Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

System and method for using premeditation as a factor in multi-factor authentication

IP.com Disclosure Number: IPCOM000236080D
Publication Date: 2014-Apr-04
Document File: 2 page(s) / 69K

Publishing Venue

The IP.com Prior Art Database

Abstract

This article describes a novel method for incorporating information about a user's premeditated actions in multi-factor authentication systems.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 54% of the total text.

Page 01 of 2

System and method for using premeditation as a factor in multi-factor authentication

Multi-factor authentication is an increasingly common approach to authentication

which requires at least two of the following factors to be presented:
something that only the user knows (e.g. a password)
something that only the user has (e.g. a smart card, a mobile phone) something that only the user is (e.g. biometric characteristics)

In addition where the user is located is increasingly used as a factor. Multi-factor authentication has emerged from the need to provide increased security in the face of those who may be able to compromise something secured by

just one factor. For example by compromising a user's password.

    In this article we propose the means for including an additional factor of premeditation into multi-factor authentication systems to increase security.

    The proposed technology can also be used to facilitate improved user experience at the point of use. For example the Oyster card electronic ticketing system used on public transport in London uses near field communication (NFC) to facilitate contactless payments. The use of such cards allows for payments, often limited to relatively small amounts, to be made quickly. In the case of Oyster cards,

when placed near an electronic reader all that is required is for the system to check

that the card is active and that sufficient funds are available, before allowing the passenger to proceed. This is in contrast to chip and PIN transactions which take considerably longer as the user must enter their PIN and have this verified.

    The ease of payment provided by contactless cards described above comes at the cost that only one authentication factor is required. By their very nature, devices built around NFC have the potential to be cloned as described in this article, circumventing the security by possession. Today's use of NFC is protected by the service providers. In the case of Oyster cards, these can be registered and if lost or stolen it may be possible to get a refund but this is subject to a administration fee. Other, such as contactless credit/debit card providers may also track card usage for suspicious use. These are however reactive responses to lost/stolen cards or fraudulent use. This invention by contrast is a pro-active security measure.

    Below is the mechanism for incorporating information about a user's premeditated actions in multi-factor authentication systems. The invention works by using user's intentions (calendar entries, to do list entries etc) and correlating the...