Patents by Inventor Kyle C. BROGLE
Kyle C. BROGLE has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 12210603Abstract: The present disclosure generally relates to enrolling a biometric feature for use with a peripheral device. While a computer system is connected to an external device, the computer system receives a first request to enroll a biometric feature. In response to receiving the request and in accordance with a determination that the request satisfies a first set of one or more criteria, the computer system displays a user interface object prompting a user to provide an authorization input to one or more input devices physically connected to the computer system. While displaying the first user interface object, the computer system receives user input. In response to receiving the user input and in accordance with a determination that the user input includes the authentication input, the computer system initiates a process to enroll the biometric feature using a biometric sensor that is integrated with the external device.Type: GrantFiled: March 2, 2022Date of Patent: January 28, 2025Assignee: Apple Inc.Inventors: Jiaying Deng, Benjamin Biron, Kyle C. Brogle, Tomislav Suchan
-
Patent number: 12206799Abstract: Techniques are disclosed relating to securely authenticating communicating devices. In various embodiments, a computing device receives, via a network connection with a network, a first certificate for a first public key pair of the computing device. The computing device provides the first certificate to an offline accessory device and receives a second certificate for a second public key pair maintained by the offline accessory device. The computing device performs a verification of the second certificate and, responsive to the verification being successful, interacts with the offline accessory device. In some embodiments, prior to providing the first certificate, the computing device determines an ordering in which the first and second certificates are to be exchanged by the first computing device and the offline accessory device, and the first certificate is provided to the offline accessory device in accordance with the determined ordering.Type: GrantFiled: June 3, 2022Date of Patent: January 21, 2025Assignee: Apple Inc.Inventors: Steven A. Myers, Kyle C. Brogle, Sean P. Devlin, Edwin W. Foo, John T. Perry
-
Patent number: 12177207Abstract: The embodiments set forth a technique for enabling a computing device to securely configure a peripheral computing device. According to some embodiments, the method can include the steps of (1) approving a request received from the peripheral computing device to engage in a setup procedure for the peripheral computing device, (2) receiving, from the peripheral computing device: (i) an audio signal that encodes a password and timing information, and (ii) a light signal. Additionally, the method can involve, in response to identifying that the timing information correlates with the light signal: (3) extracting the password from the audio signal, and (4) establishing a communication link with the peripheral computing device based on the password. In turn, the method can involve (5) providing configuration information to the peripheral computing device over the communication link.Type: GrantFiled: June 23, 2021Date of Patent: December 24, 2024Assignee: Apple Inc.Inventors: Jay S. Coggin, Daniel C. Klingler, Kyle C. Brogle, Johannes P. Schmidt, Eric A. Allamanche, Thomas Alsina, Bob Bradley, Alex T. Nelson, Rudolph Van Der Merwe, Joseph M. Triscari, Keun Sup Lee, Pedro Mari, Aaron M. Elder, Richard M. Powell
-
Publication number: 20240403402Abstract: Techniques are disclosed relating to devices that support biometric authentication. In various embodiments, a device includes a biosensor configured to collect biometric data from a user. An authentication system of the device is configured to perform a user authentication based on the collected biometric data. After performance of the user authentication, the authentication system receives sensor data indicating that the user remains collocated with the device and receives a request to confirm an authentication of the user. Based on the user authentication and the received sensor data, the authentication system confirms that the user has been authenticated. In various embodiments, the authentication system is configured to receive additional sensor data indicating that the user is no longer collocated with the device and, in response to a subsequent authentication request, require the user to perform another biometric authentication using the biosensor.Type: ApplicationFiled: June 4, 2024Publication date: December 5, 2024Inventors: Martin Haller, Andrei Nikiforov, Benjamin Biron, Kyle C. Brogle, Lucie Kucerova, Oliver G. Wenisch, Petr Kostka, Tom Sengelaub, Tomislav Suchan
-
Patent number: 12099586Abstract: The present disclosure generally relates to methods and user interfaces for authentication, including providing and controlling authentication at a computer system using an external device in accordance with some embodiments.Type: GrantFiled: January 28, 2022Date of Patent: September 24, 2024Assignee: Apple Inc.Inventors: Grant R. Paul, Benjamin Biron, Kyle C. Brogle, Naresh Kumar Chinnathanbi Kailasam, Brent M. Ledvina, Robert W. Mayor, Nicole M. Wells
