| CPC H04L 9/0825 (2013.01) [H04L 9/0894 (2013.01); H04L 9/3026 (2013.01)] | 18 Claims |
|
1. A computer-implemented method comprising:
receiving, by a server computer, an authentication request comprising an application identifier associated with an application or a user device identifier associated with a user device, the authentication request originating from the user device;
receiving, by the server computer, a set of behavioral data associated with the application or the user device;
responsive to receiving the application identifier or device identifier, obtaining, by the server computer, a fuzzy vault associated with the application identifier or the user device identifier; and
determining, by the server computer, a reconstructed key value using the fuzzy vault and the set of behavioral data,
wherein the application or the user device is authenticated using the reconstructed key value, wherein the set of behavioral data is a first set of behavioral data, and wherein the method further comprises an enrollment process, the enrollment process including:
receiving, by the server computer, an enrollment request comprising the application identifier or the user device identifier and an enrollment key value;
receiving, by the server computer, a second set of behavioral data associated with the user device or the application;
forming, by the server computer, a polynomial using the enrollment key value, wherein one or more portions of the enrollment key value form coefficients of the polynomial;
determining, by the server computer, a set of genuine points by inputting the second set of behavioral data into the polynomial; and
forming the fuzzy vault using the set of genuine points and random chaff points, wherein the fuzzy vault comprises the set of genuine points and the random chaff points on a graph.
|