US 12,142,073 B2
Fingerprint-based device authentication
Parvez Naqvi, Potomac, MD (US); Bhagyashree Prabhakar, Fairfax, VA (US); Anantha Swarma Kavi, Clarksburg, MD (US); Harsha Bilwani, Ashburn, VA (US); Haranath Santosh, Fairfax, VA (US); Suman Emudaboina Rajeshwar, Ashburn, VA (US); and Adane Gebremeskel, Alexandria, VA (US)
Assigned to Capital One Services, LLC, McLean, VA (US)
Filed by Capital One Services, LLC, McLean, VA (US)
Filed on Apr. 27, 2021, as Appl. No. 17/241,823.
Prior Publication US 2022/0343095 A1, Oct. 27, 2022
Int. Cl. G06K 9/00 (2022.01); G06N 3/08 (2023.01); G06V 40/12 (2022.01); H04L 9/32 (2006.01); H04L 9/40 (2022.01); H04L 29/06 (2006.01)
CPC G06V 40/1365 (2022.01) [G06N 3/08 (2013.01); H04L 9/3213 (2013.01); H04L 9/3228 (2013.01); H04L 9/3231 (2013.01); H04L 63/1466 (2013.01)] 19 Claims
OG exemplary drawing
 
1. A method comprising:
receiving, by a server and from a user device, authentication credentials;
receiving, from the user device, a first device fingerprint, generated at a first time, that uniquely identifies the user device and indicates each of a first plurality of applications executing on the user device at the first time;
based on authenticating the authentication credentials:
sending, to the user device, a token generated based on the authentication credentials; and
storing, in a database, the first device fingerprint;
receiving, at a second time, a request for access to content, wherein the request comprises:
the token, and
a second device fingerprint, wherein the second device fingerprint indicates each of a second plurality of applications executing at the second time;
determining that the request for access to the content was received from a second user device different from the user device by:
comparing the first device fingerprint and the second device fingerprint to determine whether, based on a difference between the first plurality of applications and the second plurality of applications, opening or closing one or more applications would result in the difference between the first plurality of applications and the second plurality of applications; and
identifying, based on determining that opening or closing one or more applications would not result in the difference between the first plurality of applications and the second plurality of applications and based on a difference between the first time and the second time, that the second plurality of applications corresponding to the second time is inconsistent with the first plurality of applications corresponding to the first time; and
preventing access to the content in response to authenticating the token and determining that the request for access to the content was received from the second user device different from the user device, wherein the determining that the request for access to the content was received from the second user device different from the user device comprises determining a quantity of computing resources available to the user device.