-
Patent number: 12089050Abstract: Techniques disclosed herein relate to the pairing of a pairing initiator device and a pairing responder device for communication. The pairing initiator device and the pairing responder device range with each other to determine the distance between the pairing initiator device and the pairing responder device. Based on the distance being below a threshold distance, the pairing initiator device and the pairing responder device wirelessly pair with each other without further input from the user.Type: GrantFiled: December 22, 2022Date of Patent: September 10, 2024Assignee: Apple Inc.Inventors: Brent M. Ledvina, Yannick L. Sierra, Kyle C. Brogle, Steven Andrew Myers
-
Publication number: 20240214182Abstract: Encrypting and securely transmitting data between devices is disclosed. After a device obtains a request to purchase a prescription lens, including prescription data, to be inserted into a second electronic device, the prescription data is securely encrypted and transmitted to the lens manufacturer. The lens manufacturer may create a prescription lens and calibration data related to the lens. The calibration data can be encrypted and transmitted to a storage device for storage. The second electronic device can retrieve the encrypted calibration data from the storage device and utilize it to perform a full calibration of the device. The second electronic device can present images, in accordance with the calibration data, using a display through an optical path that include the prescription lens.Type: ApplicationFiled: December 26, 2023Publication date: June 27, 2024Inventors: Srinivas VEDULA, Qihe WANG, Kyle C. BROGLE, Frederic JACOBS, Yannick L. SIERRA, Giuliano PASQUALOTTO, Anup RATHI, Duncan A. MCROBERTS
-
Patent number: 11876806Abstract: Techniques are disclosed relating to user authentication. In some embodiments, a first computing device receives, from a second computing device, a request for a user credential to be input into an authentication prompt associated with the second device. The first computing device determines a proximity associated with the second computing device based on a received wireless location beacon and, based on the request and the determined proximity, presents a selection prompt asking a user of the first computing device to select a user credential stored in the first computing device. The first computing device then provides the selected user credential to the second computing device to input into the authentication prompt. In some embodiments, the first computing device receives the wireless location beacon from a remote controller of the second computing device and determines a proximity based on a signal strength associated with the received location beacon.Type: GrantFiled: June 24, 2022Date of Patent: January 16, 2024Assignee: Apple Inc.Inventors: Conrad A. Shultz, Alexander D. Sanciangco, Brent M. Ledvina, Chelsea E. Pugh, Kyle C. Brogle, Marc J. Krochmal, Maureen G. Daum, Reza Abbasian, Richard J. Mondello, Jacob S. Klapper
-
Patent number: 11863671Abstract: Embodiments described herein enable a user to bypass the use of one-time keys or account recovery codes by providing techniques for accessory assisted account recovery. In various embodiments, accessory assisted account recovery makes use of an accessory device of a user, where the accessory device can be any device having a secure processor, cryptographic engine, public key accelerator, or is otherwise able to accelerate cryptographic operations or perform cryptographic operations in a secure execution environment. An account recovery key can be split into multiple portions. At least one portion of the recovery key is then encrypted. The accessory device is then configured to be uniquely capable of decrypting the encrypted portion of an account recovery key.Type: GrantFiled: April 14, 2020Date of Patent: January 2, 2024Assignee: Apple Inc.Inventors: Yannick L. Sierra, Lucia E. Ballard, Kyle C. Brogle, DJ Capelis
-
Publication number: 20230421372Abstract: Embodiments described herein enable a user to bypass the use of one-time keys or account recovery codes by providing techniques for accessory assisted account recovery. In various embodiments, accessory assisted account recovery makes use of an accessory device of a user, where the accessory device can be any device having a secure processor, cryptographic engine, public key accelerator, or is otherwise able to accelerate cryptographic operations or perform cryptographic operations in a secure execution environment. An account recovery key can be split into multiple portions. At least one portion of the recovery key is then encrypted. The accessory device is then configured to be uniquely capable of decrypting the encrypted portion of an account recovery key.Type: ApplicationFiled: September 8, 2023Publication date: December 28, 2023Inventors: YANNICK L. SIERRA, LUCIA E. BALLARD, KYLE C. BROGLE, DJ CAPELIS
-
