Search

US-12621293-B2 - Systems and methods for peer-to-peer single use access token

US12621293B2US 12621293 B2US12621293 B2US 12621293B2US-12621293-B2

Abstract

A system of enhancing biometric analysis matching utilizes an image sensor, such as a digital camera, to capture an image of a face of a person. The system may perform image enhancement, such as edge and contrast enhancement, prior to performing face matching. The enhancement may be localized to a given image region based on determined region illumination. The system may perform image processing and analysis comprising face detection, alignment, feature extraction, and recognition. A biometric recognition confidence indicator may be generated using the results of the image enhancement and analysis. At least partly in response to the biometric recognition confidence indicator falling below a threshold enhancing recognition confidence using an image of visual indicia captured using the image sensor.

Inventors

  • Michael J. Rojas

Assignees

  • AXS Group LLC

Dates

Publication Date
20260505
Application Date
20240906

Claims (20)

  1. 1 . A computer-implemented method of electronically generating a time-limited one-use access token, the method comprising: receiving, at a computer system from a user at a first venue of a first event, a request, for a one-use optical token; receiving at the computer system an electronic address from the user at the first venue of the first event, the electronic address purported to be associated with an access right acquired remote from the first venue for the first event at the first venue; performing a search of a database for a record associated with the electronic address; at least partly in response to identifying a first record associated with the electronic address, determining if the first record is associated with the access right for the first event; at least partly in response to determining the first record is associated with the access right for the first event, generating a token comprising a computer readable optical code comprising a device identifier, a user identifier, and a timestamp; determining an expiration time associated with the token comprising the computer readable optical code comprising the device identifier, the user identifier, and the timestamp, wherein the computer readable optical code does not include a ticket, a venue identifier, or an event identifier; determining a seat associated with the first record; while the first user is at the first venue, transmitting, using a messaging service to the electronic address, the expiration time, a seat identifier corresponding to the seat associated with the first record, the token, the token comprising the computer readable optical code comprising the device identifier, the user identifier, and the timestamp, wherein the electronic address is accessible by a first device of the first user; reading using a first optical reader, from a display of the first device, the token comprising the computer readable optical code comprising the device identifier and the user identifier; determining whether the device identifier and the user identifier correspond to that in the first record; and at least partly in response to determining that the device identifier and the user identifier correspond to that in the first record, transmitting a command causing an access granted indicator to be presented by a first venue device.
  2. 2 . The method of claim 1 , wherein the first optical reader is located at a perimeter access point, the method further comprising: reading using a second optical reader, located at an interior access point of the first venue, the token comprising the computer readable optical code comprising the device identifier and the user identifier; determining whether the device identifier and the user identifier correspond to that in the first record; and at least partly in response to determining that the device identifier and the user identifier correspond to that in the first record, transmitting a command causing an access granted indicator to be presented by a second venue device located at or proximate to the interior access point of the first venue.
  3. 3 . The method of claim 1 , wherein the first optical reader is located at a perimeter access point, the method further comprising: determining, for a second user associated with a mobile communication device, that a user identifier and/or device identifier are not available from a second user record; generating a second computer readable optical code comprising: a second timestamp, a mock mobile identifier having a mobile identifier format different than the mobile identifier of the mobile communication device; a mock user identifier having a user identifier format; generating a dummy record comprising the mock mobile identifier and the mock user identifier; reading using a given venue optical reader, from a display of the mobile communication device associated with the second user, the second computer readable optical code comprising the mock device identifier and the mock user identifier; determining whether the mock device identifier and the mock user identifier correspond to that in the dummy record; and at least partly in response to determining that the mock device identifier and the mock user identifier correspond to that in the dummy record, transmitting a second command causing a second access granted indicator to be presented by a given venue device.
  4. 4 . The method of claim 1 , wherein the first optical reader is located at a perimeter access point, the method further comprising: reading using a second optical reader, located at an interior access point of the first venue, a second token comprising a second computer readable optical code comprising a second device identifier and a second user identifier; determining whether the second token had been read by the first optical reader, wherein the first optical reader is located at the perimeter access point; and at least partly in response to determining that the second token has not been read by the first optical reader, causing an access denied indicator to be presented by a second venue device located at the interior access point of the first venue.
  5. 5 . The method of claim 1 , wherein the token comprising the computer readable optical code comprising the device identifier, the user identifier, and the timestamp further comprises error correction implemented using a Bose-Chaudhuri-Hocquenghem code.
  6. 6 . The method of claim 1 , wherein determining the expiration time associated with the token comprising the computer readable optical code comprising the device identifier, the user identifier, and the timestamp, further comprises: accessing a first threshold time period from memory; and summing the first threshold time with the timestamp to provide the expiration time.
  7. 7 . The method of claim 1 , the method further comprising: determining an estimated traversal time from a first location at the first venue to a second location at the first venue; and wherein the timestamp is determined at least partly based on a current time and the estimated traversal time from the first location at the first venue to the second location at the first venue.
  8. 8 . The method of claim 1 , the method further comprising receiving the electronic address from a kiosk having a display and user input device configured to receive identification information comprising an email address and/or a phone number directly from the user.
  9. 9 . A system, the system comprising: a computing device; and non-transitory computer readable memory that stores instructions that when executed by the computing device cause the system to perform operations comprising: receive from a user at a first venue of a first event, a request, for a one-use optical token; receive an electronic address from the user at the first venue of the first event, the electronic address purported to be associated with an access right acquired remote from the first venue for the first event at the first venue; perform a search of a data store for a record associated with the electronic address; at least partly in response to identifying a first record associated with the electronic address, determine if the first record is associated with the access right for the first event; at least partly in response to determining the first record is associated with the access right for the first event, generate a token comprising a computer readable optical code comprising a device identifier and/or a user identifier, and a timestamp; determine an expiration time associated with the token comprising the computer readable optical code comprising the device identifier and/or the user identifier, and the timestamp, wherein the computer readable optical code does not include a ticket, a venue identifier, or an event identifier; while the first user is at the first venue, transmitting to the electronic address, the expiration time, the token, the token comprising the computer readable optical code comprising the device identifier and/or the user identifier, and the timestamp, wherein the electronic address is accessible by a first device of the first user; read using a first optical reader, from a display of the first device, the token comprising the computer readable optical code comprising the device identifier and/or the user identifier; determining whether the device identifier and/or the user identifier correspond to that in the first record; and at least partly in response to determining that the device identifier and/or the user identifier correspond to that in the first record, transmit a command causing an access granted indicator to be presented by a first venue device.
  10. 10 . The system of claim 9 , wherein the first optical reader is located at a perimeter access point, the operations further comprising: reading using a second optical reader, located at an interior access point of the first venue, the token comprising the computer readable optical code comprising the device identifier and the user identifier; determining whether the device identifier and the user identifier correspond to that in the first record; and at least partly in response to determining that the device identifier and the user identifier correspond to that in the first record, transmitting a command causing an access granted indicator to be presented by a second venue device located at or proximate to the interior access point of the first venue.
  11. 11 . The system of claim 9 , wherein the first optical reader is located at a perimeter access point, the operations further comprising: determining, for a second user associated with a mobile communication device, that a user identifier and/or device identifier are not available from a second user record; generating a second computer readable optical code comprising: a second timestamp, a mock mobile identifier having a mobile identifier format different than the mobile identifier of the mobile communication device; a mock user identifier having a user identifier format; generating a dummy record comprising the mock mobile identifier and the mock user identifier; reading using a given venue optical reader, from a display of the mobile communication device associated with the second user, the second computer readable optical code comprising the mock device identifier and the mock user identifier; determining whether the mock device identifier and the mock user identifier correspond to that in the dummy record; and at least partly in response to determining that the mock device identifier and the mock user identifier correspond to that in the dummy record, transmitting a second command causing a second access granted indicator to be presented by a given venue device.
  12. 12 . The system of claim 9 , wherein the first optical reader is located at a perimeter access point, the operations further comprising: reading using a second optical reader, located at an interior access point of the first venue, a second token comprising a second computer readable optical code comprising a second device identifier and a second user identifier; determining whether the second token had been read by the first optical reader, wherein the first optical reader is located at the perimeter access point; and at least partly in response to determining that the second token has not been read by the first optical reader, causing an access denied indicator to be presented by a second venue device located at the interior access point of the first venue.
