no question related to a specific proposed initiated action ofmonitoring system 105, request a return text message, or the like. -
Generating module 510 may generate a response to be delivered toauthentication module 110.Generating module 510 may format the response in any desired way to provide the type of authentication message needed forauthentication module 110 to determine whether to permit carrying out the proposed initiated action ofmonitoring system 105. -
Notification module 505 and generatingmodule 510 may be integrated into an application that is loaded onto theelectronic device 115. The application (e.g., mobile app) may override other features and functionality ofelectronic device 115 such that the notification generated bynotification module 505 is able to interrupt and/or display over other features or functionality that may be operating concurrently onelectronic device 115. -
FIG. 6 is a flow diagram illustrating one embodiment of amethod 600 for authenticating a user of a monitoring system (e.g., automation system and/or security system). In some configurations, themethod 600 may be implemented by theauthentication module 110 ofmonitoring system 105 shown inFIGS. 1, 2, 3 , and/or 4. In other examples,method 600 may be performed generally by monitoringsystem 105 shown inFIGS. 1, 2 , and/or 3, or even more generally by theenvironments FIGS. 1-3 , respectively. In some configurations,method 600 may be implemented in conjunction withelectronic devices 115 shown inFIGS. 1, 2 , and/or 3. - At
block 605,method 600 includes receiving input (e.g., instructions) from the user to perform at least one function of the home automation and security system.Block 610 includes receiving confirmation that the user has received an authentication message at an electronic device carried by the user. Atblock 615, themethod 600 includes initiating the at least one function. Initiating the at least one function may occur after receiving confirmation that the user has received the authentication message at the electronic device carried by the user. - Other aspects of
method 600 may include providing the electronic device as a cell phone and the authentication message as a text message. The authentication message may include information about the at least one function of the home automation and security system. The electronic device may include an application that displays the authentication message to the user.Method 600 may also include receiving a registration of the electronic device in association with the user.Method 600 may include receiving a user authentication input from the user. The user authentication input may include a password or PIN code of the user. The input from the user may be received at a control panel of the home automation and security system. The input from the user may be received as a voice command. The at least one function may be one of arming or disarming the home automation and security system.Method 600 may also include receiving confirmation that the user has authorized the function using the electronic device. -
FIG. 7 is a flow diagram illustrating one embodiment of amethod 700 for authenticating a user of a monitoring system (e.g., an automation system and/or security system). In some configurations, themethod 700 may be implemented by theauthentication module 110 ofmonitoring system 105 shown inFIGS. 1, 2, 3 , and/or 4. In other examples,method 700 may be performed generally by monitoringsystem 105 shown inFIGS. 1, 2 , and/or 3, or even more generally by theenvironments FIGS. 1-3 , respectively. In some configurations,method 700 may be implemented in conjunction withelectronic devices 115 shown inFIGS. 1, 2 , and/or 3. - At
block 705, themethod 700 includes receiving a first user authentication input from the user.Block 710 includes receiving confirmation that the user received an authentication message on an electronic device in the user's possession as a second user authentication input. Atblock 715,method 700 includes receiving input (e.g., instructions) from the user to initiate at least one function of the home automation and security system.Block 720 includes initiating the at least one function. -
Method 700 may also include providing the first user authentication input as one of a password and a PIN code.Method 700 may include receiving confirmation that the user has authorized the function using the electronic device. The first user authentication input may include confirmation of the user's presence at a property monitored by the home automation and security system.Method 700 may include sending the authentication message to the electronic device. -
FIG. 8 is a flow diagram illustrating one example of amethod 800 for authentication of a user of a monitoring system (e.g., an automation system and/or a security system). In some configurations, themethod 800 may be implemented by theauthentication module 110 ofmonitoring system 105 shown inFIGS. 1, 2, 3 , and/or 4. In other examples,method 800 may be performed generally by monitoringsystem 105 shown inFIGS. 1, 2 , and/or 3, or even more generally by theenvironments FIGS. 1-3 , respectively. In some configurations,method 800 may be implemented in conjunction withelectronic device 115 shown inFIGS. 1, 2 , and/or 3. - At
block 805, themethod 800 includes determining a location of a user based on use of a home automation and security system.Block 810 includes authenticating the user by receiving confirmation that the user possesses a handheld electronic device. Atblock 815,method 800 includes initiating at least one function of the home automation and security system after authenticating the user. -
Method 800 may also include sending a message to the handheld electronic device, wherein authenticating the user includes receiving an input entered on the handheld electronic device by the user in response to the message. - Authenticating the user may include receiving an input entered on the handheld electronic device by the user that authorizes the at least one function. Determining a location of a user may include receiving at least one of a user command and a user authentication input.