Publication number: 20230412373Abstract: Embodiments described herein enable a user to bypass the use of one-time keys or account recovery codes by providing techniques for accessory assisted account recovery. In various embodiments, accessory assisted account recovery makes use of an accessory device of a user, where the accessory device can be any device having a secure processor, cryptographic engine, public key accelerator, or is otherwise able to accelerate cryptographic operations or perform cryptographic operations in a secure execution environment. An account recovery key can be split into multiple portions. At least one portion of the recovery key is then encrypted. The accessory device is then configured to be uniquely capable of decrypting the encrypted portion of an account recovery key.Type: ApplicationFiled: April 14, 2020Publication date: December 21, 2023Inventors: YANNICK L. SIERRA, LUCIA E. BALLARD, KYLE C. BROGLE, DJ CAPELIS
-
Publication number: 20230393888Abstract: A kernel of an operating system receives a request from a parent process (e.g., an exec or spawn system call) to launch a child process that executes a binary. The kernel identifies a process-specific launch constraint, which is a precondition for launching the child process. The kernel evaluates the constraint, which can match against any type of system state or variable, including the process's location on disk, protection on disk, and how the process is to be launched. The kernel can then determine whether to launch the child process, thus permitting the child process to be scheduled for execution by the operating system. Launch constraints can be used both for a child process to impose preconditions on the parent process, and vice versa. Launch constraints can be included in the launch request, embedded in the binary, or located elsewhere, such as in a trust cache in kernel memory.Type: ApplicationFiled: June 1, 2023Publication date: December 7, 2023Inventors: David P. Remahl, Kyle C. Brogle, Robert J. Kendall-Kuppe, Pavlo Malynin, Geoffrey McCormack
-
Patent number: 11775632Abstract: Techniques are disclosed relating to credential managers. In some embodiments, a computing device maintains a credential manager that stores, in a protected manner, a set of credentials for authenticating a user and metadata about the credentials. The computing device stores an instance of the metadata externally to the credential manager. The computing device uses the externally stored metadata to determine whether the set of credentials includes a particular credential associated with a service and, in response to determining that the set of credentials includes the particular credential, displays an indication of the particular credential. In some embodiments, the computing device receives a selection of the displayed indication by the user and, in response to the selection, sends a request for the particular credential to the credential manager.Type: GrantFiled: January 30, 2023Date of Patent: October 3, 2023Assignee: Apple Inc.Inventors: Reza Abbasian, Richard J. Mondello, David P. Quesada, Kyle C. Brogle, Patrick L. Coffman
-
Patent number: 11777936Abstract: Techniques are disclosed relating to sharing access to electronically-secured property. In some embodiments, a first computing device having a first secure element receives, from a second computing device associated with an owner of the electronically-secured property, an indication that the second computing device has transmitted a token to server computing system, the token permitting a user of the first computing device access to the electronically-secured property. Based on the received indication, the first computing device sends a request for the transmitted token to the server computing system and, in response to receiving the requested token, securely stores the received token in the first secure element of the first computing device. The first computing device subsequently transmits the stored token from the first secure element of the first device to the electronically-secured property to obtain access to the electronically-secured property based on the token.Type: GrantFiled: June 7, 2019Date of Patent: October 3, 2023Assignee: Apple Inc.Inventors: Florian Galdo, Stephanie R. Martin, Yannick L. Sierra, Ivan Krstic, Christopher A. Volkert, Najeeb M. Abdulrahiman, Matthias Lerch, Onur E. Tackin, Kyle C. Brogle
-
Patent number: 11720504Abstract: Some aspects of this disclosure relate to implementing a thread device that can associate with a thread network. The thread device includes a network processor, a first memory, and a host processor communicatively coupled to the network processor and the first memory. The first memory can be a nonvolatile memory with a first level security protection, and configured to store a first dataset including thread network parameters for the network processor to manage network functions for the thread device associated with the thread network. The network processor can be coupled to a second memory to store a second dataset having a same content as the first dataset. The network processor is configured to manage the network functions based on the second dataset. The second memory can be a volatile memory with a second level security protection that is less than the first level security protection.Type: GrantFiled: April 15, 2021Date of Patent: August 8, 2023Assignee: Apple Inc.Inventors: Venkateswara Rao Manepalli, Amit Gulia, Andrei Tudorancea, Dominic Spill, Jesus A. Gutierrez Gomez, Kahraman D. Akdemir, Aaron M. Sigel, William K. Estes, Kyle C. Brogle
