Patents Assigned to SecureAuth Corporation
-
Patent number: 12086808Abstract: Aspects of the disclosure provide techniques for using behavior based information for providing and restricting access to a secure website, or computer network and its assets to a user. Components of the system may include the following. Client remote computing device, network and browser unique attribute data collection and fingerprinting. Method for capturing user habits and fingerprinting with ability to detect abnormalities through AIML using mobile and wearable device applications. System for detection of normality of user behavior based on habits, and cyber transactions, device access and determining a confidence score associated with each transaction. Method for calculating individual transaction risk based on contextual factors such as user behavior, device, browser and the network traffic and request for authentication by account owner when risk greater than allowed threshold.Type: GrantFiled: September 26, 2022Date of Patent: September 10, 2024Assignee: SecureAuth CorporationInventors: Nahal Shahidzadeh, Shahrokh Shahidzadeh, Haitham Akkary
-
Patent number: 12074886Abstract: The system and method disclosed performs entity authentication through identification proofing. A relying party such as a corporation or other type of entity having a secure website, computer network and secure facility working a risk engine can determine the authenticity, validation and verification during registration of a user entity. The identification proofing is integrated with a risk engine. The risk engine is capable of using bio-behavior based information which may be continuously monitored.Type: GrantFiled: June 12, 2023Date of Patent: August 27, 2024Assignee: SecureAuth CorporationInventors: Shahrokh Shahidzadeh, Frank Stefan Ulbrich
-
Patent number: 12056975Abstract: A system and method for biobehavioral identification may include a user device, a secure system/client device, and a server. The elements of the system work together to monitor the biologic features (e.g., fingerprints, pupils, or the like) and behavior (e.g., wake time, exercise time, location) to verify the authenticity of a user requesting access to a database and/or secure facility.Type: GrantFiled: June 20, 2022Date of Patent: August 6, 2024Assignee: SecureAuth CorporationInventors: Shahrokh Shahidzadeh, Nahal Shahidzadeh, Haitham Akkary, Frank Stefan Ulbrich, Mani Malekmohammadi
-
Patent number: 12035136Abstract: Aspects of the disclosure provide techniques for using bio-behavior based information for providing and restricting access to a secure website or computer network and its assets to a user entity. The bio-behavior system and method 100 uses processes to learn models that relate heterogeneous data that connects the analog, physical space with the online/cyber world. The process is a nonparametric, probabilistic mixture model. The system 100 is capable of detecting behavioral patterns in mixed data composed of inputs of varying complexity. This includes the low-level, mainly unprocessed data generated by a user entity device's intrinsic sensors that monitor the internal state of the phone as well as extrinsic sensors that capture the state of the surrounding environment.Type: GrantFiled: August 2, 2021Date of Patent: July 9, 2024Assignee: SecureAuth CorporationInventors: Shahrokh Shahidzadeh, Frank Stefan Ulbrich
-
Patent number: 11888839Abstract: A system and method for secure authentication of user entity and user entity device identity. The system and method described herein allows an identity to be continuously proven because of user entity's behavior and their biometrics. With all the fraud and risk that exists today, if someone has a user entity's driver's license they can do a lot of harm. A primary identity provider passes user contextual and behavioral information to third party secondary identity providers to allow risk based continuous authentication and step up post-authorization authentication or termination of session as required upon detection of an anomaly.Type: GrantFiled: January 9, 2023Date of Patent: January 30, 2024Assignee: SecureAuth CorporationInventors: Shahrokh Shahidzadeh, Nadal Shahidzadeh, Christopher Clifford, Haitham Akkary, Seyedamir Karimikho
-
Patent number: 11868039Abstract: Aspects of the disclosure provide techniques for using egocentric and allocentric information for providing and restricting access to a secure network and its assets to a user entity. The system may include capturing user habits and fingerprinting with ability to detect abnormalities through artificial intelligence/machine learning (AIML) using mobile and wearable device applications.Type: GrantFiled: November 2, 2020Date of Patent: January 9, 2024Assignee: SecureAuth CorporationInventors: Shahrokh Shahidzadeh, Shawn Stevens, Fausto Oliveira, Seyedamir Karimikho
-
Patent number: 11838762Abstract: A system and method for rapid check-in and inheriting trust using a user entity device. The system and method described herein allows an identity to be continuously proven because of user entity's behavior and their biometrics. With all the fraud and risk that exists today, if someone has a user entity's driver's license they can do a lot of harm. By tying a user entity's identity to their user entity device (e.g., a mobile smartphone), then when a user entity checks into a location (e.g., airport, hotel, bank), an identity provider continues a process of continuous authentication while the user entity device travels about a location and interacts with the services offered by the location.Type: GrantFiled: February 14, 2022Date of Patent: December 5, 2023Assignee: SecureAuth CorporationInventor: Shahrokh Shahidzadeh
-