-
FIG. 9 depicts a block diagram of acontroller 900 suitable for implementing the present systems and methods. Thecontroller 900 may be an example of themobile computing device 325, and/orautomation controller 315 illustrated inFIG. 3 . In one configuration,controller 900 includes abus 905 which interconnects major subsystems ofcontroller 900, such as acentral processor 910, a system memory 915 (typically RAM, but which may also include ROM, flash RAM, or the like), an input/output controller 920, an external audio device, such as aspeaker system 925 via anaudio output interface 930, an external device, such as adisplay screen 935 viadisplay adapter 940, an input device 945 (e.g., remote control device interfaced with an input controller 950), multiple USB devices 965 (interfaced with a USB controller 970), and astorage interface 980. Also included are at least onesensor 955 connected tobus 905 through asensor controller 960 and a network interface 985 (coupled directly to bus 905). -
Bus 905 allows data communication betweencentral processor 910 andsystem memory 915, which may include read-only memory (ROM) or flash memory (neither shown), and random access memory (RAM) (not shown), as previously noted. The RAM is generally the main memory into which the operating system and application programs are loaded. The ROM or flash memory can contain, among other code, the Basic Input-Output system (BIOS) which controls basic hardware operation such as the interaction with peripheral components or devices. For example, an authentication module 110-b to implement the present systems and methods may be stored within thesystem memory 915. The authentication module 110-b may be an example of theauthentication module 110 illustrated inFIGS. 1, 2, 3 , and/or 4. Applications (e.g., application 330) resident withcontroller 900 are generally stored on and accessed via a non-transitory computer readable medium, such as a hard disk drive (e.g., fixed disk 975) or other storage medium. Additionally, applications can be in the form of electronic signals modulated in accordance with the application and data communication technology when accessed viainterface 985. -
Storage interface 980, as with the other storage interfaces ofcontroller 900, can connect to a standard computer readable medium for storage and/or retrieval of information, such as afixed disk drive 975.Fixed disk drive 975 may be a part ofcontroller 900 or may be separate and accessed through other interface systems.Network interface 985 may provide a direct connection to a remote server via a direct network link to the Internet via a POP (point of presence).Network interface 985 may provide such connection using wireless techniques, including digital cellular telephone connection, Cellular Digital Packet Data (CDPD) connection, digital satellite data connection, or the like. In some embodiments, one or more sensors (e.g., motion sensor, smoke sensor, glass break sensor, door sensor, window sensor, carbon monoxide sensor, and the like) connect tocontroller 900 wirelessly vianetwork interface 985. - Many other devices or subsystems (not shown) may be connected in a similar manner (e.g., entertainment system, computing device, remote cameras, wireless key fob, wall mounted user interface device, cell radio module, battery, alarm siren, door lock, lighting system, thermostat, home appliance monitor, utility equipment monitor, and so on). Conversely, all of the devices shown in
FIG. 9 need not be present to practice the present systems and methods. The devices and subsystems can be interconnected in different ways from that shown inFIG. 9 . The aspect of some operations of a system such as that shown inFIG. 9 are readily known in the art and are not discussed in detail in this application. Code to implement the present disclosure can be stored in a non-transitory computer-readable medium such as one or more ofsystem memory 915 or fixeddisk 975. The operating system provided oncontroller 900 may be iOS®, ANDROID®, MS-DOS®, MS-WINDOWS®, OS/2®, UNIX®, LINUX®, or another known operating system. - Moreover, regarding the signals described herein, those skilled in the art will recognize that a signal can be directly transmitted from a first block to a second block, or a signal can be modified (e.g., amplified, attenuated, delayed, latched, buffered, inverted, filtered, or otherwise modified) between the blocks. Although the signals of the above described embodiment are characterized as transmitted from one block to the next, other embodiments of the present systems and methods may include modified signals in place of such directly transmitted signals as long as the informational and/or functional aspect of the signal is transmitted between blocks. To some extent, a signal input at a second block can be conceptualized as a second signal derived from a first signal output from a first block due to physical limitations of the circuitry involved (e.g., there will inevitably be some attenuation and delay). Therefore, as used herein, a second signal derived from a first signal includes the first signal or any modifications to the first signal, whether due to circuit limitations or due to passage through other circuit elements which do not change the informational and/or final functional aspect of the first signal.