-
Publication number: 20230177141Abstract: Techniques are disclosed relating to credential managers. In some embodiments, a computing device maintains a credential manager that stores, in a protected manner, a set of credentials for authenticating a user and metadata about the credentials. The computing device stores an instance of the metadata externally to the credential manager. The computing device uses the externally stored metadata to determine whether the set of credentials includes a particular credential associated with a service and, in response to determining that the set of credentials includes the particular credential, displays an indication of the particular credential. In some embodiments, the computing device receives a selection of the displayed indication by the user and, in response to the selection, sends a request for the particular credential to the credential manager.Type: ApplicationFiled: January 30, 2023Publication date: June 8, 2023Inventors: Reza Abbasian, Richard J. Mondello, David P. Quesada, Kyle C. Brogle, Patrick L. Coffman
-
Publication number: 20230147041Abstract: Techniques disclosed herein relate to the pairing of a pairing initiator device and a pairing responder device for communication. The pairing initiator device and the pairing responder device range with each other to determine the distance between the pairing initiator device and the pairing responder device. Based on the distance being below a threshold distance, the pairing initiator device and the pairing responder device wirelessly pair with each other without further input from the user.Type: ApplicationFiled: December 22, 2022Publication date: May 11, 2023Inventors: Brent M. Ledvina, Yannick L. Sierra, Kyle C. Brogle, Steven Andrew Myers
-
Publication number: 20230095816Abstract: Aspects of the subject technology provide electronic devices that operate, in part, based on enrolled user characteristics, and that can be operated by a guest user that has not been enrolled. For example, upon determining that a current user of an electronic device storing a first physical model of a primary user is a guest user different from the primary user, the electronic device may obtain initial physical characteristic data for the guest user and generate a guest physical model of the guest user based on the initial physical characteristic data. In one or more implementations, the electronic device may operate based on guest user inputs and the guest physical model of the guest user, while updating the guest physical model based on the guest user inputs.Type: ApplicationFiled: September 16, 2022Publication date: March 30, 2023Inventors: David COHEN, Kyle C. BROGLE, Michael J. ROCKWELL, Ranjit DESAI, Joel N. KERR, Amy E. DEDONATO, Joaquim Gonçalo LOBO FERREIRA DA SILVA, Tyler R. CALDERONE, Charilaos PAPADOPOULOS
-
Patent number: 11568039Abstract: Techniques are disclosed relating to credential managers. In some embodiments, a computing device maintains a credential manager that stores, in a protected manner, a set of credentials for authenticating a user and metadata about the credentials. The computing device stores an instance of the metadata externally to the credential manager. The computing device uses the externally stored metadata to determine whether the set of credentials includes a particular credential associated with a service and, in response to determining that the set of credentials includes the particular credential, displays an indication of the particular credential. In some embodiments, the computing device receives a selection of the displayed indication by the user and, in response to the selection, sends a request for the particular credential to the credential manager.Type: GrantFiled: September 28, 2018Date of Patent: January 31, 2023Assignee: Apple Inc.Inventors: Reza Abbasian, Richard J. Mondello, David P. Quesada, Kyle C. Brogle, Patrick L. Coffman
-
Publication number: 20230020855Abstract: A wireless access device can be configured to determine a list of accessory groups corresponding to accessories connected to a network managed by the wireless access device. The wireless access device may also be configured to identify at least one firmware update that corresponds to at least one accessory group of the list of accessory groups and request all firmware updates that correspond to the at least one accessory group. The wireless access device can also be configured to receive one or more firmware updates that corresponds to at least one of the accessories of the at least one accessory group for which a respective firmware update is available and transmit at least one firmware update of the received one or more firmware updates to at least one corresponding accessory of the at least one accessory group.Type: ApplicationFiled: September 19, 2022Publication date: January 19, 2023Applicant: Apple Inc.Inventors: Wayne A. Lee, Zaka Ur Rehman Ashraf, Daniel R. Borges, Kyle C. Brogle, Srinivas Rama, Benjamin S. Turner, Hung Q. Le, Devin E. Gund, Keith W. Rauenbuehler, Praveen Chegondi