Patent number: 11677755Abstract: The system and method disclosed performs entity authentication through identification proofing. A relying party such as a corporation or other type of entity having a secure website, computer network and secure facility working a risk engine can determine the authenticity, validation and verification during registration of a user entity. The identification proofing is integrated with a risk engine. The risk engine is capable of using bio-behavior based information which may be continuously monitored.Type: GrantFiled: May 9, 2022Date of Patent: June 13, 2023Assignee: SecureAuth CorporationInventors: Shahrokh Shahidzadeh, Frank Stefan Ulbrich
-
Patent number: 11562455Abstract: A computer implemented system and method for a consumer based access control for identity information. The method and system involve receiving at an identity organization a request for registration and verification of the identity information and configuring a specific user selected policy for notification and authorization of such identity requests of a desired (or intended) identity service (or plurality of services) associated with the targeted user identification. Next, processing the request in a Joint Identity Information Service Network (JIISN) server framework for the detection and verification of a request against an active directory of users or organizations who have opted in for notification; computing the required action based on the configuration of the policies in one of the group consisting of: a JISN policy engine and a user remote mobile control system; communicating with a real time authorization server (e.g.Type: GrantFiled: February 14, 2022Date of Patent: January 24, 2023Assignee: SecureAuth CorporationInventors: Nahal Shahidzadeh, Haitham Akkary
-
Patent number: 11552940Abstract: A system and method for secure authentication of user entity and user entity device identity. The system and method described herein allows an identity to be continuously proven because of user entity's behavior and their biometrics. With all the fraud and risk that exists today, if someone has a user entity's driver's license they can do a lot of harm. A primary identity provider passes user contextual and behavioral information to third party secondary identity providers to allow risk based continuous authentication and step up post-authorization authentication or termination of session as required upon detection of an anomaly.Type: GrantFiled: March 15, 2021Date of Patent: January 10, 2023Assignee: SecureAuth CorporationInventors: Shahrokh Shahidzadeh, Nahal Shahidzadeh, Christopher Clifford, Haitham Akkary, Seyedamir Karimikho
-
Patent number: 11455641Abstract: Aspects of the disclosure provide techniques for using behavior based information for providing and restricting access to a secure website, or computer network and its assets to a user. Components of the system may include the following. Client remote computing device, network and browser unique attribute data collection and fingerprinting. Method for capturing user habits and fingerprinting with ability to detect abnormalities through AIML using mobile and wearable device applications. System for detection of normality of user behavior based on habits, and cyber transactions, device access and determining a confidence score associated with each transaction. Method for calculating individual transaction risk based on contextual factors such as user behavior, device, browser and the network traffic and request for authentication by account owner when risk greater than allowed threshold.Type: GrantFiled: January 1, 2021Date of Patent: September 27, 2022Assignee: SecureAuth CorporationInventors: Nahal Shahidzadeh, Shahrokh Shahidzadeh, Haitham Akkary
-
Patent number: 11367323Abstract: A system and method for biobehavioral identification may include a user device, a secure system/client device, and a server. The elements of the system work together to monitor the biologic features (e.g., fingerprints, pupils, or the like) and behavior (e.g., wake time, exercise time, location) to verify the authenticity of a user requesting access to a database and/or secure facility.Type: GrantFiled: September 27, 2021Date of Patent: June 21, 2022Assignee: SecureAuth CorporationInventors: Shahrokh Shahidzadeh, Nahal Shahidzadeh, Haitham Akkary, Frank Stefan Ulbrich, Mani Malekmohammadi
-
Patent number: 11349879Abstract: A system and method for authentication policy orchestration may include a user device, a client device, and a server. The server may include a network interface configured to be communicatively coupled to a network. The server may further include a processor configured to obtain, from a client device via the network, a transaction request for a transaction, determine an authorization requirement for the transaction request based, at least in part, on a plurality of authorization policies, individual ones of the plurality of authorization policies being separately configurable by at least one of a relying party and an authorizing party, and complete the transaction based on the authorization requirement having been met.Type: GrantFiled: July 7, 2020Date of Patent: May 31, 2022Assignee: SecureAuth CorporationInventors: Nahal Shahidzadeh, Haitham Akkary
-
Patent number: 11329998Abstract: The system and method disclosed performs entity authentication through identification proofing. A relying party such as a corporation or other type of entity having a secure website, computer network and secure facility working a risk engine can determine the authenticity, validation and verification during registration of a user entity. The identification proofing is integrated with a risk engine. The risk engine is capable of using bio-behavior based information which may be continuously monitored.Type: GrantFiled: August 30, 2021Date of Patent: May 10, 2022Assignee: SecureAuth CorporationInventors: Shahrokh Shahidzadeh, Frank Stefan Ulbrich
-
Patent number: 11223614Abstract: The authentication of a client to multiple server resources with a single sign-on procedure using multiple factors is disclosed. One contemplated embodiment is a method in which a login session is initiated with the authentication system of a primary one of the multiple server resources. A first set of login credentials is transmitted thereto, and validated. A token is stored on the client indicating that the initial authentication was successful, which is then used to transition to a secondary one of the multiple resources. A second set of login credentials is also transmitted, and access to the secondary one of the multiple resources is granted on the basis of a validated token and second set of login credentials.Type: GrantFiled: August 9, 2019Date of Patent: January 11, 2022Assignee: SecureAuth CorporationInventors: Mark V. Lambiase, Garret Florian Grajek, Jeffrey Chiwai Lo, Tommy Ching Hsiang Wu
-
Patent number: 10567385Abstract: The provisioning of a security token object to a user is disclosed. The security token object is used for accessing a computing resource through a client device, such as a mobile device. A security token object provisioning request may be received from the mobile device. In response, an authentication request may be transmitted. The user is authenticated against a user identity based upon a set of received identity credentials provided by the user. The extraction of a unique token identifier from the security token object is initiated, and completed without intervention from the user. The unique token identifier received from the client device is associated with the user identity in a data store. By providing the security token object, the user can gain access to the computing resource.Type: GrantFiled: March 23, 2018Date of Patent: February 18, 2020Assignee: SecureAuth CorporationInventors: Allen Yu Quach, Jeffrey Chiwai Lo, Garret Florian Grajek, Mark V. Lambiase
-
Patent number: 10439826Abstract: Methods for managing digital certificates, including issuance, validation, and revocation are disclosed. Various embodiments involve querying a directory service with entries that correspond to a particular client identity and have attributes including certificate issuance limits and certificate validity time values. The validity time values are adjustable to revoke selectively the certificates based upon time intervals set forth in validity identifiers included therein.Type: GrantFiled: January 29, 2018Date of Patent: October 8, 2019Assignee: SecureAuth CorporationInventors: Garret Florian Grajek, Jeffrey Chiwai Lo, Mark V. Lambiase
-
Patent number: 10419418Abstract: A device fingerprinting system provides an additional factor of authentication. A user device may be redirected, along with user ID parameters, to authentication system. The user device may be sent instructions to execute that collect and send back device characteristic information to the authentication system. The authentication can create a unique fingerprint of the device, and determine if the fingerprint has been seen before. If seen before, the authentication system may send back an authentication token indicating the additional factor of authentication was a success. If the fingerprint has not been seen previously, the authentication system may conduct a one-time password authentication as the additional factor. If successful, the fingerprint may be stored in association with the user device for future authentication as an additional factor.Type: GrantFiled: September 28, 2017Date of Patent: September 17, 2019Assignee: SecureAuth CorporationInventors: Garret Florian Grajek, Chihwei Liu, Allen Yu Quach, Jeffrey Chiwai Lo
-
Patent number: 10404678Abstract: A security object creation and validation system provides an additional factor of authentication. An authentication system as described herein provides secure two-factor authentication, such as for IT resources in an organization. The authentication system can perform generation of a security object (such as an X.509 object, Java object, persistent browser token, or other digital certificate); registration of the generated security object or of an existing security object (such as a near field communication identifier, smart card identifier, OATH token, etc.); validation of the security object as part of an authentication process; and assertion of the identity of the security object to native network resources (such as web resources, network resources, cloud resources, mobile applications, and the like) that may accept the security object. The authentication system may provide user interfaces to allow users and administrators to manage registered device inventory and revoke security objects.Type: GrantFiled: February 25, 2015Date of Patent: September 3, 2019Assignee: SecureAuth CorporationInventors: Garret Florian Grajek, Allen Yu Quach, Jeffrey Chiwai Lo, Shu Jen Tung
-
Patent number: 10382427Abstract: The authentication of a client to multiple server resources with a single sign-on procedure using multiple factors is disclosed. One contemplated embodiment is a method in which a login session is initiated with the authentication system of a primary one of the multiple server resources. A first set of login credentials is transmitted thereto, and validated. A token is stored on the client indicating that the initial authentication was successful, which is then used to transition to a secondary one of the multiple resources. A second set of login credentials is also transmitted, and access to the secondary one of the multiple resources is granted on the basis of a validated token and second set of login credentials.Type: GrantFiled: March 14, 2016Date of Patent: August 13, 2019Assignee: SecureAuth CorporationInventors: Mark V. Lambiase, Garret Florian Grajek, Jeffrey Chiwai Lo, Tommy Ching Hsiang Wu