-
FIG. 10 is a block diagram 1000 of an electronic device 115-c. Electronic device 115-c may be one example of theelectronic device 115 ofFIGS. 1, 2 and/or 3 . The electronic device 115-c may have any of various configurations, such as personal computers (e.g., laptop computers, netbook computers, tablet computers, etc.), cellular telephones, PDAs, digital video recorders (DVRs), internet appliances, gaming consoles, e-readers, etc. The electronic device 115-c may have an internal power supply (not shown), such as a small battery, to facilitate mobile operation. - The electronic device 115-c includes
antennas 1005, atransceiver module 1010,memory 1015, and aprocessor module 1025, which each may be in communication, directly or indirectly, with each other (e.g., via one or more buses). Thetransceiver module 1010 is configured to communicate bi-directionally, via theantennas 1005 and/or one or more wired or wireless links, with one or more networks, as described above. For example, thetransceiver module 1010 may be configured to communicate bi-directionally withauthentication module 110 ofFIGS. 1, 2 , and/or 3. Thetransceiver module 1010 may include a modem configured to modulate the packets and provide the modulated packets to theantennas 1005 for transmission, and to demodulate packets received from theantennas 1005. While the electronic device 115-c may include a single antenna, the electronic device 115-c will typically includemultiple antennas 1005 for multiple links. - The
memory 1015 may include random access memory (RAM) and read-only memory (ROM). Thememory 1015 may store computer-readable, computer-executable software code 1020 containing instructions that are configured to, when executed, cause theprocessor module 1025 to perform various functions described herein (e.g., call processing, database management, message routing, etc.). Alternatively, thesoftware code 1020 may not be directly executable by theprocessor module 1025 but be configured to cause the computer (e.g., when compiled and executed) to perform functions described herein. - The
processor module 1025 may include an intelligent hardware device, e.g., a central processing unit (CPU), a microcontroller, an application specific integrated circuit (ASIC), etc. Theprocessor module 1025 may include a speech encoder (not shown) configured to receive audio via a microphone, convert the audio into packets (e.g., 30 ms in length) representative of the received audio, provide the audio packets to thetransceiver module 1010, and provide indications of whether a user is speaking. Alternatively, an encoder may only provide packets to thetransceiver module 1010, with the provision or withholding/suppression of the packet itself providing the indication of whether a user is speaking. - According to the architecture of
FIG. 10 , the electronic device 115-c further includes acommunications management module 1030 and astate module 1035. Thecommunications management module 1030 may manage communications with other electronic devices 115-c. By way of example, thecommunications management module 1030 may be a component of the electronic device 115-c in communication with some or all of the other components of the electronic device 115-c via a bus. Alternatively, functionality of thecommunications management module 1030 may be implemented as a component of thetransceiver module 1010, as a computer program product, and/or as one or more controller elements of theprocessor module 1025. Thestate module 1035 may reflect and control the current device state (e.g., context, authentication, base station association, other connectivity issues). - The components of the electronic device 115-c may, individually or collectively, be implemented with one or more application-specific integrated circuits (ASICs) adapted to perform some or all of the applicable functions in hardware. Alternatively, the functions may be performed by one or more other processing units (or cores), on one or more integrated circuits. In other embodiments, other types of integrated circuits may be used (e.g., Structured/Platform ASICs, Field Programmable Gate Arrays (FPGAs), and other Semi-Custom ICs), which may be programmed in any manner known in the art. The functions of each unit may also be implemented, in whole or in part, with instructions embodied in a memory, formatted to be executed by one or more general or application-specific processors. Each of the noted modules may be a means for performing one or more functions related to operation of the electronic device 115-c.
