US 11,736,478 B2
Device, system, and method of user authentication based on user-specific characteristics of task performance
Avi Turgeman, New York, NY (US)
Assigned to BIOCATCH LTD., Tel Aviv (IL)
Filed by BioCatch Ltd., Tel Aviv (IL)
Filed on Dec. 23, 2021, as Appl. No. 17/560,406.
Application 17/560,406 is a continuation of application No. 16/597,860, filed on Oct. 10, 2019, granted, now 11,223,619.
Application 16/597,860 is a continuation in part of application No. 15/051,700, filed on Feb. 24, 2016, granted, now 10,476,873, issued on Nov. 12, 2019.
Application 15/051,700 is a continuation in part of application No. 14/325,397, filed on Jul. 8, 2014, granted, now 9,450,971, issued on Sep. 20, 2016.
Application 14/325,397 is a continuation in part of application No. 13/922,271, filed on Jun. 20, 2013, granted, now 8,938,787, issued on Jan. 20, 2015.
Application 13/922,271 is a continuation in part of application No. 13/877,676, granted, now 9,069,942, issued on Jun. 30, 2015, previously published as PCT/IL2011/000907, filed on Nov. 29, 2011.
Application 14/325,397 is a continuation in part of application No. 14/320,653, filed on Jul. 1, 2014, granted, now 9,275,337, issued on Mar. 1, 2016.
Application 14/320,653 is a continuation in part of application No. 14/320,656, filed on Jul. 1, 2014, granted, now 9,665,703, issued on May 30, 2017.
Claims priority of provisional application 61/843,915, filed on Jul. 9, 2013.
Claims priority of provisional application 61/417,479, filed on Nov. 29, 2010.
Prior Publication US 2022/0116389 A1, Apr. 14, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 3/04883 (2022.01); G06F 3/04845 (2022.01); G06F 3/0354 (2013.01); G06F 3/01 (2006.01); G06F 3/041 (2006.01)
CPC H04L 63/0861 (2013.01) [G06F 3/017 (2013.01); G06F 3/03543 (2013.01); G06F 3/03547 (2013.01); G06F 3/04845 (2013.01); G06F 3/04883 (2013.01); H04L 63/083 (2013.01); G06F 3/041 (2013.01); H04L 2463/082 (2013.01)] 16 Claims
OG exemplary drawing
 
1. A method comprising:
(a) storing a representation of a secret data-item of a particular user, wherein said secret data-item is one of: a password, a Personal Identification Number (PIN);
(b) generating a user authentication session that requires said particular user to enter said secret data-item by performing a task comprised of on-screen operations in which said user drags or moves on-screen objects to input said secret data-item;
(c) during said user authentication session, monitoring user gestures of user performance of said task; and extracting from said user gestures a behavioral characteristic that characterizes user performance of said task;
(d1) determining whether or not said user gestures correspond to correct entry of said secret data-item;
(d2) determining whether or not the behavioral characteristic that was extracted in step (c), matches a previously-stored reference behavioral characteristic that was extracted from past on-screen operations that were previously associated with said particular user during previous log-in sessions;
(e) if the determining of step (d1) is negative or the determining of step (d2) is negative, then: generating a notification that user authentication is rejected;
wherein said log-in task comprises a requirement to enter said password or said PIN, by drawing on-screen lines among on-screen representations of characters;
wherein the determining of step (d2) is performed based on at least one of: (I) a speed of on-screen gestures in which said user draws said on-screen lines, (II) a curvature level of on-screen gestures in which said user draws said on-screen lines.