US20210286870A1 - Step-Up Authentication - Google Patents
Step-Up Authentication Download PDFInfo
- Publication number
- US20210286870A1 US20210286870A1 US17/337,485 US202117337485A US2021286870A1 US 20210286870 A1 US20210286870 A1 US 20210286870A1 US 202117337485 A US202117337485 A US 202117337485A US 2021286870 A1 US2021286870 A1 US 2021286870A1
- Authority
- US
- United States
- Prior art keywords
- user
- task
- threshold
- authentication
- confidence score
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/40—User authentication by quorum, i.e. whereby two or more security principals are required
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2105—Dual mode as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2117—User registration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/082—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/107—Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/67—Risk-dependent, e.g. selecting a security level depending on risk profiles
Definitions
- Identification and/or authentication of a user is an essential step in accessing many secure services or devices, such as banking, stored personal details or other restricted data. This identification and/or authentication is usually achieved by the use of passwords or personal identification numbers (PINs), which are usually assumed to be known only by the authorised user or users of a service or device.
- PINs personal identification numbers
- a method for identifying and/or authenticating a user on a device comprising: requesting identification or authentication of the user for a first task; determining a first threshold in dependence on the first task; selecting a first authentication process from a plurality of authentication processes; determining a confidence score in dependence on a performance of the selected first authentication process, wherein the confidence score indicates a level of confidence in the user's identity; determining whether the confidence score is above or below the first threshold; and if the confidence score is below the first threshold, selecting a second authentication process from the plurality of authentication processes, otherwise identifying or authenticating the user for the first task.
- the first and/or second authentication process may be selected in dependence on the first task.
- the method may further comprise updating the confidence score in dependence on a performance of the selected second authentication process.
- the method may further comprise: requesting identification or authentication of the user for a second task; and determining a second threshold for the second task, wherein the second threshold is different to the first threshold.
- the method may further comprise: determining whether the confidence score is above or below the second threshold; and if the confidence score is below the second threshold, selecting a third authentication process from the plurality of authentication processes, otherwise identifying or authenticating the user for the second task.
- the first and/or second authentication process may be performed automatically by the device and/or a remote computing device.
- the plurality of authentication processes may comprise one or more biometric identification or authentication processes.
- FIG. 2 shows a flow chart that illustrates one example of identifying or authenticating a user for a task.
- identification typically involves the collection of data and a determination of who a user is from a database or other predetermined population of users
- authentication typically involves the use of data to confirm a user is who they present themselves to be (i.e. to verify a user's identity).
- FIG. 1 illustrates an example of a device 10 which could be used to identify and/or authenticate a user for particular tasks. Identification and/or authentication of a user may be required in order to, for example: access the device 10 (e.g. unlocking the device); access local functions on the device 10 (e.g. accessing files or programs stored at the device 10 ); access remote functions via device 10 (e.g. accessing online banking facilities or databases at a remote server via a communications connection on the device 10 ), etc.
- Device 10 may be, for example, a smart device such as a smartphone or smartwatch, an ATM or other type of banking terminal, a payment terminal (such as a credit card machine) or any other suitable computing device.
- the device 10 may comprise a camera 11 , a display 12 , a processor 13 , a non-volatile memory or ROM 14 , working memory or RAM 15 , one or more sensors 16 , a user input device 17 such a keypad or mouse and a communications interface 18 (which may a wired or wireless transceiver).
- the display 12 may be a touchscreen, so it provides user input to the processor 13 in addition or alternatively to a separate user input device 17 .
- the device may comprise a storage medium 19 such as flash memory.
- the ROM 14 may store program code that is executable by the processor 13 .
- the program code may be stored in a non-transient form.
- the program code is executable by the processor 13 to perform some or all of the processes and functions described herein.
- Some of the processes and functions described herein may be performed at a computing device or system that is remote to device 10 , such as one or more servers or cloud computing devices.
- the distribution of the processing burden may at least partly depend on the computational capabilities of the device 10 and remote computing device, and on the communication capabilities between the device 10 and remote computing device and/or the availability of communications networks between the devices.
- device 10 collects information and sends that information to the remote computing device, where the majority of the processing is performed.
- the processes and functions described herein could be performed wholly or partly at either device.
- the sensors 16 may be one or more sensors that are capable of gathering information about the user. For example, a GPS may be used to determine the location of the device and thus the user of the device. A motion sensor(s) (such as a gyroscope, accelerometer, pedometer, etc) may be used to derive biometric information about the user of the device (e.g. by using the sensors to determine typical movements and motions made by the user). The sensors 16 could be biometric sensors such as a fingerprint sensor, iris scanner, etc. Other ways of determining information about the user via other means are possible, for example, facial recognition via camera 11 and voice recognition via a microphone (not shown). The information gathered about the user may be used for certain authentication processes, as described below.
- a GPS may be used to determine the location of the device and thus the user of the device.
- a motion sensor(s) such as a gyroscope, accelerometer, pedometer, etc
- biometric information about the user of the device e.g. by using the sensors to determine typical movements
- processor 13 may receive information from the user or information gathered about the user via the user input devices, the camera, sensors and/or the communications interface. That information may be processed to identify and/or authenticate the user, as described below. As mentioned above, some or all of the processing of this information may be performed at a remote computing device.
- One way of providing increased security is to use multiple identification and/or authentication methods/processes and require that the user to pass all of the methods/processes before granting access. For example, a user may be required to position themselves in front camera for facial recognition as well as providing a passcode via a keypad. Although requiring a user to perform both of these methods increases security compared to performing just one of the methods, it also increases the time and effort required by the user to identify/authenticate themselves. Disclosed herein is an identification/authentication method that provides the improved security achieved from using multiple, different authentication processes but also allows the user to be identified/authenticated in a user-friendly manner.
- a user may wish to be granted access for a particular task (e.g. accessing a smartphone, viewing bank account details, making a payment, etc).
- Each task may have different security requirements based on their significance or value. For example, it could be considered that accessing emails on a smartphone is more significant or valuable than taking a picture with that smartphone and so accessing emails may be considered to be a task requiring higher security than taking a picture.
- initiating a bank transfer may be considered to be more significant or valuable than viewing a bank statement and so initiating a bank transfer may be considered to be a task requiring higher security than viewing a bank statement.
- each task may be associated with certain level of security that is required to be met in order to allow a user to perform that task and each task may have a different level of security to other tasks.
- the present system may be configured such that in order for a user to be permitted to undertake an operation of greater significance or value that user must be identified or authenticated to a greater degree of confidence than in order for a user to be permitted to undertake an operation of lesser significance or value.
- one or more processes for identifying and/or authenticating a user may be performed in order to determine if a user has met the security requirements for a particular task.
- These authentication processes could require the user to perform some sort of action and could be authentication processes such as entering a password/passcode, placing a finger on a fingerprint sensor, etc.
- the authentication processes could also be passive processes that could help identify or authenticate a user without requiring the user to perform a specific action or an action whose function is solely for identification or authentication purposes. For example, a passive authentication process could be determining a user location via GPS, monitoring user movement characteristics via an accelerometer, determining characteristics of a user's typing behaviour, etc.
- the results of each authentication process may be checked against known data about an authorised user to determine a likelihood that the user being authenticated is the authorised user.
- the determined likelihood from each process may be used to determine a confidence score that indicates how likely the user is an authorised user.
- the confidence score may be generated based on the results from the authentication processes individually or a collective score from the results from multiple authentication processes.
- FIG. 2 shows a flow diagram for identifying or authenticating a user for a task. That task may be, for example, unlocking a smartphone, accessing a bank account, accessing an email account, etc.
- the task may be associated with a level of security, as described above.
- an acceptance threshold for the task is determined.
- the acceptance threshold may be determined in dependence on the nature of the task.
- the acceptance threshold may be derived from the significance or level of security required for the task. For example, accessing a bank account may require a higher level of security than accessing an email account and so the acceptance threshold for accessing the bank account will be higher than the acceptance threshold for accessing the email account.
- the acceptance threshold may be a minimum confidence score that is required to be met in order to identify/authenticate the user for the particular task.
- the acceptance threshold for each task may be predetermined by the entity requesting the authentication (e.g. by a bank requesting authentication of a user attempting to access a bank account).
- the initial authentication process is performed.
- a passive authentication process the process is performed automatically without requesting or requiring an input from the user.
- a processor at the smartphone may access a GPS sensor to determine the user's location.
- the initial authentication process may require a user to perform an action for the process.
- a user may be prompted to enter their bank account number.
- an initial confidence score is determined based on the performance of the initial authentication process.
- the confidence score determined may indicate the likelihood of the user being an authorised user based on the performance of the authentication process.
- Data generated about the performance of the authentication process may be compared to known data/attributes about an authorised user and the confidence score may be determined based on how closely the generated data correlates with the known data/attributes. The comparison may be performed by the user device 10 or at a remote computing device.
- the GPS data may indicate that the user of the smartphone is at the home address of the authorised user and so it is likely that the smartphone user is an authorised user.
- step 205 it is determined if the confidence score is greater than or equal to the acceptance threshold. If so, then the process moves on to step 206 , where the user is authorised and accepted for the task. If not, then the process moves on to step 207 .
- a lower rejection threshold may be provided.
- a user may be rejected from being identified/authorised for a task if the confidence score is below the rejection threshold.
- the rejection threshold may be adjustable and dependent on which authentication process is used. For example, a negative result from a facial recognition process is more reliable than a negative result from a behavioural biometric associated with the way a device is held (e.g. because an injured arm may cause a false-negative result).
- the rejection threshold for the facial recognition authentication process may be higher than the rejection threshold for the behavioural biometric associated with the way a device is held.
- the rejection threshold may be based on a measure of the cumulative reliability of multiple authentication processes. Alternatively, the rejection threshold may be a fixed, predetermined threshold.
- the confidence score and rejection threshold used at this step may a confidence score and rejection threshold determined from a single authentication process.
- the confidence score may be a cumulative confidence score determined from the performance of multiple authentication processes and compared with a predetermined rejection threshold or a threshold based on the multiple authentication processes used.
- the confidence score has not yet met the acceptance threshold and so another authentication process is selected.
- the next authentication process may be selected from a set of authentication process available to the device performing the identification/authentication.
- the set of authentication processes may depend on the type of device and it capabilities. For example, a smartphone may have a camera, microphone, motion sensors and so numerous types of authentication process can be carried out at the smartphone.
- An ATM machine may only be equipped with a keypad and touchscreen and so only a limited number of authentication process are available to the ATM machine.
- the next authentication process may be selected based on a difference between the confidence score and the acceptance threshold. For example, if there is a large difference between the confidence score and the acceptance threshold, a more secure and reliable authentication process may be selected. If there is a small difference between the confidence score and the acceptance threshold, then a less secure and less reliable authentication process may be selected but may provide a confidence score sufficient to meet the threshold. E.g., in the first example above, there may be a large difference in the confidence score and the acceptance threshold (e.g. because the smartphone was in an unfamiliar location for the location test) and so a secure and reliable authentication process may be selected such as a fingerprint scan.
- an authentication process that may be considered to be less secure and reliable may be selected, such as a behavioural biometric associated with the way the user is holding the smartphone (e.g. in a portrait or landscape orientation). This authentication process is convenient for the user as it does not require any additional action from the user and can be determined automatically from accelerometer information indicating the smartphone's orientation.
- the selected authentication process is performed.
- performance of the process may require a user input or the authentication process may be performed by a processor and without user input, as described above.
- a confidence score is determined based on the performance of the selected authentication process.
- the confidence score for the selected authentication process may be determined as described above.
- the process then returns to step 205 , where the new confidence score is tested against the threshold.
- the new confidence score tested at step 205 may be the last determined confidence score based on a single authentication process being performed or a combined score of some or all of the confidence scores that that been determined (e.g. from step 204 and from the loops around steps 205 - 211 ). If the confidence score is now above the acceptance threshold, the process moves on to step 206 . If the confidence score remains below the acceptance threshold, then the process continues again from step 207 .
- a confidence score may be maintained in memory and updated each time the process loops from step 211 to step 205 .
- Each update may increase or decrease the maintained confidence score depending on the result of the authentication process. For example, a positive result may increase the confidence score and a negative result may decrease the score. The amount of increase or decrease may be dependent on the likelihood that the user is an authorised user from each authentication process performed.
- the process can loop between steps 205 and 211 until all of the available authentication process have been exhausted. If, after all of the available authentication process have been used and the confidence score is still below the acceptance threshold (and above the rejection threshold) then the user may be rejected. This is indicated in FIG. 2 by the dashed arrow from step 209 to step 208 .
- the confidence score determined by the end of the process of FIG. 2 for a particular task may be maintained and used for the identification or authentication of the user for a subsequent task. For example, if a user was accepted for a first task (at step 206 ), the confidence score used to accept the user for that first task may be stored so that it can be used for a subsequent second task. For the subsequent second task, an acceptance threshold for that task is determined, similarly to step 201 . Subsequently, steps 202 and 203 may be skipped as a confidence score has already been determined from authenticating the user for the first task. At step 204 , the initial confidence score for the second task is determined to be the confidence score from the first task. This confidence score is then compared with the threshold for the second task at step 205 .
- the process for the second task then continues from step 205 until the user is either accepted or rejected for that task.
- the maintained confidence score may be updated in dependence on behavioural biometrics sensed about the user. For example, after the user is authenticated for the first task on a smartphone, the user's activity with the smartphone may be monitored and compared with previous known activity of an authorised user to update the confidence score. The updated confidence score may then be compared against the thresholds determined for the second task.
- the method for selecting the second process may take account of the degree of independence between the two processes.
- the second process may be selected as being one with a relatively high independence of the first process. For example, if in a first process the user has been identified based on their location, a second process that is dependent on the wireless networks currently available to the device might be considered to have a low level of independence. This allows the second process to provide a greater degree of additional confidence than would otherwise be the case.
- Examples of a computer-readable storage medium include a random-access memory (RAM), read-only memory (ROM), an optical disc, flash memory, hard disk memory, and other memory devices that may use magnetic, optical, and other techniques to store instructions or other data and that can be accessed by a machine.
- RAM random-access memory
- ROM read-only memory
- optical disc flash memory
- hard disk memory and other memory devices that may use magnetic, optical, and other techniques to store instructions or other data and that can be accessed by a machine.
