Browse Prior Art Database

Method and system for pre and post activities during authentication process

IP.com Disclosure Number: IPCOM000249509D
Publication Date: 2017-Mar-02
Document File: 3 page(s) / 52K

Publishing Venue

The IP.com Prior Art Database

Abstract

This article proposes a hack-proof system and method utilizing gestures for authentication. Today usage of Gestures in authentication is increasing and is being used in number of authentication systems and techniques. But successfully implementing them as a security layer requires reliable gesture recognition as well as poses a challenge of ensuring it hack-proof, more so when authentication happens in public.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

1

Method and system for pre and post activities during authentication process

Background

There are multiple authentication methods which uses password or gesture or combination of both. User has to perform required gesture to authenticate the device /process. There is an increasing need and of course challenges in ensuring the methods developed are hack-proof and to develop effective counter measures to ever increasing threats.

Shortcomings in the existing solutions

Gesture or password based authentication can be tracked by surrounding people, and the device can be hacked if the user kept the device unattended. Deal with having gestures in the authentication process which would be pre-defined. If the same gestures are repeated by anyone else, the system can be hacked .So there is need for a system which makes use of additional actions/gestures for authentication.

Proposed solution

The article proposes a method and system as below

1. Before and after providing any password or gesture based authentication, software installed in mobile device will gather pre and post activity performed by the user and will use the same as another input for authentication key.

2. Software will gather the pattern of pre and post activity accordingly appropriate level of authentication will be given to the user. So software installed in the mobile device will track user’s body and/or hand movement to identify the pattern of activity, accordingly level of authentication will be selected.

3. User has to define various pre and post actions to create different types of authentication logic. The mobile device will communicate with associate devices of the user (Smart watch, E-textile based dress) to find pre and post action during authentication process. User can define various pre and post action along with gesture to unlock mobile device, open app and configuration of app etc.

4. The pre and post activities can be mapped as a data set in such a way that user need not enter the same gestures always. Rather they can perform any pre-defined pre-activity but the post activity should be the corresponding one in the data set or some may not need a post activity

5. Also after doing pre activity and entering pin, there need not be a submit/enter button but the trigger for submit can be the post activity so that hacker would not know where the login page would redirect to

6. The password can be a combination of entered characters, pre and post acitivites. eg) "****" in password box means first * is entered character, second and third *s are activities and 4th * is again entered character. So, for the first and 4th characters, it would wait for typed input and for 2nd and 3rd, it would wait for activities

7. Anyone .who tries to replicate the proposed authentication will not know if pre

2

and post activity exist as these are normal activities that anyone would do and hacker would not know whether the system requires pre and/or post activities. Also user can select any set of ac...