Browse Prior Art Database

Network Authentication based on mobile device orientation.

IP.com Disclosure Number: IPCOM000238598D
Publication Date: 2014-Sep-05
Document File: 6 page(s) / 81K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a method of multi-factor authentication using device orientation. The method combines technology in the user’s possession with a known factor; it offers security by combining something the must have with something the user must know.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 01 of 6

Network Authentication based on mobile device orientation.

Secure authentication is a highly addressed topic in cybersecurity. A common approach is the use of multi-factor authentication techniques, in which the user is authenticated through means in addition to the username and password combination . Using multi factor authentication is effective but is costly in terms of effort , time, and money to install and ensure it is functional. Existing solutions offer security but lack usability as the user straggles with the numbers, captcha, text messages, phone calls, security codes, etc. just gain access to the accounts.

Currently, enterprises offer many two factor authentication (2FA) approaches such as one time passwords (OTP), which require an additional device (e.g., fob) and finger print readers, which offer a biometric multi-factor authentication process to access applications. This approach is limited, however, as not all devices have the hardware needed to read the use's fingerprint or other biometric authentication.

The novel contribution is a method of multi-factor authentication using device orientation. This is not a captcha-based authentication method, but combines technology in the user's possession with a known factor. The method offers security by combining something the user has with something the user knows.

The solution offers a user-friendly second factor authentication method that uses a smart phone and provides a simple way for users to access accounts. The method enables security for web applications and allows the user to handle this in an easy and friendly way.

The method includes authenticating a network-based system with the usage of a device that is equipped with an accelerometer. During the authentication process, the web-based application that the user needs to access (Application) generates a line displayed on the screen of the user's device (e.g., laptop computer). This line is set with some random pre-calculated slope degree. The user has to position the mobile device (Device) to the same slope. The Device must be pre-registered with the authenticating application in order to enforce security. The use of the device's live-camera is possible for cases in which the device is not suited for the comparison with the actual display.

This method offers an alternative solution to captcha. Any network based authentication process that offers graphical feedback to the user ca...