- While the foregoing disclosure sets forth various embodiments using specific block diagrams, flowcharts, and examples, each block diagram component, flowchart step, operation, and/or component described and/or illustrated herein may be implemented, individually and/or collectively, using a wide range of hardware, software, or firmware (or any combination thereof) configurations. In addition, any disclosure of components contained within other components should be considered exemplary in nature since many other architectures can be implemented to achieve the same functionality.
- The process parameters and sequence of steps described and/or illustrated herein are given by way of example only and can be varied as desired. For example, while the steps illustrated and/or described herein may be shown or discussed in a particular order, these steps do not necessarily need to be performed in the order illustrated or discussed. The various exemplary methods described and/or illustrated herein may also omit one or more of the steps described or illustrated herein or include additional steps in addition to those disclosed.
- Furthermore, while various embodiments have been described and/or illustrated herein in the context of fully functional computing systems, one or more of these exemplary embodiments may be distributed as a program product in a variety of forms, regardless of the particular type of computer-readable media used to actually carry out the distribution. The embodiments disclosed herein may also be implemented using software modules that perform certain tasks. These software modules may include script, batch, or other executable files that may be stored on a computer-readable storage medium or in a computing system. In some embodiments, these software modules may configure a computing system to perform one or more of the exemplary embodiments disclosed herein.
- The foregoing description, for purpose of explanation, has been described with reference to specific embodiments. However, the illustrative discussions above are not intended to be exhaustive or to limit the invention to the precise forms disclosed. Many modifications and variations are possible in view of the above teachings. The embodiments were chosen and described in order to best explain the principles of the present systems and methods and their practical applications, to thereby enable others skilled in the art to best utilize the present systems and methods and various embodiments with various modifications as may be suited to the particular use contemplated.
- Unless otherwise noted, the terms “a” or “an,” as used in the specification and claims, are to be construed as meaning “at least one of” In addition, for ease of use, the words “including” and “having,” as used in the specification and claims, are interchangeable with and have the same meaning as the word “comprising.” In addition, the term “based on” as used in the specification and the claims is to be construed as meaning “based at least upon.”
Claims (21)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/027,265 US20190005751A1 (en) | 2014-03-31 | 2018-07-04 | Mobile device based authentication |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/231,458 US10026245B2 (en) | 2014-03-31 | 2014-03-31 | Mobile device based authentication |
US16/027,265 US20190005751A1 (en) | 2014-03-31 | 2018-07-04 | Mobile device based authentication |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/231,458 Continuation US10026245B2 (en) | 2014-03-31 | 2014-03-31 | Mobile device based authentication |
Publications (1)
Publication Number | Publication Date |
---|---|
US20190005751A1 true US20190005751A1 (en) | 2019-01-03 |
Family
ID=54191158
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/231,458 Active 2035-05-17 US10026245B2 (en) | 2014-03-31 | 2014-03-31 | Mobile device based authentication |
US16/027,265 Abandoned US20190005751A1 (en) | 2014-03-31 | 2018-07-04 | Mobile device based authentication |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/231,458 Active 2035-05-17 US10026245B2 (en) | 2014-03-31 | 2014-03-31 | Mobile device based authentication |
Country Status (2)
Country | Link |
---|---|
US (2) | US10026245B2 (en) |
WO (1) | WO2015153230A1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11284850B2 (en) | 2020-03-13 | 2022-03-29 | Siemens Healthcare Gmbh | Reduced interaction CT scanning |
US20240007472A1 (en) * | 2022-06-30 | 2024-01-04 | Capital One Services, Llc | Authorization level unlock for matching authorization categories |
Families Citing this family (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP6004311B2 (en) * | 2012-01-31 | 2016-10-05 | パナソニックIpマネジメント株式会社 | Ultrasonic sensor |
EP3036594B1 (en) | 2013-08-21 | 2021-05-26 | Ademco Inc. | Devices and methods for interacting with an hvac controller |
US9754090B2 (en) * | 2014-05-07 | 2017-09-05 | Vivint, Inc. | Setting up a system with a mobile device |
US20160378967A1 (en) * | 2014-06-25 | 2016-12-29 | Chian Chiu Li | System and Method for Accessing Application Program |
US9472079B2 (en) * | 2014-10-12 | 2016-10-18 | The Boeing Company | Method and system to enable selective smoke detection sensitivity |
US9916431B2 (en) * | 2015-01-15 | 2018-03-13 | Qualcomm Incorporated | Context-based access verification |
CN105991600B (en) | 2015-02-25 | 2019-06-21 | 阿里巴巴集团控股有限公司 | Identity identifying method, device, server and terminal |
US10244390B2 (en) | 2015-10-16 | 2019-03-26 | Vivint, Inc. | Secure key fob |
US10026299B2 (en) | 2015-10-16 | 2018-07-17 | Vivint, Inc. | Mobile supported disarming |
US20170169506A1 (en) * | 2015-12-11 | 2017-06-15 | Capital One Services, Llc | Systems and methods for voice-controlled account servicing |
US10642233B2 (en) * | 2016-01-04 | 2020-05-05 | Ademco Inc. | Device enrollment in a building automation system aided by audio input |
WO2017146894A1 (en) * | 2016-02-22 | 2017-08-31 | Vivint, Inc. | Mobile supported disarming |
EP3545374A4 (en) * | 2016-11-23 | 2019-12-18 | Alarm.com Incorporated | Detection of authorized user presence and handling of unauthenticated monitoring system commands |
US10524046B2 (en) | 2017-12-06 | 2019-12-31 | Ademco Inc. | Systems and methods for automatic speech recognition |
US10909240B2 (en) * | 2017-12-18 | 2021-02-02 | Johnson Controls Technology Company | Building management system with malicious user detection and prevention |
CN108447485A (en) * | 2018-02-05 | 2018-08-24 | 上海闻泰电子科技有限公司 | The acoustic-controlled method of portable electronic device and portable electronic device |
US10325596B1 (en) * | 2018-05-25 | 2019-06-18 | Bao Tran | Voice control of appliances |
US20210377240A1 (en) * | 2020-06-02 | 2021-12-02 | FLEX Integration LLC | System and methods for tokenized hierarchical secured asset distribution |
US11232704B1 (en) * | 2020-12-30 | 2022-01-25 | Donesha Baldwin Gardner | Smoking detection device with tamper countermeasures |
CN114973471A (en) * | 2021-05-12 | 2022-08-30 | 中移互联网有限公司 | Access control authentication method and device, electronic equipment and storage medium |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120280783A1 (en) * | 2011-05-02 | 2012-11-08 | Apigy Inc. | Systems and methods for controlling a locking mechanism using a portable electronic device |
US20140266669A1 (en) * | 2013-03-14 | 2014-09-18 | Nest Labs, Inc. | Devices, methods, and associated information processing for security in a smart-sensored home |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100667333B1 (en) | 2004-12-16 | 2007-01-12 | 삼성전자주식회사 | System and method for authentication of a device and a user in the home network |
US8666033B2 (en) * | 2007-01-26 | 2014-03-04 | Michael H. Script | Provision of private information to voice telephone call parties |
CA2591808A1 (en) * | 2007-07-11 | 2009-01-11 | Hsien-Hsiang Chiu | Intelligent object tracking and gestures sensing input device |
US8011597B2 (en) * | 2007-09-20 | 2011-09-06 | Honda Motor Co., Ltd. | Auto A/C solar compensation control |
US20090273438A1 (en) * | 2008-05-01 | 2009-11-05 | Delphi Technologies, Inc. | Remote monitoring, interrogation and control apparatus for stationary and mobile systems |
US8756664B2 (en) | 2008-08-08 | 2014-06-17 | International Business Machines Corporation | Management of user authentication |
KR101123045B1 (en) | 2010-11-15 | 2012-03-16 | 주식회사 유비즈밸리 | 2 channel user certification method by using user location information |
US9191217B2 (en) * | 2011-04-28 | 2015-11-17 | Boku, Inc. | Systems and methods to process donations |
US20130200991A1 (en) * | 2011-11-16 | 2013-08-08 | Flextronics Ap, Llc | On board vehicle media controller |
KR20130085509A (en) | 2011-12-14 | 2013-07-30 | 삼성전자주식회사 | Apparatus and method for athentication for using application |
-
2014
- 2014-03-31 US US14/231,458 patent/US10026245B2/en active Active
-
2015
- 2015-03-25 WO PCT/US2015/022560 patent/WO2015153230A1/en active Application Filing
-
2018
- 2018-07-04 US US16/027,265 patent/US20190005751A1/en not_active Abandoned
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120280783A1 (en) * | 2011-05-02 | 2012-11-08 | Apigy Inc. | Systems and methods for controlling a locking mechanism using a portable electronic device |
US20140266669A1 (en) * | 2013-03-14 | 2014-09-18 | Nest Labs, Inc. | Devices, methods, and associated information processing for security in a smart-sensored home |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11284850B2 (en) | 2020-03-13 | 2022-03-29 | Siemens Healthcare Gmbh | Reduced interaction CT scanning |
US20240007472A1 (en) * | 2022-06-30 | 2024-01-04 | Capital One Services, Llc | Authorization level unlock for matching authorization categories |
Also Published As
Publication number | Publication date |
---|---|
US20150279134A1 (en) | 2015-10-01 |
WO2015153230A1 (en) | 2015-10-08 |
US10026245B2 (en) | 2018-07-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20190005751A1 (en) | Mobile device based authentication | |
US10362441B1 (en) | Communications based on geo location information | |
US10554432B2 (en) | Home automation via voice control | |
US10432419B1 (en) | Voice control using multi-media rooms | |
US20200168073A1 (en) | Systems and Methods for Provisioning Appliance Devices | |
US20190317462A1 (en) | Managing barrier and occupancy based home automation system | |
US10157271B1 (en) | Setting up a system with a mobile device | |
US10455271B1 (en) | Voice control component installation | |
US11310361B1 (en) | Redundancy for back-end failure | |
US10171261B2 (en) | Remote talk down to panel, camera and speaker | |
US20150356859A1 (en) | Two-way call back for home automation system | |
US11153387B2 (en) | Decentralized network protected IoT query resolution | |
CN112352408A (en) | Intruder detection method and device | |
US10726689B1 (en) | Systems and methods for leveraging internet-of-things devices in security systems | |
US20230224355A1 (en) | Providing network access via communal device | |
US10979372B1 (en) | User management methods and systems | |
US20240267252A1 (en) | Method and apparatus for authorizing changes to a local network control device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: VIVINT, INC., UTAH Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:WARREN, JEREMY B.;REEL/FRAME:046263/0889 Effective date: 20140324 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
AS | Assignment |
Owner name: WILMINGTON TRUST, NATIONAL ASSOCIATION, DELAWARE Free format text: SECURITY AGREEMENT;ASSIGNOR:VIVINT, INC.;REEL/FRAME:049283/0566 Effective date: 20190510 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
AS | Assignment |
Owner name: BANK OF AMERICA, N.A., NORTH CAROLINA Free format text: SUPPLEMENTAL SECURITY AGREEMENT;ASSIGNOR:VIVINT, INC.;REEL/FRAME:051934/0839 Effective date: 20200214 Owner name: BANK OF AMERICA, N.A., NORTH CAROLINA Free format text: SUPPL. NO. 3 TO SECURITY AGREEMENT;ASSIGNOR:VIVINT, INC.;REEL/FRAME:051935/0273 Effective date: 20200214 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE AFTER FINAL ACTION FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
AS | Assignment |
Owner name: VIVINT, INC., UTAH Free format text: RELEASE BY SECURED PARTY;ASSIGNOR:BANK OF AMERICA, N.A.;REEL/FRAME:056823/0020 Effective date: 20210709 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |