Search

US-12627655-B2 - Dynamic biometric combination authentication

US12627655B2US 12627655 B2US12627655 B2US 12627655B2US-12627655-B2

Abstract

A request to authenticate a user is received. A random authentication pattern is generated. For example, the random authentication pattern may be for the user to provide a series of biometric scans and/or gesture scans. Instructions for the random authentication pattern are sent to a communication device (e.g., to a smartphone or smartwatch). A generated authentication pattern is received from the communication device. The generated authentication pattern is compared to a stored set of biometric scans and/or gestures scans that are based on the random authentication pattern. The user is authenticated based on the generated authentication pattern meeting a threshold by comparing the generated authentication pattern to the stored set of biometric scans and/or gestures scans.

Inventors

  • Douglas Max Grover
  • Michael F. Angelo

Assignees

  • MICRO FOCUS LLC

Dates

Publication Date
20260512
Application Date
20220304

Claims (20)

  1. 1 . A system comprising: a microprocessor; and a computer readable medium, coupled with the microprocessor and comprising microprocessor readable and executable instructions that, when executed by the microprocessor, cause the microprocessor to: receive a request to authenticate a user; generate a random authentication pattern, wherein the random authentication pattern comprises a dynamic combination of at least one biometric scan and at least one gesture scan; send instructions for the random authentication pattern; receive a generated authentication pattern; compare the generated authentication pattern to a stored set of biometric scans that are based on the random authentication pattern; authenticate the user based on the generated authentication pattern meeting a threshold using the stored set of biometric scans; and detect an attack when at least one of the at least one biometric scan and the at least one gesture scan exhibits a lack of variation in data points relative to a previous biometric scan and/or a previous gesture scan for the user, wherein the lack of variation is identified by a machine learning process as indicative of a playback attack.
  2. 2 . The system of claim 1 , wherein the random authentication pattern changed based on a number of authentications.
  3. 3 . The system of claim 1 , wherein instructions for the random authentication pattern are sent to a communication device via a network, wherein the received generated authentication pattern is received from the communication device via the network, and wherein the random authentication pattern is generated based, at least partially, on a type of the communication device associated with the request to authenticate the user.
  4. 4 . The system of claim 3 , wherein the communication device is a smartwatch and wherein the instructions for the random authentication pattern are for a series of biometric scans at different locations on a wrist of the user.
  5. 5 . The system of claim 1 , wherein the random authentication pattern includes direction information.
  6. 6 . The system of claim 3 , wherein the communication device comprises a fingerprint scanner and wherein the instructions for the random authentication pattern are for a series of biometric scans of one or more fingers and/or locations on the one or more fingers.
  7. 7 . The system of claim 3 , wherein the communication device comprises a camera and wherein the instructions for the random authentication pattern comprise a facial scan and one or more gesture scans.
  8. 8 . The system of claim 3 , wherein the generated authentication pattern is based on biometric types supported by the communication device.
  9. 9 . The system of claim 1 , wherein a length of the generated authentication pattern is different based on a type associated with the user.
  10. 10 . A method comprising: receiving, by a microprocessor, a request to authenticate a user; generating, by the microprocessor, a random authentication pattern, wherein the random authentication pattern comprises a dynamic combination of at least one biometric scan and at least one gesture scan; sending, by the microprocessor, instructions for the random authentication pattern; receiving, by the microprocessor, a generated authentication pattern; comparing, by the microprocessor, the generated authentication pattern to a stored set of biometric scans that are based on the random authentication pattern; and authenticating, by the microprocessor, the user based on the generated authentication pattern meeting a threshold using the stored set of biometric scans; and detecting, by the microprocessor, an attack when at least one of the at least one biometric scan and the at least one gesture scan exhibits a lack of variation in data points relative to a previous biometric scan and/or a previous gesture scan for the user, wherein the lack of variation is identified by a machine learning process as indicative of a playback attack.
  11. 11 . The method of claim 10 , wherein the random authentication pattern changes based on a number of authentications.
  12. 12 . The method of claim 10 , wherein the instructions for the random authentication pattern are sent to a communication device via a network, wherein the received generated authentication pattern is received from the communication device via the network, and wherein the random authentication pattern is generated based, at least partially, on a type of the communication device associated with the request to authenticate the user.
  13. 13 . The method of claim 12 , wherein the communication device is a smartwatch and wherein the instructions for the random authentication pattern are for a series of biometric scans at different locations on a wrist of the user.
  14. 14 . The method of claim 13 , wherein the random authentication pattern includes direction information.
  15. 15 . The method of claim 12 , wherein the communication device comprises a fingerprint scanner and wherein the instructions for the random authentication pattern are for a series of biometric scans of one or more fingers and/or locations on the one or more fingers.
  16. 16 . The method of claim 12 , wherein the communication device comprises a camera and wherein the instructions for the random authentication pattern comprise a facial scan and one or more gesture scans.
  17. 17 . The method of claim 12 , wherein the generated authentication pattern is based on biometric types supported by the communication device.
  18. 18 . The method of claim 10 , wherein a length of the generated authentication pattern is different based on a type associated with the user.
  19. 19 . A communication device comprising: a microprocessor; and a computer readable medium, coupled with the microprocessor and comprising microprocessor readable and executable instructions that, when executed by the microprocessor, cause the microprocessor to: receive a request to authenticate a user; generate a random authentication pattern, wherein the random authentication pattern comprises a dynamic combination of at least one biometric scan and at least one gesture scan; receive, based on the random authentication pattern, a generated set of biometric scans from the user; authenticate the user based on the generated set of biometric scans meeting a threshold using a stored set of biometric scans; and detect an attack when at least one of the at least one biometric scan and the at least one gesture scan exhibits a lack of variation in data points relative to a previous biometric scan and/or a previous gesture scan for the user, wherein the lack of variation is identified by a machine learning process as indicative of a playback attack.
  20. 20 . The communication device of claim 19 , wherein the communication device is a smartwatch.

Description

FIELD The disclosure relates generally to biometric authentication and particularly to dynamic biometric combination authentication. BACKGROUND A problem that exists with biometrics is that they are static and are not interactive. For example, traditional biometric scans are different from other authentication processes, such as, a password that can be changed or where a dynamic code is sent to the user's smartphone (e.g., via a Short Message Service (SMS) message). For traditional biometric scans, a single scan is taken, and the user is authenticated based on the scan. This makes biometrics easier to compromise if the biometric becomes hacked. SUMMARY These and other needs are addressed by the various embodiments and configurations of the present disclosure. The present disclosure can provide a number of advantages depending on the particular configuration. These and other advantages will be apparent from the disclosure contained herein. A request to authenticate a user is received. A random authentication pattern is generated. For example, the random authentication pattern may be for the user to provide a series of biometric scans and/or gesture scans. Instructions for the random authentication pattern are sent to a communication device (e.g., to a smartphone or smartwatch). A generated authentication pattern is received from the communication device. The generated authentication pattern is compared to a stored set of biometric scans and/or gestures scans that are based on the random authentication pattern. The user is authenticated based on the generated authentication pattern meeting a threshold by comparing the generated authentication pattern to the stored set of biometric scans and/or gestures scans. The phrases “at least one”, “one or more”, “or”, and “and/or” are open-ended expressions that are both conjunctive and disjunctive in operation. For example, each of the expressions “at least one of A, B and C”, “at least one of A, B, or C”, “one or more of A, B, and C”, “one or more of A, B, or C”, “A, B, and/or C”, and “A, B, or C” means A alone, B alone, C alone, A and B together, A and C together, B and C together, or A, B and C together. The term “a” or “an” entity refers to one or more of that entity. As such, the terms “a” (or “an”), “one or more” and “at least one” can be used interchangeably herein. It is also to be noted that the terms “comprising”, “including”, and “having” can be used interchangeably. The term “automatic” and variations thereof, as used herein, refers to any process or operation, which is typically continuous or semi-continuous, done without material human input when the process or operation is performed. However, a process or operation can be automatic, even though performance of the process or operation uses material or immaterial human input, if the input is received before performance of the process or operation. Human input is deemed to be material if such input influences how the process or operation will be performed. Human input that consents to the performance of the process or operation is not deemed to be “material”. Aspects of the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-code, etc.) or an embodiment combining software and hardware aspects that may all generally be referred to herein as a “circuit,” “module” or “system.” Any combination of one or more computer readable medium(s) may be utilized. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain or store a program for use by or in connection with an instruction execution system, apparatus, or device. A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may be any computer readable medium that is not a computer r