  13. 13 . The system of claim 9 , wherein the token comprising the computer readable optical code comprising the device identifier and/or the user identifier, and the timestamp further comprises error correction implemented using a Bose-Chaudhuri-Hocquenghem code.
  14. 14 . The system of claim 9 , wherein determining the expiration time associated with the token comprising the computer readable optical code comprising the device identifier and/or the user identifier, and the timestamp, further comprises: accessing a first threshold time period from memory; and summing the first threshold time with the timestamp to provide the expiration time.
  15. 15 . The system of claim 9 , the operations further comprising: determining an estimated traversal time from a first location at the first venue to a second location at the first venue; and wherein the timestamp is determined at least partly based on a current time and the estimated traversal time from the first location at the first venue to the second location at the first venue.
  16. 16 . The system of claim 9 , wherein the computer system is configured to communicate with a kiosk having a display and user input device configured to receive identification information comprising an email address and/or a phone number directly from the user.
  17. 17 . Non-transitory computer readable memory that stores instructions that when executed by a computing system cause the computing system to perform operations comprising: receive from a user at a first venue of a first event, a request, for an optical token; receive an electronic address from the user at the first venue of the first event, the electronic address purported to be associated with an access right acquired remote from the first venue for the first event at the first venue; perform a search of a data store for a record associated with the electronic address; at least partly in response to identifying a first record associated with the electronic address, determine if the first record is associated with the access right for the first event; at least partly in response to determining the first record is associated with the access right for the first event, generate a token comprising a computer readable optical code comprising a device identifier and/or a user identifier, and a timestamp; determine expiration information associated with the token comprising the computer readable optical code comprising the device identifier and/or the user identifier, and the timestamp, wherein the computer readable optical code does not include a ticket, a venue identifier, or an event identifier; while the first user is at the first venue, transmitting, using a messaging service to the electronic address, the expiration information, the token, the token comprising the computer readable optical code comprising the device identifier and/or the user identifier, and the timestamp, wherein the electronic address is accessible by a first device of the first user; read using a first optical reader, from a display of the first device, the token comprising the computer readable optical code comprising the device identifier and/or the user identifier; determining whether the device identifier and/or the user identifier correspond to that in the first record; and at least partly in response to determining that the device identifier and/or the user identifier correspond to that in the first record, transmit a command causing an access granted indicator to be presented by a first venue device.
  18. 18 . The non-transitory computer readable memory of claim 17 , wherein the first optical reader is located at a perimeter access point, the operations further comprising: reading using a second optical reader, located at an interior access point of the first venue, the token comprising the computer readable optical code comprising the device identifier and the user identifier; determining whether the device identifier and the user identifier correspond to that in the first record; and at least partly in response to determining that the device identifier and the user identifier correspond to that in the first record, transmitting a command causing an access granted indicator to be presented by a second venue device located at or proximate to the interior access point of the first venue.
  19. 19 . The non-transitory computer readable memory of claim 17 , wherein the first optical reader is located at a perimeter access point, the operations further comprising: determining, for a second user associated with a mobile communication device, that a user identifier and/or device identifier are not available from a second user record; generating a second computer readable optical code comprising: a second timestamp, a mock mobile identifier having a mobile identifier format different than the mobile identifier of the mobile communication device; a mock user identifier having a user identifier format; generating a dummy record comprising the mock mobile identifier and the mock user identifier; reading using a given venue optical reader, from a display of the mobile communication device associated with the second user, the second computer readable optical code comprising the mock device identifier and the mock user identifier; determining whether the mock device identifier and the mock user identifier correspond to that in the dummy record; and at least partly in response to determining that the mock device identifier and the mock user identifier correspond to that in the dummy record, transmitting a second command causing a second access granted indicator to be presented by a given venue device.
  20. 20 . The non-transitory computer readable memory of claim 17 , wherein the first optical reader is located at a perimeter access point, the operations further comprising: reading using a second optical reader, located at an interior access point of the first venue, a second token comprising a second computer readable optical code comprising a second device identifier and a second user identifier; determining whether the second token had been read by the first optical reader, wherein the first optical reader is located at the perimeter access point; at least partly in response to determining that the second token has not been read by the first optical reader, causing an access denied indicator to be presented by a second venue device located at the interior access point of the first venue.

Description

INCORPORATION BY REFERENCE TO ANY PRIORITY APPLICATIONS Any and all applications for which a foreign or domestic priority claim is identified in the Application Data Sheet as filed with the present application are hereby incorporated by reference under 37 CFR 1.57. BACKGROUND Field The present disclosure is generally related to access tokens and in particular to peer-to-peer provision of access tokens. Description of the Related Art User devices, such as smartphones, are increasingly used to provide access tokens for physical access to a physical location. However, in order for a user device to be used as an access device, typically an application needs to be downloaded to the smartphone and a user needs to login to a pre-established account. Disadvantageously, if cell service or WiFi service are unavailable or are already overutilized, it may not be possible to download the application or it may take an inordinate amount of time to download such an application. This situation may result in the user either unable to gain access to the physical location or having to wait an inordinate amount of time to gain access. SUMMARY The following presents a simplified summary of one or more aspects in order to provide a basic understanding of such aspects. This summary is not an extensive overview of all contemplated aspects, and is intended to neither identify key or critical elements of all aspects nor delineate the scope of any or all aspects. Its sole purpose is to present some concepts of one or more aspects in a simplified form as a prelude to the more detailed description that is presented later. An aspect of the present disclosure relates to a computer-implemented method of electronically generating a time-limited one-use access token, the method comprising: receiving, at a computer system from a user at a first venue of a first event, a request, for a one-use optical token; receiving at the computer system an electronic address from the user at the first venue of the first event, the electronic address purported to be associated with an access right acquired remote from the first venue for the first event at the first venue; performing a search of a database for a record associated with the electronic address; at least partly in response to identifying a first record associated with the electronic address, determining if the first record is associated with the access right for the first event; at least partly in response to determining the first record is associated with the access right for the first event, generating a token comprising a computer readable optical code comprising a device identifier, a user identifier, and a timestamp; determining an expiration time associated with the token comprising the computer readable optical code comprising the device identifier, the user identifier, and the timestamp, wherein the computer readable optical code does not include a ticket, a venue identifier, or an event identifier; determining a seat associated with the first record; while the first user is at the venue, transmitting, using a messaging service to the electronic address, the expiration time, a seat identifier corresponding to the seat associated with the first record, the token, the token comprising the computer readable optical code comprising the device identifier, the user identifier, and the timestamp, wherein the electronic address is accessible by a first device of the first user; reading using a first optical reader, from a display of the first device, the token comprising the computer readable optical code comprising the device identifier and the user identifier; determining whether the device identifier and the user identifier correspond to that in the first record; and at least partly in response to determining that the device identifier and the user identifier correspond to that in the first record, transmitting a command causing an access granted indicator to be presented by a first venue device. Optionally, the first optical reader is located at a perimeter access point, the method further comprising: reading using a second optical reader, located at an interior access point of the venue, the token comprising the computer readable optical code comprising the device identifier and the user identifier; determining whether the device identifier and the user identifier correspond to that in the first record; and at least partly in response to determining that the device identifier and the user identifier correspond to that in the first record, transmitting a command causing an access granted indicator to be presented by a second venue device located at or proximate to the interior access point of the venue. Optionally, the first optical reader is located at a perimeter access point, the method further comprising: determining, for a second user associated with a mobile communication device, that a user identifier and/or device identifier are not available from a second user record; generating a