- a processor, computer, or computer system may be any kind of device, machine or dedicated circuit, or collection or portion thereof, with processing capability such that it can execute instructions.
- a processor may be any kind of general purpose or dedicated processor, such as a CPU, GPU, System-on-chip, state machine, media processor, an application-specific integrated circuit (ASIC), a programmable logic array, a field-programmable gate array (FPGA), or the like.
- a computer or computer system may comprise one or more processors.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Collating Specific Patterns (AREA)
- Telephone Function (AREA)
Abstract
Description
- This invention relates to identifying or authenticating a user.
- Identification and/or authentication of a user is an essential step in accessing many secure services or devices, such as banking, stored personal details or other restricted data. This identification and/or authentication is usually achieved by the use of passwords or personal identification numbers (PINs), which are usually assumed to be known only by the authorised user or users of a service or device.
- However, knowledge of a user's password or PIN is enough for an unauthorised third party to gain access to the service or device. Thus, improved security measures have been introduced to reduce the risk of passwords and PINs from being used by unauthorised third parties. Such measures include using biometric information about the user, for example, scanning a user's fingerprint or using a camera to perform facial recognition. These improved measures have made it more difficult for unauthorised third parties to gain access but they can still be circumvented and may not always be available to the user. For example, a fingerprint scanner on a smartphone may not be functioning correctly and so a user may be required to use another less secure measure such as entering a PIN. There is, therefore, a need to ensure that a user can be securely identified/authenticated whilst also considering the user experience during identification/authentication so that the procedure is not overly onerous.
- According to a first aspect there is provided a method for identifying and/or authenticating a user on a device, the method comprising: requesting identification or authentication of the user for a first task; determining a first threshold in dependence on the first task; selecting a first authentication process from a plurality of authentication processes; determining a confidence score in dependence on a performance of the selected first authentication process, wherein the confidence score indicates a level of confidence in the user's identity; determining whether the confidence score is above or below the first threshold; and if the confidence score is below the first threshold, selecting a second authentication process from the plurality of authentication processes, otherwise identifying or authenticating the user for the first task.
- The second authentication process may be selected in dependence on a difference between the confidence score and the first threshold.
- The first and/or second authentication process may be selected in dependence on the first task.
- The method may further comprise updating the confidence score in dependence on a performance of the selected second authentication process.
- The method may further comprise: requesting identification or authentication of the user for a second task; and determining a second threshold for the second task, wherein the second threshold is different to the first threshold.
- The method may further comprise: determining whether the confidence score is above or below the second threshold; and if the confidence score is below the second threshold, selecting a third authentication process from the plurality of authentication processes, otherwise identifying or authenticating the user for the second task.
- The first and/or second authentication process may be performed automatically by the device and/or a remote computing device.
- The first threshold may be determined in dependence on the significance of the first task.
- The plurality of authentication processes may comprise one or more biometric identification or authentication processes.
- The method may further comprise: determining a lower threshold, wherein authentication of the user is rejected if the confidence score is determined to be below the lower threshold.
- A system may be provided that is configured to perform the above method.
- There may be provided computer program code for performing a method as claimed in any preceding claim. There may be provided non-transitory computer readable storage medium having stored thereon computer readable instructions that, when executed at a computer system, cause the computer system to perform the above method.
- The above features may be combined as appropriate, as would be apparent to a skilled person, and may be combined with any of the aspects of the examples described herein.
- The present invention will now be described by way of example with reference to the accompanying drawings. In the drawings:
-
FIG. 1 shows an example of a device for identifying and/or authenticating a user. -
FIG. 2 shows a flow chart that illustrates one example of identifying or authenticating a user for a task. - The following description is presented to enable any person skilled in the art to make and use the invention, and is provided in the context of a particular application. Various modifications to the disclosed embodiments will be readily apparent to those skilled in the art.
- The general principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the present invention. Thus, the present invention is not intended to be limited to the embodiments shown, but is to be accorded the widest scope consistent with the principles and features disclosed herein.
- For the purposes of this disclosure, identification typically involves the collection of data and a determination of who a user is from a database or other predetermined population of users, while authentication typically involves the use of data to confirm a user is who they present themselves to be (i.e. to verify a user's identity).
-
FIG. 1 illustrates an example of adevice 10 which could be used to identify and/or authenticate a user for particular tasks. Identification and/or authentication of a user may be required in order to, for example: access the device 10 (e.g. unlocking the device); access local functions on the device 10 (e.g. accessing files or programs stored at the device 10); access remote functions via device 10 (e.g. accessing online banking facilities or databases at a remote server via a communications connection on the device 10), etc.Device 10 may be, for example, a smart device such as a smartphone or smartwatch, an ATM or other type of banking terminal, a payment terminal (such as a credit card machine) or any other suitable computing device. - The
device 10 may comprise acamera 11, adisplay 12, aprocessor 13, a non-volatile memory orROM 14, working memory orRAM 15, one ormore sensors 16, a user input device 17 such a keypad or mouse and a communications interface 18 (which may a wired or wireless transceiver). In one example thedisplay 12 may be a touchscreen, so it provides user input to theprocessor 13 in addition or alternatively to a separate user input device 17. The device may comprise astorage medium 19 such as flash memory. TheROM 14 may store program code that is executable by theprocessor 13. The program code may be stored in a non-transient form. The program code is executable by theprocessor 13 to perform some or all of the processes and functions described herein. Some of the processes and functions described herein may be performed at a computing device or system that is remote todevice 10, such as one or more servers or cloud computing devices. The distribution of the processing burden may at least partly depend on the computational capabilities of thedevice 10 and remote computing device, and on the communication capabilities between thedevice 10 and remote computing device and/or the availability of communications networks between the devices. Preferably,device 10 collects information and sends that information to the remote computing device, where the majority of the processing is performed. However, the processes and functions described herein could be performed wholly or partly at either device. - The
sensors 16 may be one or more sensors that are capable of gathering information about the user. For example, a GPS may be used to determine the location of the device and thus the user of the device. A motion sensor(s) (such as a gyroscope, accelerometer, pedometer, etc) may be used to derive biometric information about the user of the device (e.g. by using the sensors to determine typical movements and motions made by the user). Thesensors 16 could be biometric sensors such as a fingerprint sensor, iris scanner, etc. Other ways of determining information about the user via other means are possible, for example, facial recognition viacamera 11 and voice recognition via a microphone (not shown). The information gathered about the user may be used for certain authentication processes, as described below. - In operation,
processor 13 may receive information from the user or information gathered about the user via the user input devices, the camera, sensors and/or the communications interface. That information may be processed to identify and/or authenticate the user, as described below. As mentioned above, some or all of the processing of this information may be performed at a remote computing device. - One way of providing increased security is to use multiple identification and/or authentication methods/processes and require that the user to pass all of the methods/processes before granting access. For example, a user may be required to position themselves in front camera for facial recognition as well as providing a passcode via a keypad. Although requiring a user to perform both of these methods increases security compared to performing just one of the methods, it also increases the time and effort required by the user to identify/authenticate themselves. Disclosed herein is an identification/authentication method that provides the improved security achieved from using multiple, different authentication processes but also allows the user to be identified/authenticated in a user-friendly manner.
- A user may wish to be granted access for a particular task (e.g. accessing a smartphone, viewing bank account details, making a payment, etc). Each task may have different security requirements based on their significance or value. For example, it could be considered that accessing emails on a smartphone is more significant or valuable than taking a picture with that smartphone and so accessing emails may be considered to be a task requiring higher security than taking a picture. In another example, initiating a bank transfer may be considered to be more significant or valuable than viewing a bank statement and so initiating a bank transfer may be considered to be a task requiring higher security than viewing a bank statement. Thus, each task may be associated with certain level of security that is required to be met in order to allow a user to perform that task and each task may have a different level of security to other tasks. As will be discussed in more detail below, the present system may be configured such that in order for a user to be permitted to undertake an operation of greater significance or value that user must be identified or authenticated to a greater degree of confidence than in order for a user to be permitted to undertake an operation of lesser significance or value.
- In the process described below, one or more processes for identifying and/or authenticating a user (also referred to herein as “authentication processes”) may be performed in order to determine if a user has met the security requirements for a particular task. These authentication processes could require the user to perform some sort of action and could be authentication processes such as entering a password/passcode, placing a finger on a fingerprint sensor, etc. The authentication processes could also be passive processes that could help identify or authenticate a user without requiring the user to perform a specific action or an action whose function is solely for identification or authentication purposes. For example, a passive authentication process could be determining a user location via GPS, monitoring user movement characteristics via an accelerometer, determining characteristics of a user's typing behaviour, etc.
- The results of each authentication process may be checked against known data about an authorised user to determine a likelihood that the user being authenticated is the authorised user. The determined likelihood from each process may be used to determine a confidence score that indicates how likely the user is an authorised user. The confidence score may be generated based on the results from the authentication processes individually or a collective score from the results from multiple authentication processes.
-
FIG. 2 shows a flow diagram for identifying or authenticating a user for a task. That task may be, for example, unlocking a smartphone, accessing a bank account, accessing an email account, etc. The task may be associated with a level of security, as described above. - At
step 201, an acceptance threshold for the task is determined. The acceptance threshold may be determined in dependence on the nature of the task. The acceptance threshold may be derived from the significance or level of security required for the task. For example, accessing a bank account may require a higher level of security than accessing an email account and so the acceptance threshold for accessing the bank account will be higher than the acceptance threshold for accessing the email account. The acceptance threshold may be a minimum confidence score that is required to be met in order to identify/authenticate the user for the particular task. The acceptance threshold for each task may be predetermined by the entity requesting the authentication (e.g. by a bank requesting authentication of a user attempting to access a bank account). - At
step 202, an initial authentication process is determined. The initial authentication process for a particular task may be predetermined or may be selectable from a number of different authentication processes. In a first example, an initial authentication process for accessing a smartphone may be selected or predetermined to be a behavioural biometric associated with a user's activity with the smartphone, such as the user's location. In a second example, an initial authentication method for accessing a bank account may be selected or predetermined to be inputting a bank account number by a user. - At
step 203, the initial authentication process is performed. For a passive authentication process (as described above) the process is performed automatically without requesting or requiring an input from the user. E.g., in the first example above, to perform the behavioural biometric authentication process, a processor at the smartphone may access a GPS sensor to determine the user's location. The initial authentication process may require a user to perform an action for the process. E.g., in the second example above, a user may be prompted to enter their bank account number. - At
step 204, an initial confidence score is determined based on the performance of the initial authentication process. The confidence score determined may indicate the likelihood of the user being an authorised user based on the performance of the authentication process. Data generated about the performance of the authentication process may be compared to known data/attributes about an authorised user and the confidence score may be determined based on how closely the generated data correlates with the known data/attributes. The comparison may be performed by theuser device 10 or at a remote computing device. E.g., in the first example above, the GPS data may indicate that the user of the smartphone is at the home address of the authorised user and so it is likely that the smartphone user is an authorised user. Whereas, if the GPS data indicated that the smartphone user was at a location that an authorised user had never visited before, then it is less likely that the smartphone user is an authorised user. The likelihood (which may be a probability value) of the user being an authorised user may be used to determine the confidence score. In the second example, a user may enter a correct or an incorrect bank account number and a confidence score is determined based on the entry. If incorrect numbers are entered, a confidence score may be determined based on how closely the inputted numbers match the correct bank account number. For example, if only a single digit was incorrect, a higher confidence score may be determined than if multiple numbers were incorrect. - Each authentication process may be weighted according to how secure or risky it is, or the level of confidence that it can provide in the identity of a user. For example, fingerprint scanning may be considered to be more secure (and less risky) at identifying a user than entering a pin number and so the result (whether positive or negative) of the fingerprint scanning process may be provided with a greater weighting than the result of the pin number process. The confidence score may be determined in dependence on the weighting attributed to each authentication process.
- At
step 205, it is determined if the confidence score is greater than or equal to the acceptance threshold. If so, then the process moves on to step 206, where the user is authorised and accepted for the task. If not, then the process moves on to step 207. - A lower rejection threshold may be provided. A user may be rejected from being identified/authorised for a task if the confidence score is below the rejection threshold. The rejection threshold may be adjustable and dependent on which authentication process is used. For example, a negative result from a facial recognition process is more reliable than a negative result from a behavioural biometric associated with the way a device is held (e.g. because an injured arm may cause a false-negative result). Thus, the rejection threshold for the facial recognition authentication process may be higher than the rejection threshold for the behavioural biometric associated with the way a device is held. The rejection threshold may be based on a measure of the cumulative reliability of multiple authentication processes. Alternatively, the rejection threshold may be a fixed, predetermined threshold.
- At
step 207, it is determined if the confidence score is less than the rejection threshold. If the confidence score is less than the rejection threshold, then the process moves on to step 208 where the user is not authorised and rejected (and the process ends for the task). If the confidence score is greater than the rejection threshold, then the process moves on to step 209. As mentioned above, the confidence score and rejection threshold used at this step may a confidence score and rejection threshold determined from a single authentication process. Alternatively, the confidence score may be a cumulative confidence score determined from the performance of multiple authentication processes and compared with a predetermined rejection threshold or a threshold based on the multiple authentication processes used. - At
step 209, the confidence score has not yet met the acceptance threshold and so another authentication process is selected. The next authentication process may be selected from a set of authentication process available to the device performing the identification/authentication. The set of authentication processes may depend on the type of device and it capabilities. For example, a smartphone may have a camera, microphone, motion sensors and so numerous types of authentication process can be carried out at the smartphone. An ATM machine, however, may only be equipped with a keypad and touchscreen and so only a limited number of authentication process are available to the ATM machine. - If a cumulative confidence score is being used, the next authentication process may be selected based on a difference between the confidence score and the acceptance threshold. For example, if there is a large difference between the confidence score and the acceptance threshold, a more secure and reliable authentication process may be selected. If there is a small difference between the confidence score and the acceptance threshold, then a less secure and less reliable authentication process may be selected but may provide a confidence score sufficient to meet the threshold. E.g., in the first example above, there may be a large difference in the confidence score and the acceptance threshold (e.g. because the smartphone was in an unfamiliar location for the location test) and so a secure and reliable authentication process may be selected such as a fingerprint scan. Alternatively, if in the first example, there was a small difference in the confidence score, then an authentication process that may be considered to be less secure and reliable may be selected, such as a behavioural biometric associated with the way the user is holding the smartphone (e.g. in a portrait or landscape orientation). This authentication process is convenient for the user as it does not require any additional action from the user and can be determined automatically from accelerometer information indicating the smartphone's orientation.
- At
step 210, the selected authentication process is performed. Depending on the authentication process selected, performance of the process may require a user input or the authentication process may be performed by a processor and without user input, as described above. - At
step 211, a confidence score is determined based on the performance of the selected authentication process. The confidence score for the selected authentication process may be determined as described above. - The process then returns to step 205, where the new confidence score is tested against the threshold. The new confidence score tested at
step 205 may be the last determined confidence score based on a single authentication process being performed or a combined score of some or all of the confidence scores that that been determined (e.g. fromstep 204 and from the loops around steps 205-211). If the confidence score is now above the acceptance threshold, the process moves on to step 206. If the confidence score remains below the acceptance threshold, then the process continues again fromstep 207. - If a combined confidence score is accumulated from the performance of some of all of the authentication processes, then a confidence score may be maintained in memory and updated each time the process loops from
step 211 to step 205. Each update may increase or decrease the maintained confidence score depending on the result of the authentication process. For example, a positive result may increase the confidence score and a negative result may decrease the score. The amount of increase or decrease may be dependent on the likelihood that the user is an authorised user from each authentication process performed. - The process can loop between
steps FIG. 2 by the dashed arrow fromstep 209 to step 208. - The confidence score determined by the end of the process of
FIG. 2 for a particular task may be maintained and used for the identification or authentication of the user for a subsequent task. For example, if a user was accepted for a first task (at step 206), the confidence score used to accept the user for that first task may be stored so that it can be used for a subsequent second task. For the subsequent second task, an acceptance threshold for that task is determined, similarly to step 201. Subsequently, steps 202 and 203 may be skipped as a confidence score has already been determined from authenticating the user for the first task. Atstep 204, the initial confidence score for the second task is determined to be the confidence score from the first task. This confidence score is then compared with the threshold for the second task atstep 205. The process for the second task then continues fromstep 205 until the user is either accepted or rejected for that task. In the time between the first and second tasks, the maintained confidence score may be updated in dependence on behavioural biometrics sensed about the user. For example, after the user is authenticated for the first task on a smartphone, the user's activity with the smartphone may be monitored and compared with previous known activity of an authorised user to update the confidence score. The updated confidence score may then be compared against the thresholds determined for the second task. - As mentioned above, the acceptance threshold may vary depending on the task for which the user is being identified/authenticated for. Providing a variable threshold in this way allows a device to select an appropriate authentication process for each task. For example, an appropriate high-security or low-security authentication process can be selected depending on the confidence score required to meet the acceptance threshold. E.g., as mentioned above, if the difference between the confidence score and the acceptance threshold is low, a low-security authentication process may be selected instead of a high-security process, which may be more onerous than a low-security process. In some cases, the low-security authentication process selected may not require any effort by the user and the device can automatically perform the low-security process without involving the user. This can lead to an overall reduction in the amount of actions required to be performed by the user without compromising on the increased security afforded by the use of multiple authentication processes.
- If a user has been identified and/or authenticated to a first level of confidence by a first process and it is desired to select a second process for identify and/or authenticate the user to an increased level of confidence, the method for selecting the second process may take account of the degree of independence between the two processes. The second process may be selected as being one with a relatively high independence of the first process. For example, if in a first process the user has been identified based on their location, a second process that is dependent on the wireless networks currently available to the device might be considered to have a low level of independence. This allows the second process to provide a greater degree of additional confidence than would otherwise be the case.
- The device of
FIG. 1 is shown as comprising a number of functional blocks. This is schematic only and is not intended to define a strict division between different logic elements of such entities. Each functional block may be provided in any suitable manner. - Generally, any of the functions, methods, techniques or components described above can be implemented in software, firmware, hardware (e.g., fixed logic circuitry), or any combination thereof. The terms “module,” “functionality,” “component”, “element”, “unit”, “block” and “logic” may be used herein to generally represent software, firmware, hardware, or any combination thereof. In the case of a software implementation, the module, functionality, component, element, unit, block or logic represents program code that performs the specified tasks when executed on a processor. The algorithms and methods described herein could be performed by one or more processors executing code that causes the processor(s) to perform the algorithms/methods. Examples of a computer-readable storage medium include a random-access memory (RAM), read-only memory (ROM), an optical disc, flash memory, hard disk memory, and other memory devices that may use magnetic, optical, and other techniques to store instructions or other data and that can be accessed by a machine.
- A processor, computer, or computer system may be any kind of device, machine or dedicated circuit, or collection or portion thereof, with processing capability such that it can execute instructions. A processor may be any kind of general purpose or dedicated processor, such as a CPU, GPU, System-on-chip, state machine, media processor, an application-specific integrated circuit (ASIC), a programmable logic array, a field-programmable gate array (FPGA), or the like. A computer or computer system may comprise one or more processors.
- The applicant hereby discloses in isolation each individual feature described herein and any combination of two or more such features, to the extent that such features or combinations are capable of being carried out based on the present specification as a whole in the light of the common general knowledge of a person skilled in the art, irrespective of whether such features or combinations of features solve any problems disclosed herein. In view of the foregoing description it will be evident to a person skilled in the art that various modifications may be made within the scope of the invention.
Claims (21)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US17/337,485 US20210286870A1 (en) | 2016-07-08 | 2021-06-03 | Step-Up Authentication |
Applications Claiming Priority (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB1611932.3 | 2016-07-08 | ||
GB1611932.3A GB2552032B (en) | 2016-07-08 | 2016-07-08 | Step-up authentication |
PCT/GB2017/051997 WO2018007823A1 (en) | 2016-07-08 | 2017-07-06 | Step-up authentication |
US201916316165A | 2019-01-08 | 2019-01-08 | |
US17/337,485 US20210286870A1 (en) | 2016-07-08 | 2021-06-03 | Step-Up Authentication |
Related Parent Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/316,165 Continuation US11055395B2 (en) | 2016-07-08 | 2017-07-06 | Step-up authentication |
PCT/GB2017/051997 Continuation WO2018007823A1 (en) | 2016-07-08 | 2017-07-06 | Step-up authentication |
Publications (1)
Publication Number | Publication Date |
---|---|
US20210286870A1 true US20210286870A1 (en) | 2021-09-16 |
Family
ID=56890754
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/316,165 Active 2038-04-14 US11055395B2 (en) | 2016-07-08 | 2017-07-06 | Step-up authentication |
US17/337,485 Abandoned US20210286870A1 (en) | 2016-07-08 | 2021-06-03 | Step-Up Authentication |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/316,165 Active 2038-04-14 US11055395B2 (en) | 2016-07-08 | 2017-07-06 | Step-up authentication |
Country Status (4)
Country | Link |
---|---|
US (2) | US11055395B2 (en) |
EP (1) | EP3482545A1 (en) |
GB (1) | GB2552032B (en) |
WO (1) | WO2018007823A1 (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11323451B2 (en) | 2015-07-09 | 2022-05-03 | Biocatch Ltd. | System, device, and method for detection of proxy server |
US11330012B2 (en) | 2010-11-29 | 2022-05-10 | Biocatch Ltd. | System, method, and device of authenticating a user based on selfie image or selfie video |
US11425563B2 (en) | 2010-11-29 | 2022-08-23 | Biocatch Ltd. | Method, device, and system of differentiating between a cyber-attacker and a legitimate user |
US11580553B2 (en) | 2010-11-29 | 2023-02-14 | Biocatch Ltd. | Method, device, and system of detecting mule accounts and accounts used for money laundering |
US11606353B2 (en) | 2021-07-22 | 2023-03-14 | Biocatch Ltd. | System, device, and method of generating and utilizing one-time passwords |
US11838118B2 (en) | 2010-11-29 | 2023-12-05 | Biocatch Ltd. | Device, system, and method of detecting vishing attacks |
Families Citing this family (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11223619B2 (en) | 2010-11-29 | 2022-01-11 | Biocatch Ltd. | Device, system, and method of user authentication based on user-specific characteristics of task performance |
US10728761B2 (en) | 2010-11-29 | 2020-07-28 | Biocatch Ltd. | Method, device, and system of detecting a lie of a user who inputs data |
US10949514B2 (en) | 2010-11-29 | 2021-03-16 | Biocatch Ltd. | Device, system, and method of differentiating among users based on detection of hardware components |
US10621585B2 (en) | 2010-11-29 | 2020-04-14 | Biocatch Ltd. | Contextual mapping of web-pages, and generation of fraud-relatedness score-values |
GB2539705B (en) | 2015-06-25 | 2017-10-25 | Aimbrain Solutions Ltd | Conditional behavioural biometrics |
GB2552032B (en) | 2016-07-08 | 2019-05-22 | Aimbrain Solutions Ltd | Step-up authentication |
CN109120605A (en) | 2018-07-27 | 2019-01-01 | 阿里巴巴集团控股有限公司 | Authentication and account information variation and device |
US11210464B2 (en) | 2019-09-03 | 2021-12-28 | Paypal, Inc. | Systems and methods for detecting locations of webpage elements |
WO2021180443A1 (en) * | 2020-03-13 | 2021-09-16 | British Telecommunications Public Limited Company | Computer-implemented continuous control method, system and computer program |
CN111314496B (en) * | 2020-05-15 | 2020-08-11 | 太平金融科技服务(上海)有限公司 | Registration request intercepting method and device, computer equipment and storage medium |
US11627129B2 (en) * | 2020-10-14 | 2023-04-11 | Citrix Systems, Inc. | Method and system for contextual access control |
US11983965B2 (en) | 2020-11-05 | 2024-05-14 | Samsung Electronics Co., Ltd. | Electronic device for biometric authentication and method for operating the same |
US11962596B2 (en) | 2021-08-04 | 2024-04-16 | Bank Of America Corporation | Integrated multifactor authentication for network access control |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7039951B1 (en) * | 2000-06-06 | 2006-05-02 | International Business Machines Corporation | System and method for confidence based incremental access authentication |
US8621209B1 (en) * | 2011-10-19 | 2013-12-31 | Amazon Technologies, Inc. | Confidence-based authentication |
US20140289833A1 (en) * | 2013-03-22 | 2014-09-25 | Marc Briceno | Advanced authentication techniques and applications |
US9203860B1 (en) * | 2012-03-20 | 2015-12-01 | United Services Automobile Association (Usaa) | Dynamic risk engine |
US20160212115A1 (en) * | 2015-01-19 | 2016-07-21 | Dell Products, Lp | System and Method for Providing Confidence Scores in a Persistent Framework |
US9426139B1 (en) * | 2015-03-30 | 2016-08-23 | Amazon Technologies, Inc. | Triggering a request for an authentication |
Family Cites Families (470)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US3618019A (en) | 1969-11-13 | 1971-11-02 | Conversational Systems Corp | Signature identification by means of pressure patterns |
US3699517A (en) | 1970-09-24 | 1972-10-17 | Sylvania Electric Prod | Handwriting authentication technique |
US3983535A (en) | 1975-03-04 | 1976-09-28 | International Business Machines Corporation | Signature verification method and apparatus |
US4128829A (en) | 1977-12-30 | 1978-12-05 | International Business Machines Corporation | Signature verification method and apparatus utilizing both acceleration and pressure characteristics |
US4621334A (en) | 1983-08-26 | 1986-11-04 | Electronic Signature Lock Corporation | Personal identification apparatus |
US4805222A (en) | 1985-12-23 | 1989-02-14 | International Bioaccess Systems Corporation | Method and apparatus for verifying an individual's identity |
US4760386A (en) | 1986-06-13 | 1988-07-26 | International Business Machines Corporation | Automatic hiding and revealing of a pointer during keyboard activity |
JPH071427B2 (en) | 1989-05-26 | 1995-01-11 | 株式会社日立製作所 | Trend graph display method |
ES2109277T3 (en) | 1990-08-29 | 1998-01-16 | Hughes Aircraft Co | DISTRIBUTED USER AUTHENTICATION PROTOCOL. |
EP0606388A4 (en) | 1991-10-04 | 1994-12-07 | Micromed Systems Inc | Hand held computer input apparatus and method. |
US5305238A (en) | 1992-11-03 | 1994-04-19 | Key Tronic Corporation | Data input monitor and indicator for managing work pace and rest periods |
US5557686A (en) | 1993-01-13 | 1996-09-17 | University Of Alabama | Method and apparatus for verification of a computer user's identification, based on keystroke characteristics |
US5565657A (en) | 1993-11-01 | 1996-10-15 | Xerox Corporation | Multidimensional user interface input device |
US5635940A (en) | 1994-02-02 | 1997-06-03 | Hickman; Paul L. | Communication configurator and method for implementing same |
JPH0895539A (en) | 1994-09-28 | 1996-04-12 | Nec Corp | Presentation supporting device |
US5838306A (en) | 1995-05-05 | 1998-11-17 | Dell U.S.A., L.P. | Mouse with security feature |
US6202023B1 (en) | 1996-08-22 | 2001-03-13 | Go2 Systems, Inc. | Internet based geographic location referencing system and method |
US6193153B1 (en) | 1997-04-16 | 2001-02-27 | Francis Lambert | Method and apparatus for non-intrusive biometric capture |
US6337686B2 (en) | 1998-01-07 | 2002-01-08 | Ati Technologies Inc. | Method and apparatus for line anti-aliasing |
WO1999060483A1 (en) | 1998-05-21 | 1999-11-25 | Equifax Inc. | System and method for authentication of network users |
US6442692B1 (en) | 1998-07-21 | 2002-08-27 | Arkady G. Zilberman | Security method and apparatus employing authentication by keystroke dynamics |
US6560578B2 (en) | 1999-03-12 | 2003-05-06 | Expanse Networks, Inc. | Advertisement selection system supporting discretionary target market characteristics |
US6743022B1 (en) | 1998-12-03 | 2004-06-01 | Oded Sarel | System and method for automated self measurement of alertness equilibrium and coordination and for ventification of the identify of the person performing tasks |
IL128720A (en) | 1999-02-25 | 2009-06-15 | Cidway Technologies Ltd | Method for certification of over the phone transactions |
US6337919B1 (en) | 1999-04-28 | 2002-01-08 | Intel Corporation | Fingerprint detecting mouse |
US6957186B1 (en) | 1999-05-27 | 2005-10-18 | Accenture Llp | System method and article of manufacture for building, managing, and supporting various components of a system |
US7523191B1 (en) | 2000-06-02 | 2009-04-21 | Yahoo! Inc. | System and method for monitoring user interaction with web pages |
US6895514B1 (en) | 1999-06-25 | 2005-05-17 | Lucent Technologies Inc. | Method and apparatus for achieving secure password access |
US6938159B1 (en) | 1999-09-23 | 2005-08-30 | Intel Corporation | Continuous verification system |
US7403888B1 (en) | 1999-11-05 | 2008-07-22 | Microsoft Corporation | Language input user interface |
WO2001052180A1 (en) | 2000-01-10 | 2001-07-19 | Tarian, Llc | Device using histological and physiological biometric marker for authentication and activation |
US7609862B2 (en) | 2000-01-24 | 2009-10-27 | Pen-One Inc. | Method for identity verification |
US7260837B2 (en) | 2000-03-22 | 2007-08-21 | Comscore Networks, Inc. | Systems and methods for user identification, user demographic reporting and collecting usage data usage biometrics |
JP4321944B2 (en) | 2000-04-27 | 2009-08-26 | 富士通株式会社 | Personal authentication system using biometric information |
US7859519B2 (en) | 2000-05-01 | 2010-12-28 | Tulbert David J | Human-machine interface |
US7133792B2 (en) | 2000-06-08 | 2006-11-07 | Ensign Holdings, Llc | Method and apparatus for calibration over time of histological and physiological biometric markers for authentication |
US6836554B1 (en) | 2000-06-16 | 2004-12-28 | International Business Machines Corporation | System and method for distorting a biometric for transactions with enhanced security and privacy |
JP3562577B2 (en) | 2000-07-25 | 2004-09-08 | 精一郎 半谷 | Authentication system |
GB2365636B (en) | 2000-08-04 | 2005-01-05 | Automatic Parallel Designs Ltd | A parallel counter and a multiplication logic circuit |
US6819219B1 (en) | 2000-10-13 | 2004-11-16 | International Business Machines Corporation | Method for biometric-based authentication in wireless communication for access control |
WO2002061525A2 (en) | 2000-11-02 | 2002-08-08 | Pirus Networks | Tcp/udp acceleration |
US6931131B1 (en) | 2000-11-17 | 2005-08-16 | Youbet.Com, Inc. | Method and apparatus for online geographic and user verification and restriction using a GPS system |
DE10100617A1 (en) | 2001-01-09 | 2002-07-18 | Siemens Ag | Controllable arrangement with user authentication |
US8812319B2 (en) | 2001-01-31 | 2014-08-19 | Ibiometrics, Inc. | Dynamic pass phrase security system (DPSS) |
AU2002305137A1 (en) | 2001-04-06 | 2002-10-21 | Predictive Media Corporation | Method and apparatus for identifying unique client users from user behavioral data |
DE10150108B4 (en) | 2001-10-11 | 2004-03-11 | Siemens Ag | Ongoing speaker authentication |
US7395436B1 (en) | 2002-01-31 | 2008-07-01 | Kerry Nemovicher | Methods, software programs, and systems for electronic information security |
US6990639B2 (en) | 2002-02-07 | 2006-01-24 | Microsoft Corporation | System and process for controlling electronic components in a ubiquitous computing environment using multimodal integration |
US20080183745A1 (en) | 2006-09-25 | 2008-07-31 | David Cancel | Website analytics |
US7161557B2 (en) | 2002-04-08 | 2007-01-09 | Clearcube Technology, Inc. | Selectively updating a display in a multi-display system |
US7494061B2 (en) | 2006-06-30 | 2009-02-24 | Evercom Systems, Inc. | Systems and methods for identity verification using continuous biometric monitoring |
US20070156443A1 (en) | 2002-05-22 | 2007-07-05 | Gurvey Amy R | Electronic System and Apparatuses Coupling Ticketing on Mobile Devices with Event Sponsorship and Interaction |
US7139916B2 (en) | 2002-06-28 | 2006-11-21 | Ebay, Inc. | Method and system for monitoring user interaction with a computer |
US20040017355A1 (en) | 2002-07-24 | 2004-01-29 | Youngtack Shim | Cursor control systems and methods |
JP4115198B2 (en) | 2002-08-02 | 2008-07-09 | 株式会社日立製作所 | Display device with touch panel |
US20040034784A1 (en) | 2002-08-15 | 2004-02-19 | Fedronic Dominique Louis Joseph | System and method to facilitate separate cardholder and system access to resources controlled by a smart card |
JP2004118627A (en) | 2002-09-27 | 2004-04-15 | Toshiba Corp | Figure identification device and method |
US20040128240A1 (en) | 2002-10-07 | 2004-07-01 | Yusin Wendy E. | Method and system for managing financial transactions |
US7840806B2 (en) | 2002-10-16 | 2010-11-23 | Enterprise Information Management, Inc. | System and method of non-centralized zero knowledge authentication for a computer network |
US7130452B2 (en) | 2002-12-03 | 2006-10-31 | International Business Machines Corporation | System and method for multi-party validation, authentication and/or authorization via biometrics |
US7065645B2 (en) | 2003-01-20 | 2006-06-20 | Mordechai Teicher | System, method, and apparatus for visual authentication |
US7509686B2 (en) | 2003-02-03 | 2009-03-24 | Checco John C | Method for providing computer-based authentication utilizing biometrics |
US7606915B1 (en) | 2003-02-25 | 2009-10-20 | Microsoft Corporation | Prevention of unauthorized scripts |
US7941849B2 (en) | 2003-03-21 | 2011-05-10 | Imprivata, Inc. | System and method for audit tracking |
US20050008148A1 (en) | 2003-04-02 | 2005-01-13 | Dov Jacobson | Mouse performance identification |
US7366919B1 (en) | 2003-04-25 | 2008-04-29 | Symantec Corporation | Use of geo-location data for spam detection |
US20040221171A1 (en) | 2003-05-02 | 2004-11-04 | Ahmed Ahmed Awad E. | Intrusion detector based on mouse dynamics analysis |
GB0311177D0 (en) | 2003-05-15 | 2003-06-18 | Qinetiq Ltd | Non contact human-computer interface |
US7245218B2 (en) | 2003-09-12 | 2007-07-17 | Curtis Satoru Ikehara | Input device to continuously detect biometrics |
WO2005079413A2 (en) | 2004-02-12 | 2005-09-01 | Atrua Technologies, Inc. | System and method of emulating mouse operations using finger image sensors |
US10999298B2 (en) | 2004-03-02 | 2021-05-04 | The 41St Parameter, Inc. | Method and system for identifying users and detecting fraud by use of the internet |
US7853663B2 (en) | 2004-03-12 | 2010-12-14 | Riip, Inc. | Wireless management system for control of remote devices |
WO2005093637A1 (en) | 2004-03-29 | 2005-10-06 | Hoffmann Andre | Identification, verification, and recognition method and system |
US20060090073A1 (en) | 2004-04-27 | 2006-04-27 | Shira Steinberg | System and method of using human friendly representations of mathematical values and activity analysis to confirm authenticity |
US7535456B2 (en) | 2004-04-30 | 2009-05-19 | Hillcrest Laboratories, Inc. | Methods and devices for removing unintentional movement in 3D pointing devices |
EP2273484B1 (en) | 2004-04-30 | 2019-08-28 | Hillcrest Laboratories, Inc. | Methods and devices for removing unintentional movement in free space pointing devices |
WO2005108119A2 (en) | 2004-04-30 | 2005-11-17 | Hillcrest Laboratories, Inc. | Free space pointing devices with tilt compensation and improved usability |
US20060143454A1 (en) | 2004-05-27 | 2006-06-29 | Silverbrook Research Pty Ltd | Storage of multiple keys in memory |
US7747980B2 (en) | 2004-06-08 | 2010-06-29 | Covia Labs, Inc. | Method and system for specifying device interoperability source specifying renditions data and code for interoperable device team |
TWI249636B (en) | 2004-07-08 | 2006-02-21 | Hannstar Display Corp | Clamp structure of an external electrode lamp |
US20060080263A1 (en) | 2004-10-13 | 2006-04-13 | Willis John A | Identity theft protection and notification system |
GB2419433A (en) | 2004-10-20 | 2006-04-26 | Glasgow School Of Art | Automated Gesture Recognition |
FR2877112B3 (en) | 2004-10-22 | 2007-06-08 | Nds Ltd | METHOD FOR MANAGING DISPLAY WINDOWS |
US7496575B2 (en) | 2004-11-22 | 2009-02-24 | Verdasys, Inc. | Application instrumentation and monitoring |
US8171085B1 (en) | 2005-01-19 | 2012-05-01 | Apple Inc. | Methods and apparatuses for authenticating electronic messages |
US7389917B2 (en) | 2005-02-15 | 2008-06-24 | International Business Machines Corporation | Enhancing web experiences using behavioral biometric data |
EP1868132A4 (en) | 2005-03-23 | 2014-06-18 | Ihc Corp | Authentication system |
JP4679205B2 (en) | 2005-03-31 | 2011-04-27 | Necインフロンティア株式会社 | Authentication system, apparatus, method, program, and communication terminal |
US20060239430A1 (en) | 2005-04-21 | 2006-10-26 | Robert Gue | Systems and methods of providing online protection |
CN101375546B (en) | 2005-04-29 | 2012-09-26 | 甲骨文国际公司 | System and method for fraud monitoring, detection, and tiered user authentication |
JP2006333882A (en) | 2005-05-31 | 2006-12-14 | Aruze Corp | Player authentication apparatus, player management server, game machine and sandwiched dispenser |
US20060280339A1 (en) | 2005-06-10 | 2006-12-14 | Sungzoon Cho | System and method for performing user authentication based on keystroke dynamics |
KR100713494B1 (en) | 2005-06-20 | 2007-04-30 | 삼성전자주식회사 | Method for authenticating user using camera module and mobile communication terminal therefor |
US20070118804A1 (en) | 2005-11-16 | 2007-05-24 | Microsoft Corporation | Interaction model assessment, storage and distribution |
US7594050B2 (en) | 2005-11-23 | 2009-09-22 | Research In Motion Limited | System and method for recognizing a keystroke in an electronic device |
US20070174082A1 (en) | 2005-12-12 | 2007-07-26 | Sapphire Mobile Systems, Inc. | Payment authorization using location data |
US7774363B2 (en) | 2005-12-29 | 2010-08-10 | Nextlabs, Inc. | Detecting behavioral patterns and anomalies using information usage data |
US7815106B1 (en) | 2005-12-29 | 2010-10-19 | Verizon Corporate Services Group Inc. | Multidimensional transaction fraud detection system and method |
JP2007188321A (en) | 2006-01-13 | 2007-07-26 | Sony Corp | Communication device, communication method, program, and recording medium |
CN101558384B (en) | 2006-03-24 | 2013-01-02 | Avg技术塞浦路斯有限公司 | Software vulnerability exploitation shield |
KR100847532B1 (en) | 2006-04-06 | 2008-07-21 | 재단법인서울대학교산학협력재단 | User terminal and authenticating apparatus used for user authentication using information of user's behavior pattern |
US20120204257A1 (en) | 2006-04-10 | 2012-08-09 | International Business Machines Corporation | Detecting fraud using touchscreen interaction behavior |
US20070240230A1 (en) | 2006-04-10 | 2007-10-11 | O'connell Brian M | User-browser interaction analysis authentication system |
US7864987B2 (en) * | 2006-04-18 | 2011-01-04 | Infosys Technologies Ltd. | Methods and systems for secured access to devices and systems |
US7552467B2 (en) | 2006-04-24 | 2009-06-23 | Jeffrey Dean Lindsay | Security systems for protecting an asset |
US20070255821A1 (en) | 2006-05-01 | 2007-11-01 | Li Ge | Real-time click fraud detecting and blocking system |
US20070261109A1 (en) | 2006-05-04 | 2007-11-08 | Martin Renaud | Authentication system, such as an authentication system for children and teenagers |
US20070266305A1 (en) | 2006-05-10 | 2007-11-15 | David Cong | System and method for monitoring user behavior with regard to interactive rich-media content |
US20070271466A1 (en) | 2006-05-18 | 2007-11-22 | Genevieve Mak | Security or authentication system and method using manual input measurements, such as via user manipulation of a computer mouse |
US8099765B2 (en) | 2006-06-07 | 2012-01-17 | Red Hat, Inc. | Methods and systems for remote password reset using an authentication credential managed by a third party |
US7818290B2 (en) | 2006-06-14 | 2010-10-19 | Identity Metrics, Inc. | System to associate a demographic to a user of an electronic system |
WO2007146437A2 (en) | 2006-06-14 | 2007-12-21 | Agent Science Technologies, Inc. | User authentication system |
US8161530B2 (en) | 2006-07-11 | 2012-04-17 | Identity Metrics, Inc. | Behaviormetrics application system for electronic transaction authorization |
EP1879127A1 (en) | 2006-07-13 | 2008-01-16 | Cipherstone Technologies AB | User authentication method and system and password management system |
US8510113B1 (en) | 2006-08-31 | 2013-08-13 | At&T Intellectual Property Ii, L.P. | Method and system for enhancing a speech database |
US8417960B2 (en) | 2006-09-06 | 2013-04-09 | Hitachi, Ltd. | Method for generating an encryption key using biometrics authentication and restoring the encryption key and personal authentication system |
US20080066167A1 (en) | 2006-09-12 | 2008-03-13 | Andri Michael J | Password based access including error allowance |
JP4294668B2 (en) | 2006-09-14 | 2009-07-15 | 株式会社日立製作所 | Point diagram display device |
US8452978B2 (en) | 2006-09-15 | 2013-05-28 | Identity Metrics, LLC | System and method for user authentication and dynamic usability of touch-screen devices |
US8843754B2 (en) | 2006-09-15 | 2014-09-23 | Identity Metrics, Inc. | Continuous user identification and situation analysis with identification of anonymous users through behaviormetrics |
US20080084972A1 (en) | 2006-09-27 | 2008-04-10 | Michael Robert Burke | Verifying that a message was authored by a user by utilizing a user profile generated for the user |
EP2092474A4 (en) | 2006-10-17 | 2011-09-28 | Yt Acquisition Corp | A method of distributing information via mobile devices and enabling its use at a point of transaction |
US8112817B2 (en) | 2006-10-30 | 2012-02-07 | Girish Chiruvolu | User-centric authentication system and method |
US8661520B2 (en) | 2006-11-21 | 2014-02-25 | Rajesh G. Shakkarwar | Systems and methods for identification and authentication of a user |
US8125312B2 (en) | 2006-12-08 | 2012-02-28 | Research In Motion Limited | System and method for locking and unlocking access to an electronic device |
JP2008146453A (en) | 2006-12-12 | 2008-06-26 | Sony Corp | Picture signal output device and operation input processing method |
US20080162449A1 (en) | 2006-12-28 | 2008-07-03 | Chen Chao-Yu | Dynamic page similarity measurement |
US8462109B2 (en) | 2007-01-05 | 2013-06-11 | Invensense, Inc. | Controlling and accessing content using motion processing on mobile devices |
US10437459B2 (en) | 2007-01-07 | 2019-10-08 | Apple Inc. | Multitouch data fusion |
US8727947B2 (en) | 2007-02-16 | 2014-05-20 | Nike, Inc. | Real-time comparison of athletic information |
US8056129B2 (en) | 2007-04-19 | 2011-11-08 | International Business Machines Corporation | Validating active computer terminal sessions |
US7860870B2 (en) | 2007-05-31 | 2010-12-28 | Yahoo! Inc. | Detection of abnormal user click activity in a search results page |
US7895653B2 (en) | 2007-05-31 | 2011-02-22 | International Business Machines Corporation | Internet robot detection for network distributable markup |
US8640203B2 (en) | 2007-06-04 | 2014-01-28 | Rajesh G. Shakkarwar | Methods and systems for the authentication of a user |
US8015145B2 (en) | 2007-06-05 | 2011-09-06 | Siemens Medical Solutions Usa, Inc. | System for providing healthcare operation specific user interface display images |
US8549316B2 (en) | 2007-06-06 | 2013-10-01 | Nuvoton Technology Corporation | Method and apparatus for password output |
US20080309616A1 (en) | 2007-06-13 | 2008-12-18 | Massengill R Kemp | Alertness testing method and apparatus |
US20080319841A1 (en) | 2007-06-21 | 2008-12-25 | Robert Ian Oliver | Per-Machine Based Shared Revenue Ad Delivery Fraud Detection and Mitigation |
US8065624B2 (en) | 2007-06-28 | 2011-11-22 | Panasonic Corporation | Virtual keypad systems and methods |
JP5217064B2 (en) | 2007-07-23 | 2013-06-19 | ミツミ電機株式会社 | DMOS type semiconductor device and manufacturing method thereof |
US20090038010A1 (en) | 2007-07-31 | 2009-02-05 | Microsoft Corporation | Monitoring and controlling an automation process |
KR100923179B1 (en) | 2007-08-16 | 2009-10-22 | 재단법인서울대학교산학협력재단 | Method and system for detecting account sharing based on behavior patterns |
KR101572768B1 (en) | 2007-09-24 | 2015-11-27 | 애플 인크. | Embedded authentication systems in an electronic device |
US8307443B2 (en) | 2007-09-28 | 2012-11-06 | Microsoft Corporation | Securing anti-virus software with virtualization |
US8280993B2 (en) | 2007-10-04 | 2012-10-02 | Yahoo! Inc. | System and method for detecting Internet bots |
US8134449B2 (en) | 2007-10-23 | 2012-03-13 | Minebea Co., Ltd | Method and system for biometric keyboard |
US8031175B2 (en) | 2008-04-21 | 2011-10-04 | Panasonic Corporation | Touch sensitive remote control system that detects hand size characteristics of user and adapts mapping to screen display |
US8189878B2 (en) | 2007-11-07 | 2012-05-29 | Verizon Patent And Licensing Inc. | Multifactor multimedia biometric authentication |
US20090132366A1 (en) | 2007-11-15 | 2009-05-21 | Microsoft Corporation | Recognizing and crediting offline realization of online behavior |
US8978117B2 (en) | 2007-11-19 | 2015-03-10 | Avaya Inc. | Authentication frequency and challenge type based on environmental and physiological properties |
US9779403B2 (en) | 2007-12-07 | 2017-10-03 | Jpmorgan Chase Bank, N.A. | Mobile fraud prevention system and method |
US8793305B2 (en) | 2007-12-13 | 2014-07-29 | Seven Networks, Inc. | Content delivery to a mobile device from a content service |
US8271878B2 (en) | 2007-12-28 | 2012-09-18 | Amazon Technologies, Inc. | Behavior-based selection of items to present on affiliate sites |
US7974893B2 (en) | 2008-01-04 | 2011-07-05 | Deborah Peace | Systems and methods for providing ACH transaction notification and facilitating ACH transaction disputes |
US9141974B2 (en) | 2008-01-16 | 2015-09-22 | Martin Kelly Jones | Systems and methods for determining mobile thing (MT) identification and/or MT motion activity using sensor data of wireless communication device |
US8803797B2 (en) | 2008-01-18 | 2014-08-12 | Microsoft Corporation | Input through sensing of user-applied forces |
FR2926938B1 (en) | 2008-01-28 | 2010-03-19 | Paycool Dev | METHOD OF AUTHENTICATING AND SIGNING A USER TO AN APPLICATION SERVICE USING A MOBILE PHONE AS A SECOND FACTOR IN COMPLEMENT AND INDEPENDENTLY OF A FIRST FACTOR |
US8595834B2 (en) | 2008-02-04 | 2013-11-26 | Samsung Electronics Co., Ltd | Detecting unauthorized use of computing devices based on behavioral patterns |
US8244211B2 (en) | 2008-02-07 | 2012-08-14 | Inflexis Llc | Mobile electronic security apparatus and method |
US8909297B2 (en) | 2008-03-04 | 2014-12-09 | Mike Matas | Access management |
US20080215576A1 (en) | 2008-03-05 | 2008-09-04 | Quantum Intelligence, Inc. | Fusion and visualization for multiple anomaly detection systems |
JP4905395B2 (en) | 2008-03-21 | 2012-03-28 | 富士通株式会社 | Communication monitoring device, communication monitoring program, and communication monitoring method |
US8904479B1 (en) | 2008-03-28 | 2014-12-02 | Google Inc. | Pattern-based mobile device unlocking |
US9275215B2 (en) | 2008-04-01 | 2016-03-01 | Nudata Security Inc. | Systems and methods for implementing and tracking identification tests |
US8700385B2 (en) | 2008-04-04 | 2014-04-15 | Microsoft Corporation | Providing a task description name space map for the information worker |
WO2009128064A2 (en) | 2008-04-14 | 2009-10-22 | Pointgrab Ltd. | Vision based pointing device emulation |
EP2291725A4 (en) | 2008-04-22 | 2012-01-25 | 41St Parameter Inc | Systems and methods for security management based on cursor events |
US20110300831A1 (en) | 2008-05-17 | 2011-12-08 | Chin David H | Authentication of a mobile device by a patterned security gesture applied to dotted input area |
US8639570B2 (en) | 2008-06-02 | 2014-01-28 | Microsoft Corporation | User advertisement click behavior modeling |
US8813050B2 (en) | 2008-06-03 | 2014-08-19 | Isight Partners, Inc. | Electronic crime detection and tracking |
US20090320123A1 (en) | 2008-06-20 | 2009-12-24 | Motorola, Inc. | Method and apparatus for user recognition employing motion passwords |
US8736587B2 (en) | 2008-07-10 | 2014-05-27 | Semiconductor Energy Laboratory Co., Ltd. | Semiconductor device |
US8948375B2 (en) | 2009-05-05 | 2015-02-03 | Voltage Security, Inc. | Systems for embedding information in data strings |
US20100040293A1 (en) | 2008-08-12 | 2010-02-18 | International Business Machines Corporation | Kinematic Based Authentication |
US8639636B2 (en) | 2008-08-15 | 2014-01-28 | At&T Intellectual Property I, L.P. | System and method for user behavior modeling |
US8326630B2 (en) | 2008-08-18 | 2012-12-04 | Microsoft Corporation | Context based online advertising |
US10679749B2 (en) | 2008-08-22 | 2020-06-09 | International Business Machines Corporation | System and method for virtual world biometric analytics through the use of a multimodal biometric analytic wallet |
US8433785B2 (en) | 2008-09-16 | 2013-04-30 | Yahoo! Inc. | System and method for detecting internet bots |
US20100070405A1 (en) | 2008-09-17 | 2010-03-18 | Bank Of America | Wireless number risk scores for use with mobile payments |
US8316428B2 (en) | 2008-09-25 | 2012-11-20 | Ntt Docomo, Inc. | Method and apparatus for security-risk based admission control |
US20100082747A1 (en) | 2008-09-29 | 2010-04-01 | College Of William & Mary | Real-time collaborative browsing |
US8433916B2 (en) | 2008-09-30 | 2013-04-30 | Microsoft Corporation | Active hip |
US20100122082A1 (en) | 2008-10-08 | 2010-05-13 | Leiwen Deng | User identity validation system and method |
US20100097324A1 (en) | 2008-10-20 | 2010-04-22 | Dell Products L.P. | Parental Controls Based on Touchscreen Input |
US8108933B2 (en) | 2008-10-21 | 2012-01-31 | Lookout, Inc. | System and method for attack and malware prevention |
US9400879B2 (en) | 2008-11-05 | 2016-07-26 | Xerox Corporation | Method and system for providing authentication through aggregate analysis of behavioral and time patterns |
US8788977B2 (en) | 2008-11-20 | 2014-07-22 | Amazon Technologies, Inc. | Movement recognition as input mechanism |
US9135348B2 (en) | 2008-11-21 | 2015-09-15 | Alcatel Lucent | Method and apparatus for machine-learning based profiling |
JP5415749B2 (en) | 2008-11-26 | 2014-02-12 | 京セラ株式会社 | Portable electronic devices |
US8156324B1 (en) | 2008-12-29 | 2012-04-10 | Bank Of America Corporation | Secured online financial transaction text chat |
KR101613086B1 (en) | 2009-01-05 | 2016-04-29 | 삼성전자주식회사 | Apparatus and method for display of electronic device |
US8941466B2 (en) | 2009-01-05 | 2015-01-27 | Polytechnic Institute Of New York University | User authentication for devices with touch sensitive elements, such as touch sensitive display screens |
US8326358B2 (en) | 2009-01-30 | 2012-12-04 | Research In Motion Limited | System and method for access control in a portable electronic device |
US9811794B2 (en) | 2009-02-11 | 2017-11-07 | Johnathan Mun | Qualitative and quantitative modeling of enterprise risk management and risk registers |
US20100203876A1 (en) | 2009-02-11 | 2010-08-12 | Qualcomm Incorporated | Inferring user profile properties based upon mobile device usage |
US8549629B1 (en) | 2009-03-16 | 2013-10-01 | Verint Americas Inc. | Classification and identification of computer use |
JP5385652B2 (en) | 2009-03-24 | 2014-01-08 | キヤノン株式会社 | Position detection apparatus, exposure apparatus, position detection method, exposure method, and device manufacturing method |
US8443156B2 (en) | 2009-03-27 | 2013-05-14 | Vmware, Inc. | Virtualization system using hardware assistance for shadow page table coherence |
US8605961B2 (en) | 2009-03-30 | 2013-12-10 | Motorola Mobility Llc | Method and apparatus for determining a physiological parameter using a fingerprint sensor on a portable electronic device |
US20120005483A1 (en) | 2009-04-09 | 2012-01-05 | Hydrabyte, Inc. | Method for Image-Based Authentication |
US8454437B2 (en) | 2009-07-17 | 2013-06-04 | Brian M. Dugan | Systems and methods for portable exergaming |
US8613047B2 (en) | 2009-04-21 | 2013-12-17 | Yahoo! Inc. | Interacting with internet servers without keyboard |
EP2421430B1 (en) | 2009-04-24 | 2020-11-18 | Advanced Brain Monitoring, Inc. | Adaptive performance trainer |
US8914878B2 (en) | 2009-04-29 | 2014-12-16 | Juniper Networks, Inc. | Detecting malicious network software agents |
US8751628B2 (en) | 2009-05-05 | 2014-06-10 | Suboti, Llc | System and method for processing user interface events |
US8217912B2 (en) | 2009-06-17 | 2012-07-10 | Broadcom Corporation | Graphical authentication for a portable device and methods for use therewith |
US20100328074A1 (en) | 2009-06-30 | 2010-12-30 | Johnson Erik J | Human presence detection techniques |
US20110010209A1 (en) | 2009-07-09 | 2011-01-13 | International Business Machines Corporation | Statistical condition detection and resolution management |
US8312157B2 (en) | 2009-07-16 | 2012-11-13 | Palo Alto Research Center Incorporated | Implicit authentication |
CN101957656A (en) | 2009-07-17 | 2011-01-26 | 英华达(南京)科技有限公司 | Method for controlling vernier and operating equipment thereof |
US8607340B2 (en) | 2009-07-21 | 2013-12-10 | Sophos Limited | Host intrusion prevention system using software and user behavior analysis |
TW201104529A (en) | 2009-07-22 | 2011-02-01 | Elan Microelectronics Corp | Touch device, control method and control unit for multi-touch environment |
EP2288226B1 (en) | 2009-08-12 | 2014-03-26 | BlackBerry Limited | Method and apparatus for dynamically changing the monitoring of a cellular data connection |
US20110039602A1 (en) | 2009-08-13 | 2011-02-17 | Mcnamara Justin | Methods And Systems For Interacting With Content On A Mobile Device |
US8285658B1 (en) | 2009-08-25 | 2012-10-09 | Scout Analytics, Inc. | Account sharing detection |
JP5482023B2 (en) | 2009-08-27 | 2014-04-23 | ソニー株式会社 | Information processing apparatus, information processing method, and program |
US8988191B2 (en) | 2009-08-27 | 2015-03-24 | Symbol Technologies, Inc. | Systems and methods for pressure-based authentication of an input on a touch screen |
CA2675664A1 (en) | 2009-08-28 | 2009-11-05 | Ibm Canada Limited - Ibm Canada Limitee | Escalation of user identity and validation requirements to counter a threat |
US20110055077A1 (en) | 2009-09-02 | 2011-03-03 | Susan French | Portable consumer device with funds transfer processing |
BR112012004791A2 (en) | 2009-09-04 | 2017-07-18 | Vago Andras | Custom multifunction access device with individualized way to authenticate and control data exchange. |
US8275834B2 (en) | 2009-09-14 | 2012-09-25 | Applied Research Associates, Inc. | Multi-modal, geo-tempo communications systems |
US8588758B2 (en) | 2009-10-30 | 2013-11-19 | Immersion Corporation | Interfacing a mobile device with a computer |
US9174123B2 (en) | 2009-11-09 | 2015-11-03 | Invensense, Inc. | Handheld computer systems and techniques for character and command recognition related to human movements |
US8535133B2 (en) | 2009-11-16 | 2013-09-17 | Broadcom Corporation | Video game with controller sensing player inappropriate activity |
ES2338092A1 (en) | 2009-11-16 | 2010-05-03 | Universidad Politecnica De Madrid | Device and method of biometric recognition based on a movement of the hand in the space with a device that integers an accelerometer (Machine-translation by Google Translate, not legally binding) |
US20110119370A1 (en) | 2009-11-17 | 2011-05-19 | Microsoft Corporation | Measuring network performance for cloud services |
US20110161136A1 (en) | 2009-11-25 | 2011-06-30 | Patrick Faith | Customer mapping using mobile device with an accelerometer |
US8531523B2 (en) | 2009-12-08 | 2013-09-10 | Trueposition, Inc. | Multi-sensor location and identification |
US8621636B2 (en) | 2009-12-17 | 2013-12-31 | American Express Travel Related Services Company, Inc. | Systems, methods, and computer program products for collecting and reporting sensor data in a communication network |
JP2011129756A (en) | 2009-12-18 | 2011-06-30 | Toshiba Corp | Method of generating mask pattern, mask pattern generating program, and method of manufacturing semiconductor device |
US8745747B2 (en) | 2009-12-31 | 2014-06-03 | Fujitsu Limited | Data protecting device |
US8707453B2 (en) | 2010-01-29 | 2014-04-22 | Christopher Liam Ivey | System and method for restricting access to a computer system to live persons by means of semantic association of images |
US10089683B2 (en) | 2010-02-08 | 2018-10-02 | Visa International Service Association | Fraud reduction system for transactions |
US8305251B2 (en) | 2010-02-09 | 2012-11-06 | National Taiwan University | Wireless remote control system |
US20110202453A1 (en) | 2010-02-15 | 2011-08-18 | Oto Technologies, Llc | System and method for mobile secure transaction confidence score |
US8424072B2 (en) | 2010-03-09 | 2013-04-16 | Microsoft Corporation | Behavior-based security system |
US20110221684A1 (en) | 2010-03-11 | 2011-09-15 | Sony Ericsson Mobile Communications Ab | Touch-sensitive input device, mobile device and method for operating a touch-sensitive input device |
US9092129B2 (en) | 2010-03-17 | 2015-07-28 | Logitech Europe S.A. | System and method for capturing hand annotations |
US20110246902A1 (en) | 2010-04-01 | 2011-10-06 | Tsung-Han Tsai | Method for portable phones to control computers |
US20160364138A1 (en) | 2010-04-23 | 2016-12-15 | Handscape Inc., A Delaware Corporation | Front touchscreen and back touchpad operated user interface employing semi-persistent button groups |
US9891820B2 (en) | 2010-04-23 | 2018-02-13 | Handscape Inc. | Method for controlling a virtual keyboard from a touchpad of a computerized device |
KR101122646B1 (en) | 2010-04-28 | 2012-03-09 | 한국전자통신연구원 | Method and device against intelligent bots by masquerading virtual machine information |
US8433654B2 (en) | 2010-05-10 | 2013-04-30 | Billeo, Inc | Method and system for paying directly at biller websites from within a bill pay website |
US8200076B2 (en) | 2010-05-19 | 2012-06-12 | Eastman Kodak Company | Estimating gender or age of a photographer |
US8990959B2 (en) | 2010-05-28 | 2015-03-24 | Microsoft Corporation | Manipulable human interactive proofs |
US20110304531A1 (en) | 2010-06-10 | 2011-12-15 | Peter Brooks | Method and system for interfacing and interaction with location-aware devices |
US8745729B2 (en) | 2010-06-22 | 2014-06-03 | Microsoft Corporation | Preventing abuse of services through infrastructure incompatibility |
US8984292B2 (en) | 2010-06-24 | 2015-03-17 | Microsoft Corporation | Keyed human interactive proof players |
US20130212674A1 (en) | 2010-06-25 | 2013-08-15 | Passtouch, Llc | System and method for signature pathway authentication and identification |
US20170140169A1 (en) | 2013-04-01 | 2017-05-18 | Passtouch, Llc | System and method for signature pathway authentication and identification |
US9420049B1 (en) | 2010-06-30 | 2016-08-16 | F5 Networks, Inc. | Client side human user indicator |
US8875220B2 (en) | 2010-07-01 | 2014-10-28 | Raytheom Company | Proxy-based network access protection |
EP2441209A4 (en) | 2010-07-01 | 2012-05-09 | Tata Consultancy Services Ltd | System for two way authentication |
US8754862B2 (en) | 2010-07-11 | 2014-06-17 | Lester F. Ludwig | Sequential classification recognition of gesture primitives and window-based parameter smoothing for high dimensional touchpad (HDTP) user interfaces |
EP2410450A1 (en) | 2010-07-19 | 2012-01-25 | Dan-Mihai Negrea | Method for providing a challenge based on a content |
US8838783B2 (en) | 2010-07-26 | 2014-09-16 | Seven Networks, Inc. | Distributed caching for resource and mobile network traffic management |
CN103155509B (en) | 2010-08-04 | 2016-10-26 | 黑莓有限公司 | For the method and apparatus providing continuous certification based on dynamic personal information |
US8499245B1 (en) | 2010-08-24 | 2013-07-30 | Amazon Technologies, Inc. | Multi-source profiling for adaptive device operation |
WO2012027597A2 (en) | 2010-08-27 | 2012-03-01 | Intel Corporation | Capture and recall of home entertainment system session |
US8528054B2 (en) | 2010-08-31 | 2013-09-03 | Yahoo! Inc. | Multi-step challenge-response test |
US20120072982A1 (en) | 2010-09-17 | 2012-03-22 | Microsoft Corporation | Detecting potential fraudulent online user activity |
US8666861B2 (en) | 2010-10-21 | 2014-03-04 | Visa International Service Association | Software and methods for risk and fraud mitigation |
US8756602B2 (en) | 2010-11-14 | 2014-06-17 | Brocade Communications Systems, Inc. | Virtual machine and application migration over local and wide area networks without timeout |
US8612345B2 (en) | 2010-11-15 | 2013-12-17 | The Western Union Company | Routing for direct to account payments |
GB2500520A (en) | 2010-11-16 | 2013-09-25 | Muthukumar Prasad | Smart directional radiation protection system for wireless mobile device to reduce sar |
US20120124662A1 (en) | 2010-11-16 | 2012-05-17 | Baca Jim S | Method of using device motion in a password |
US9215244B2 (en) | 2010-11-18 | 2015-12-15 | The Boeing Company | Context aware network security monitoring for threat detection |
JP2012114241A (en) | 2010-11-25 | 2012-06-14 | Renesas Electronics Corp | Semiconductor chip and semiconductor device |
US9665703B2 (en) | 2010-11-29 | 2017-05-30 | Biocatch Ltd. | Device, system, and method of detecting user identity based on inter-page and intra-page navigation patterns |
US10476873B2 (en) | 2010-11-29 | 2019-11-12 | Biocatch Ltd. | Device, system, and method of password-less user authentication and password-less detection of user identity |
US10055560B2 (en) | 2010-11-29 | 2018-08-21 | Biocatch Ltd. | Device, method, and system of detecting multiple users accessing the same account |
US10621585B2 (en) | 2010-11-29 | 2020-04-14 | Biocatch Ltd. | Contextual mapping of web-pages, and generation of fraud-relatedness score-values |
US9690915B2 (en) | 2010-11-29 | 2017-06-27 | Biocatch Ltd. | Device, method, and system of detecting remote access users and differentiating among users |
US10069852B2 (en) | 2010-11-29 | 2018-09-04 | Biocatch Ltd. | Detection of computerized bots and automated cyber-attack modules |
US20190158535A1 (en) | 2017-11-21 | 2019-05-23 | Biocatch Ltd. | Device, System, and Method of Detecting Vishing Attacks |
US9621567B2 (en) | 2010-11-29 | 2017-04-11 | Biocatch Ltd. | Device, system, and method of detecting hardware components |
US9536071B2 (en) | 2010-11-29 | 2017-01-03 | Biocatch Ltd. | Method, device, and system of differentiating among users based on platform configurations |
US10164985B2 (en) | 2010-11-29 | 2018-12-25 | Biocatch Ltd. | Device, system, and method of recovery and resetting of user authentication factor |
US9747436B2 (en) | 2010-11-29 | 2017-08-29 | Biocatch Ltd. | Method, system, and device of differentiating among users based on responses to interferences |
US9483292B2 (en) | 2010-11-29 | 2016-11-01 | Biocatch Ltd. | Method, device, and system of differentiating between virtual machine and non-virtualized device |
US10728761B2 (en) | 2010-11-29 | 2020-07-28 | Biocatch Ltd. | Method, device, and system of detecting a lie of a user who inputs data |
US9552470B2 (en) | 2010-11-29 | 2017-01-24 | Biocatch Ltd. | Method, device, and system of generating fraud-alerts for cyber-attacks |
US10395018B2 (en) | 2010-11-29 | 2019-08-27 | Biocatch Ltd. | System, method, and device of detecting identity of a user and authenticating a user |
US20180349583A1 (en) | 2010-11-29 | 2018-12-06 | Biocatch Ltd. | System, Device, and Method of Determining Personal Characteristics of a User |
US10083439B2 (en) | 2010-11-29 | 2018-09-25 | Biocatch Ltd. | Device, system, and method of differentiating over multiple accounts between legitimate user and cyber-attacker |
US9547766B2 (en) | 2010-11-29 | 2017-01-17 | Biocatch Ltd. | Device, system, and method of detecting malicious automatic script and code injection |
US20190057200A1 (en) | 2017-08-16 | 2019-02-21 | Biocatch Ltd. | System, apparatus, and method of collecting and processing data in electronic devices |
US11223619B2 (en) | 2010-11-29 | 2022-01-11 | Biocatch Ltd. | Device, system, and method of user authentication based on user-specific characteristics of task performance |
US10685355B2 (en) | 2016-12-04 | 2020-06-16 | Biocatch Ltd. | Method, device, and system of detecting mule accounts and accounts used for money laundering |
US9526006B2 (en) | 2010-11-29 | 2016-12-20 | Biocatch Ltd. | System, method, and device of detecting identity of a user of an electronic device |
US10037421B2 (en) | 2010-11-29 | 2018-07-31 | Biocatch Ltd. | Device, system, and method of three-dimensional spatial user authentication |
US9779423B2 (en) | 2010-11-29 | 2017-10-03 | Biocatch Ltd. | Device, system, and method of generating and managing behavioral biometric cookies |
US10949757B2 (en) | 2010-11-29 | 2021-03-16 | Biocatch Ltd. | System, device, and method of detecting user identity based on motor-control loop model |
US11210674B2 (en) | 2010-11-29 | 2021-12-28 | Biocatch Ltd. | Method, device, and system of detecting mule accounts and accounts used for money laundering |
US10474815B2 (en) | 2010-11-29 | 2019-11-12 | Biocatch Ltd. | System, device, and method of detecting malicious automatic script and code injection |
US9477826B2 (en) | 2010-11-29 | 2016-10-25 | Biocatch Ltd. | Device, system, and method of detecting multiple users accessing the same account |
US9069942B2 (en) | 2010-11-29 | 2015-06-30 | Avi Turgeman | Method and device for confirming computer end-user identity |
US10298614B2 (en) | 2010-11-29 | 2019-05-21 | Biocatch Ltd. | System, device, and method of generating and managing behavioral biometric cookies |
US9450971B2 (en) | 2010-11-29 | 2016-09-20 | Biocatch Ltd. | Device, system, and method of visual login and stochastic cryptography |
US20150205957A1 (en) | 2010-11-29 | 2015-07-23 | Biocatch Ltd. | Method, device, and system of differentiating between a legitimate user and a cyber-attacker |
US9531733B2 (en) | 2010-11-29 | 2016-12-27 | Biocatch Ltd. | Device, system, and method of detecting a remote access user |
US10917431B2 (en) | 2010-11-29 | 2021-02-09 | Biocatch Ltd. | System, method, and device of authenticating a user based on selfie image or selfie video |
US10069837B2 (en) | 2015-07-09 | 2018-09-04 | Biocatch Ltd. | Detection of proxy server |
US9848009B2 (en) | 2010-11-29 | 2017-12-19 | Biocatch Ltd. | Identification of computerized bots and automated cyber-attack modules |
US9531701B2 (en) | 2010-11-29 | 2016-12-27 | Biocatch Ltd. | Method, device, and system of differentiating among users based on responses to interferences |
US10404729B2 (en) | 2010-11-29 | 2019-09-03 | Biocatch Ltd. | Device, method, and system of generating fraud-alerts for cyber-attacks |
US9275337B2 (en) | 2010-11-29 | 2016-03-01 | Biocatch Ltd. | Device, system, and method of detecting user identity based on motor-control loop model |
US10834590B2 (en) | 2010-11-29 | 2020-11-10 | Biocatch Ltd. | Method, device, and system of differentiating between a cyber-attacker and a legitimate user |
US10586036B2 (en) | 2010-11-29 | 2020-03-10 | Biocatch Ltd. | System, device, and method of recovery and resetting of user authentication factor |
US20140317744A1 (en) | 2010-11-29 | 2014-10-23 | Biocatch Ltd. | Device, system, and method of user segmentation |
US10747305B2 (en) | 2010-11-29 | 2020-08-18 | Biocatch Ltd. | Method, system, and device of authenticating identity of a user of an electronic device |
US9626677B2 (en) | 2010-11-29 | 2017-04-18 | Biocatch Ltd. | Identification of computerized bots, and identification of automated cyber-attack modules |
US10949514B2 (en) | 2010-11-29 | 2021-03-16 | Biocatch Ltd. | Device, system, and method of differentiating among users based on detection of hardware components |
US9558339B2 (en) | 2010-11-29 | 2017-01-31 | Biocatch Ltd. | Method, device, and system of protecting a log-in process of a computerized service |
US9703953B2 (en) | 2010-11-29 | 2017-07-11 | Biocatch Ltd. | Method, device, and system of differentiating among users based on user classification |
US10776476B2 (en) | 2010-11-29 | 2020-09-15 | Biocatch Ltd. | System, device, and method of visual login |
US10032010B2 (en) | 2010-11-29 | 2018-07-24 | Biocatch Ltd. | System, device, and method of visual login and stochastic cryptography |
US9418221B2 (en) | 2010-11-29 | 2016-08-16 | Biocatch Ltd. | Method, device, and system of differentiating among users based on responses to injected interferences |
US9838373B2 (en) | 2010-11-29 | 2017-12-05 | Biocatch Ltd. | System, device, and method of detecting a remote access user |
US8938787B2 (en) | 2010-11-29 | 2015-01-20 | Biocatch Ltd. | System, device, and method of detecting identity of a user of a mobile electronic device |
WO2015004598A1 (en) | 2013-07-09 | 2015-01-15 | Biocatch Ltd. | Device, system, and method of differentiating among users of a computerized service |
US10262324B2 (en) | 2010-11-29 | 2019-04-16 | Biocatch Ltd. | System, device, and method of differentiating among users based on user-specific page navigation sequence |
US10897482B2 (en) | 2010-11-29 | 2021-01-19 | Biocatch Ltd. | Method, device, and system of back-coloring, forward-coloring, and fraud detection |
US10970394B2 (en) | 2017-11-21 | 2021-04-06 | Biocatch Ltd. | System, device, and method of detecting vishing attacks |
US11269977B2 (en) | 2010-11-29 | 2022-03-08 | Biocatch Ltd. | System, apparatus, and method of collecting and processing data in electronic devices |
US20120239557A1 (en) | 2010-12-14 | 2012-09-20 | Early Warning Services, Llc | System and method for detecting fraudulent account access and transfers |
TWI430902B (en) | 2010-12-15 | 2014-03-21 | Wistron Neweb Corp | Wireless signal transceiver and blind spot detection system |
US20120158503A1 (en) | 2010-12-17 | 2012-06-21 | Ebay Inc. | Identifying purchase patterns and marketing based on user mood |
US8749486B2 (en) | 2010-12-21 | 2014-06-10 | Stmicroelectronics, Inc. | Control surface for touch and multi-touch control of a cursor using a micro electro mechanical system (MEMS) sensor |
US9027122B2 (en) | 2010-12-22 | 2015-05-05 | Yahoo! Inc. | Isolation tool for user assistance in solving a captcha test |
IT1403435B1 (en) | 2010-12-27 | 2013-10-17 | Conti | USER AUTHENTICATION PROCEDURE FOR ACCESS TO A MOBILE AND CORRESPONDING USER MOBILE TERMINAL TERMINAL. |
US20120167170A1 (en) | 2010-12-28 | 2012-06-28 | Nokia Corporation | Method and apparatus for providing passive user identification |
US8543833B2 (en) | 2010-12-29 | 2013-09-24 | Microsoft Corporation | User identification with biokinematic input |
IL210698A0 (en) | 2011-01-17 | 2011-06-30 | Robert Moskovitch | Method for contnuously verifying user identity via keystroke dynamics |
KR20120084860A (en) | 2011-01-21 | 2012-07-31 | 삼성전자주식회사 | Method for inputting in capacity touch screen terminal and device thereof |
WO2012107879A2 (en) | 2011-02-10 | 2012-08-16 | Site Black Box Ltd. | DISTINGUISH VALID USERS FROM BOTS, OCRs AND THIRD PARTY SOLVERS WHEN PRESENTING CAPTCHA |
US20120218193A1 (en) | 2011-02-28 | 2012-08-30 | Research In Motion Limited | Patterned activation of piezoelectric actuators |
RU2013141626A (en) | 2011-03-07 | 2015-04-20 | Роберто ГИОРИ | SYSTEM AND METHOD OF PROVIDING AND TRANSFER OF INTERCHANGEABLE ELECTRONIC MONEY |
US8170953B1 (en) | 2011-03-18 | 2012-05-01 | Visa International Service Association | Systems and method for screening payment transactions |
WO2012128916A2 (en) | 2011-03-24 | 2012-09-27 | AYaH, LLC | Method for generating a human likeness score |
US9514297B2 (en) | 2011-03-28 | 2016-12-06 | Htc Corporation | Systems and methods for gesture lock obfuscation |
US9047464B2 (en) | 2011-04-11 | 2015-06-02 | NSS Lab Works LLC | Continuous monitoring of computer user and computer activities |
EP3324665B1 (en) | 2011-04-27 | 2022-03-30 | Seven Networks, LLC | Detection and filtering of malware based on traffic observations made in a distributed mobile traffic management system |
US8793377B2 (en) | 2011-05-03 | 2014-07-29 | International Business Machines Corporation | Identifying optimal virtual machine images in a networked computing environment |
US9003519B2 (en) | 2011-05-16 | 2015-04-07 | At&T Intellectual Property I, L.P. | Verifying transactions using out-of-band devices |
GB201109311D0 (en) | 2011-06-03 | 2011-07-20 | Avimir Ip Ltd | Method and computer program for providing authentication to control access to a computer system |
EP2541452A1 (en) | 2011-06-29 | 2013-01-02 | Fujitsu Limited | Authentication method of user of electronic device |
US8627096B2 (en) | 2011-07-14 | 2014-01-07 | Sensible Vision, Inc. | System and method for providing secure access to an electronic device using both a screen gesture and facial biometrics |
US8751399B2 (en) | 2011-07-15 | 2014-06-10 | Wal-Mart Stores, Inc. | Multi-channel data driven, real-time anti-money laundering system for electronic payment cards |
US20130024239A1 (en) | 2011-07-20 | 2013-01-24 | Bank Of America Corporation | Insider threat detection |
US8813074B2 (en) | 2011-08-05 | 2014-08-19 | Vmware, Inc. | Detecting and correcting network interruptions using network address translation |
US10031646B2 (en) | 2011-09-07 | 2018-07-24 | Mcafee, Llc | Computer system security dashboard |
ES2755780T3 (en) | 2011-09-16 | 2020-04-23 | Veracode Inc | Automated behavior and static analysis using an instrumented sandbox and machine learning classification for mobile security |
US8555077B2 (en) | 2011-11-23 | 2013-10-08 | Elwha Llc | Determining device identity using a behavioral fingerprint |
US8803825B2 (en) | 2011-09-27 | 2014-08-12 | Carefusion 303, Inc. | System and method for filtering touch screen inputs |
US9195351B1 (en) | 2011-09-28 | 2015-11-24 | Amazon Technologies, Inc. | Capacitive stylus |
US20130088434A1 (en) | 2011-10-06 | 2013-04-11 | Sony Ericsson Mobile Communications Ab | Accessory to improve user experience with an electronic display |
US9021565B2 (en) | 2011-10-13 | 2015-04-28 | At&T Intellectual Property I, L.P. | Authentication techniques utilizing a computing device |
US9439602B2 (en) | 2011-10-26 | 2016-09-13 | Dexcom, Inc. | Alert system for hypo and hyperglycemia prevention based on clinical risk |
US20130111586A1 (en) | 2011-10-27 | 2013-05-02 | Warren Jackson | Computing security mechanism |
KR101841039B1 (en) | 2011-11-28 | 2018-03-28 | 삼성전자주식회사 | Method for authenticating password and Portable Device thereof |
US20130135218A1 (en) | 2011-11-30 | 2013-05-30 | Arbitron Inc. | Tactile and gestational identification and linking to media consumption |
KR101637107B1 (en) | 2011-12-13 | 2016-07-20 | 인텔 코포레이션 | Orientation aware authentication on mobile platforms |
US20130154999A1 (en) | 2011-12-19 | 2013-06-20 | David Brent GUARD | Multi-Surface Touch Sensor Device With User Action Detection |
CN103186329B (en) | 2011-12-27 | 2017-08-18 | 富泰华工业(深圳)有限公司 | Electronic equipment and its touch input control method |
US8977704B2 (en) | 2011-12-29 | 2015-03-10 | Nokia Corporation | Method and apparatus for flexible caching of delivered media |
US9519769B2 (en) | 2012-01-09 | 2016-12-13 | Sensible Vision, Inc. | System and method for disabling secure access to an electronic device using detection of a predetermined device orientation |
US8806610B2 (en) * | 2012-01-31 | 2014-08-12 | Dell Products L.P. | Multilevel passcode authentication |
US9325806B2 (en) | 2012-02-24 | 2016-04-26 | Qualcomm Incorporated | Cooperative loading of webpages based on shared meta information |
US9256715B2 (en) | 2012-03-09 | 2016-02-09 | Dell Products L.P. | Authentication using physical interaction characteristics |
US20130243208A1 (en) | 2012-03-19 | 2013-09-19 | Mark S. Fawer | Computer user alertness monitoring system |
KR20130106519A (en) | 2012-03-20 | 2013-09-30 | 삼성전자주식회사 | Method and apparatus for managing history of web-browser |
US8880441B1 (en) | 2012-03-29 | 2014-11-04 | Emc Corporation | Click stream analysis for fraud detection |
US9305260B2 (en) | 2012-04-24 | 2016-04-05 | Behaviometrics Ab | System and method for distinguishing human swipe input sequence behavior |
WO2013161077A1 (en) | 2012-04-27 | 2013-10-31 | 富士通フロンテック株式会社 | Biometric authentication device, biometric authentication program, and biometric authentication method |
US9497212B2 (en) | 2012-05-21 | 2016-11-15 | Fortinet, Inc. | Detecting malicious resources in a network based upon active client reputation monitoring |
WO2014004399A1 (en) | 2012-06-25 | 2014-01-03 | Visa International Service Association | Method and system for data security utilizing user behavior and device identification |
US9430778B2 (en) | 2012-07-30 | 2016-08-30 | Kount Inc. | Authenticating users for accurate online audience measurement |
US9330257B2 (en) | 2012-08-15 | 2016-05-03 | Qualcomm Incorporated | Adaptive observation of behavioral features on a mobile device |
US8819812B1 (en) | 2012-08-16 | 2014-08-26 | Amazon Technologies, Inc. | Gesture recognition for device input |
US9390681B2 (en) | 2012-09-11 | 2016-07-12 | Apple Inc. | Temporal filtering for dynamic pixel and backlight control |
US20140078061A1 (en) | 2012-09-20 | 2014-03-20 | Teledyne Scientific & Imaging, Llc | Cognitive biometrics using mouse perturbation |
US20140082369A1 (en) | 2012-09-20 | 2014-03-20 | Futurwei Technologies Inc. | Method and System For Object Access and Usage Control Using Location and Access Boundary Shape Information |
US8725636B1 (en) | 2012-10-22 | 2014-05-13 | Trusteer Ltd. | Method for detecting fraudulent money transfer |
KR101995278B1 (en) | 2012-10-23 | 2019-07-02 | 삼성전자 주식회사 | Method and apparatus for displaying ui of touch device |
US20140118520A1 (en) | 2012-10-29 | 2014-05-01 | Motorola Mobility Llc | Seamless authorized access to an electronic device |
US9301140B1 (en) | 2012-11-06 | 2016-03-29 | Behaviometrics Ab | Behavioral authentication system using a secure element, a behaviometric server and cryptographic servers to authenticate users |
US9166962B2 (en) | 2012-11-14 | 2015-10-20 | Blackberry Limited | Mobile communications device providing heuristic security authentication features and related methods |
WO2014078569A1 (en) | 2012-11-14 | 2014-05-22 | The 41St Parameter, Inc. | Systems and methods of global identification |
GB2508190A (en) | 2012-11-22 | 2014-05-28 | Wonga Technology Ltd | Monitoring user interaction with webpages using unique identifiers for page components |
US8832823B2 (en) | 2012-12-04 | 2014-09-09 | International Business Machines Corporation | User access control based on handheld device orientation |
US9355231B2 (en) | 2012-12-05 | 2016-05-31 | Telesign Corporation | Frictionless multi-factor authentication system and method |
US20140168093A1 (en) | 2012-12-13 | 2014-06-19 | Nvidia Corporation | Method and system of emulating pressure sensitivity on a surface |
US9154534B1 (en) | 2013-01-02 | 2015-10-06 | Amazon Technologies, Inc. | Multiple media device infrastructure |
US9461992B2 (en) | 2013-01-09 | 2016-10-04 | Chris Outwater | Smartphone based identification, access control, testing, and evaluation |
US9300464B1 (en) | 2013-02-12 | 2016-03-29 | Amazon Technologies, Inc. | Probabilistic key rotation |
US20140244499A1 (en) | 2013-02-26 | 2014-08-28 | The Western Union Company | Off-shore money transfer transaction system and method |
US9584543B2 (en) | 2013-03-05 | 2017-02-28 | White Ops, Inc. | Method and system for web integrity validator |
US9223950B2 (en) | 2013-03-05 | 2015-12-29 | Intel Corporation | Security challenge assisted password proxy |
US9525789B2 (en) | 2013-03-15 | 2016-12-20 | Dropbox, Inc. | Shuffle algorithm and navigation |
US9178908B2 (en) | 2013-03-15 | 2015-11-03 | Shape Security, Inc. | Protecting against the introduction of alien content |
US9754149B2 (en) | 2013-04-01 | 2017-09-05 | AMI Research & Development, LLC | Fingerprint based smart phone user verification |
US9589120B2 (en) | 2013-04-05 | 2017-03-07 | Microsoft Technology Licensing, Llc | Behavior based authentication for touch screen devices |
US20140310764A1 (en) | 2013-04-12 | 2014-10-16 | Verizon Patent And Licensing Inc. | Method and apparatus for providing user authentication and identification based on gestures |
ES2701613T3 (en) | 2013-06-24 | 2019-02-25 | Telefonica Digital Espana Slu | A method implemented by computer to prevent attacks against user authentication and software products thereof |
JP2015011401A (en) | 2013-06-26 | 2015-01-19 | 富士通株式会社 | Electronic device and control program |
GB2515757A (en) | 2013-07-02 | 2015-01-07 | Ibm | Managing virtual machine policy compliance |
US9665213B2 (en) | 2013-08-30 | 2017-05-30 | Maxim Integrated Products, Inc. | Detecting pressure exerted on a touch surface and providing feedback |
US9898642B2 (en) | 2013-09-09 | 2018-02-20 | Apple Inc. | Device, method, and graphical user interface for manipulating user interfaces based on fingerprint sensor inputs |
US20150081549A1 (en) | 2013-09-18 | 2015-03-19 | Mastercard International Incorporated | Methods and systems for screening electronic money transfer transactions |
US9355234B1 (en) | 2013-09-27 | 2016-05-31 | Emc Corporation | Authentication involving selection among different biometric methods dynamically |
US9001082B1 (en) | 2013-09-27 | 2015-04-07 | Sensel, Inc. | Touch sensor detector system and method |
US20150101031A1 (en) | 2013-10-04 | 2015-04-09 | Deviceauthority, Inc. | Verification that an authenticated user is in physical possession of a client device |
JP2015090589A (en) | 2013-11-06 | 2015-05-11 | ソニー株式会社 | Authentication control system, authentication control method, and program |
US9552615B2 (en) | 2013-12-20 | 2017-01-24 | Palantir Technologies Inc. | Automated database analysis to detect malfeasance |
US10248771B1 (en) | 2014-01-24 | 2019-04-02 | Microstrategy Incorporated | Performing biometrics operations in uncontrolled environments |
US9223955B2 (en) | 2014-01-30 | 2015-12-29 | Microsoft Corporation | User-authentication gestures |
US9747428B2 (en) | 2014-01-30 | 2017-08-29 | Qualcomm Incorporated | Dynamic keyboard and touchscreen biometrics |
US10248804B2 (en) | 2014-01-31 | 2019-04-02 | The Arizona Board Of Regents On Behalf Of The University Of Arizona | Fraudulent application detection system and method of use |
US20160012465A1 (en) | 2014-02-08 | 2016-01-14 | Jeffrey A. Sharp | System and method for distributing, receiving, and using funds or credits and apparatus thereof |
US10032008B2 (en) | 2014-02-23 | 2018-07-24 | Qualcomm Incorporated | Trust broker authentication method for mobile devices |
US9158426B1 (en) | 2014-03-19 | 2015-10-13 | Google Inc. | Touch keyboard calibration |
US9384629B2 (en) | 2014-03-31 | 2016-07-05 | Fresh Idea Global Limited | Automated money laundering detection, notification, and reporting techniques implemented at casino gaming networks |
CA2946695C (en) | 2014-04-25 | 2021-05-04 | Securebrain Corporation | Fraud detection network system and fraud detection method |
US9529987B2 (en) | 2014-05-09 | 2016-12-27 | Behaviometrics Ab | Behavioral authentication system using a behavior server for authentication of multiple users based on their behavior |
US9531710B2 (en) | 2014-05-09 | 2016-12-27 | Behaviometrics Ab | Behavioral authentication system using a biometric fingerprint sensor and user behavior for authentication |
US20150348038A1 (en) | 2014-06-03 | 2015-12-03 | Moneygram International, Inc. | Method and Apparatus for Money Transfer to an Account |
EP3152922A2 (en) | 2014-06-04 | 2017-04-12 | Sonova AG | Hearing assistance system and method |
US11310312B2 (en) | 2014-07-07 | 2022-04-19 | Citrix Systems, Inc. | Peer to peer remote application discovery |
US9639680B2 (en) | 2014-07-29 | 2017-05-02 | Google Inc. | Allowing access to applications based on user handling measurements |
RU2580032C2 (en) | 2014-08-01 | 2016-04-10 | Закрытое акционерное общество "Лаборатория Касперского" | System and method of determining the category of proxy application |
US9311464B2 (en) | 2014-08-19 | 2016-04-12 | Airwatch, Llc | Authentication via accelerometer |
US9788203B2 (en) | 2014-08-19 | 2017-10-10 | Zighra Inc. | System and method for implicit authentication |
US9589118B2 (en) | 2014-08-20 | 2017-03-07 | Google Technology Holdings LLC | Context-based authentication mode selection |
KR20160032611A (en) | 2014-09-16 | 2016-03-24 | 삼성전자주식회사 | Method and apparatus for controlling an electronic device using a touch input |
US9992207B2 (en) | 2014-09-23 | 2018-06-05 | Qualcomm Incorporated | Scalable authentication process selection based upon sensor inputs |
US9946371B2 (en) | 2014-10-16 | 2018-04-17 | Qualcomm Incorporated | System and method for using touch orientation to distinguish between users of a touch panel |
WO2016080995A1 (en) * | 2014-11-20 | 2016-05-26 | General Electric Company | Methods and systems for accessing a secure system |
US20160155126A1 (en) | 2014-12-02 | 2016-06-02 | Jack Nicholes D'Uva | Method for Implementing and Integrating Biometric Markers, Identification, Real-Time Transaction Monitoring with Fraud Detection and Anti-Money Laundering Predictive Modeling Systems |
US9210185B1 (en) | 2014-12-05 | 2015-12-08 | Lookingglass Cyber Solutions, Inc. | Cyber threat monitor and control apparatuses, methods and systems |
US9710316B1 (en) | 2014-12-18 | 2017-07-18 | Amazon Technologies, Inc. | Flexible scripting platform for troubleshooting |
US9578024B2 (en) | 2014-12-18 | 2017-02-21 | Sri International | Continuous authentic of mobile device users |
US9489096B2 (en) | 2014-12-23 | 2016-11-08 | Sony Corporation | Touch screen touch force measurement based on finger deformation speed |
EP3243344A2 (en) | 2015-01-09 | 2017-11-15 | Corning Optical Communications LLC | Multiple application module or unit |
US9927883B1 (en) | 2015-01-12 | 2018-03-27 | Google Llc | Mouse resolution estimation |
US20160209948A1 (en) | 2015-01-19 | 2016-07-21 | David John Tulbert | Human-machine interface |
CN107209580A (en) | 2015-01-29 | 2017-09-26 | 艾尔希格科技股份有限公司 | Identification system and method based on action |
US9305155B1 (en) | 2015-02-12 | 2016-04-05 | United Services Automobile Association (Usaa) | Toggling biometric authentication |
US9536072B2 (en) | 2015-04-09 | 2017-01-03 | Qualcomm Incorporated | Machine-learning behavioral analysis to detect device theft and unauthorized device usage |
US9654485B1 (en) | 2015-04-13 | 2017-05-16 | Fireeye, Inc. | Analytics-based security monitoring system and method |
JP6503881B2 (en) | 2015-05-20 | 2019-04-24 | 株式会社リコー | Content providing system, information processing apparatus, program, content reproducing method |
GB2539705B (en) | 2015-06-25 | 2017-10-25 | Aimbrain Solutions Ltd | Conditional behavioural biometrics |
US9407652B1 (en) | 2015-06-26 | 2016-08-02 | Palantir Technologies Inc. | Network anomaly detection |
US20180012227A1 (en) | 2016-07-05 | 2018-01-11 | NXT-ID, Inc. | Biometric, Behavioral-Metric, Knowledge-Metric, and Electronic-Metric Directed Authentication and Transaction Method and System |
US20170063858A1 (en) | 2015-08-31 | 2017-03-02 | Ca, Inc. | Alertness Based Authorization |
US9798290B2 (en) | 2015-09-25 | 2017-10-24 | City University Of Hong Kong | Holographic encryption of multi-dimensional images and decryption of encrypted multi-dimensional images |
US9973621B2 (en) | 2015-11-23 | 2018-05-15 | Google Llc | Cross-device security scheme for tethered devices |
GB2552032B (en) | 2016-07-08 | 2019-05-22 | Aimbrain Solutions Ltd | Step-up authentication |
GB2552152B (en) | 2016-07-08 | 2019-07-03 | Aimbrain Solutions Ltd | Obscuring data |
US10467394B2 (en) | 2016-07-11 | 2019-11-05 | International Business Machines Corporation | Pointing device biometrics for continuous user authentication |
US10489577B2 (en) | 2016-08-11 | 2019-11-26 | Onenigma LLC | Identifying one or more users based on typing pattern and/or behavior |
GB2554399B (en) | 2016-09-26 | 2020-02-12 | Aimbrain Solutions Ltd | Testing the suitability of an authentication process by passive availability testing |
US10198122B2 (en) | 2016-09-30 | 2019-02-05 | Biocatch Ltd. | System, device, and method of estimating force applied to a touch surface |
US10291646B2 (en) | 2016-10-03 | 2019-05-14 | Telepathy Labs, Inc. | System and method for audio fingerprinting for attack detection |
US10579784B2 (en) | 2016-11-02 | 2020-03-03 | Biocatch Ltd. | System, device, and method of secure utilization of fingerprints for user authentication |
US11102225B2 (en) | 2017-04-17 | 2021-08-24 | Splunk Inc. | Detecting fraud by correlating user behavior biometrics with other data sources |
US11036767B2 (en) | 2017-06-26 | 2021-06-15 | Jpmorgan Chase Bank, N.A. | System and method for providing database abstraction and data linkage |
US10397262B2 (en) | 2017-07-20 | 2019-08-27 | Biocatch Ltd. | Device, system, and method of detecting overlay malware |
US10791111B2 (en) | 2017-10-25 | 2020-09-29 | International Business Machines Corporation | Multi-step authentication using objective and subjective credentials |
US11103773B2 (en) | 2018-07-27 | 2021-08-31 | Yogesh Rathod | Displaying virtual objects based on recognition of real world object and identification of real world object associated location or geofence |
-
2016
- 2016-07-08 GB GB1611932.3A patent/GB2552032B/en active Active
-
2017
- 2017-07-06 US US16/316,165 patent/US11055395B2/en active Active
- 2017-07-06 EP EP17739667.8A patent/EP3482545A1/en not_active Withdrawn
- 2017-07-06 WO PCT/GB2017/051997 patent/WO2018007823A1/en unknown
-
2021
- 2021-06-03 US US17/337,485 patent/US20210286870A1/en not_active Abandoned
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7039951B1 (en) * | 2000-06-06 | 2006-05-02 | International Business Machines Corporation | System and method for confidence based incremental access authentication |
US8621209B1 (en) * | 2011-10-19 | 2013-12-31 | Amazon Technologies, Inc. | Confidence-based authentication |
US9203860B1 (en) * | 2012-03-20 | 2015-12-01 | United Services Automobile Association (Usaa) | Dynamic risk engine |
US20140289833A1 (en) * | 2013-03-22 | 2014-09-25 | Marc Briceno | Advanced authentication techniques and applications |
US20160212115A1 (en) * | 2015-01-19 | 2016-07-21 | Dell Products, Lp | System and Method for Providing Confidence Scores in a Persistent Framework |
US9426139B1 (en) * | 2015-03-30 | 2016-08-23 | Amazon Technologies, Inc. | Triggering a request for an authentication |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11330012B2 (en) | 2010-11-29 | 2022-05-10 | Biocatch Ltd. | System, method, and device of authenticating a user based on selfie image or selfie video |
US11425563B2 (en) | 2010-11-29 | 2022-08-23 | Biocatch Ltd. | Method, device, and system of differentiating between a cyber-attacker and a legitimate user |
US11580553B2 (en) | 2010-11-29 | 2023-02-14 | Biocatch Ltd. | Method, device, and system of detecting mule accounts and accounts used for money laundering |
US11838118B2 (en) | 2010-11-29 | 2023-12-05 | Biocatch Ltd. | Device, system, and method of detecting vishing attacks |
US11323451B2 (en) | 2015-07-09 | 2022-05-03 | Biocatch Ltd. | System, device, and method for detection of proxy server |
US11606353B2 (en) | 2021-07-22 | 2023-03-14 | Biocatch Ltd. | System, device, and method of generating and utilizing one-time passwords |
Also Published As
Publication number | Publication date |
---|---|
US11055395B2 (en) | 2021-07-06 |
WO2018007823A1 (en) | 2018-01-11 |
EP3482545A1 (en) | 2019-05-15 |
US20210004451A1 (en) | 2021-01-07 |
GB2552032A (en) | 2018-01-10 |
GB201611932D0 (en) | 2016-08-24 |
GB2552032B (en) | 2019-05-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20210286870A1 (en) | Step-Up Authentication | |
US11783018B2 (en) | Biometric authentication | |
US12010513B2 (en) | Method for automatic possession-factor authentication | |
EP3516569B1 (en) | Passive availability testing | |
US11637824B2 (en) | Multi-factor authentication devices | |
US10440019B2 (en) | Method, computer program, and system for identifying multiple users based on their behavior | |
ES2960052T3 (en) | System and method for adaptively determining an optimal authentication scheme | |
US20170227995A1 (en) | Method and system for implicit authentication | |
EP3482331B1 (en) | Obscuring data when gathering behavioral data | |
US10135817B2 (en) | Enhancing authentication and source of proof through a dynamically updatable biometrics database | |
US9716593B2 (en) | Leveraging multiple biometrics for enabling user access to security metadata | |
CN107924436A (en) | Control is accessed using the electronic device of biological identification technology | |
CN111819590A (en) | Electronic device and authentication method thereof | |
US9202035B1 (en) | User authentication based on biometric handwriting aspects of a handwritten code | |
US20120117633A1 (en) | Enhanced Security For Pervasive Devices Using A Weighting System | |
WO2016188230A1 (en) | Unlocking method and device | |
US20130198836A1 (en) | Facial Recognition Streamlined Login | |
CN111353139A (en) | Continuous authentication method and device, electronic equipment and storage medium | |
CN117195930A (en) | Counter business processing method, device, computer equipment and storage medium | |
JP2012084099A (en) | Biometric authentication system using biometric authentication failure information | |
WO2014167487A2 (en) | A task completion authentication system and method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
AS | Assignment |
Owner name: AIMBRAIN SOLUTIONS LTD., UNITED KINGDOM Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:NOVIK, ALESIS;SUTAS, ANDRIUS;REEL/FRAME:057266/0071 Effective date: 20190131 |
|
AS | Assignment |
Owner name: BIOCATCH LTD., ISRAEL Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:AIMBRAIN SOLUTIONS LTD.;REEL/FRAME:057353/0633 Effective date: 20200106 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |