Patents & Intellectual Property

A system, method, and computer-readable storage device for receiving data representative of an input sample comprising a user's motion while entering information into a data input device, calculating a statistical summary of the input sample representative data, and comparing, using geometric and geospatial constructs, the calculated statistical summary of the input sample representative data to statistical summaries of representative data of previous input samples in a stored profile of a selected user to generate an indication whether the user is the selected user.

It covers the statistical engines we invented, and is a broad, foundational patent with claims that cover the measurements and complex mathematics required to compare effort. This allows our products to detect if someone different is entering a password.

A system, method, and computer-readable storage device for receiving data representative of an input sample comprising a user's motion while entering information into a data input device, calculating a statistical summary of the input sample representative data, and comparing, using geometric and geospatial constructs, the calculated statistical summary of the input sample representative data to statistical summaries of representative data of previous input samples in a stored profile of a selected user to generate an indication whether the user is the selected user.

This patent contains claims that extend the techniques described in the first patent to include any data gathered from touchscreens and other sensors, including three-dimensional sensors that are part of a wearable device.

Techniques for authenticating a user via gestures, QR codes, and passphrases generated to incorporate typing habits of the user. A passphrase system generates a one-time use passphrase, which incorporates hallmarks and/or quirks of the user's typing, and presents the generated passphrase as an authentication challenge to authenticate as the user. If metrics collected during the authentication challenge are statistically similar to metrics of the user's typing, the authentication succeeds; otherwise, the authentication fails. A user's gesture habits during input of an authentication drawing may be used as a target for future authentication attempts. A user's input motions (typing and/or gestures) may be converted into a secure QR code; a different host device may use the secure QR code to obtain the target metrics for future authentication attempts of the user.

This covers the algorithms and techniques supporting both existing products and to-be-released products relating to wearables and gestures. Among other applications, this allows for a method to construct a one-time, “challenge” phrase the user must enter to confirm that the right person is in front of the computer.

A method of authenticating a user based on user effort, the method includes receiving a registration from a user device with a user effort-based identity authorization token and a first user effort, submitting the first effort to the effort validation server, receiving an effort analysis from the effort validation server, issuing a credential to the user device based on the effort analysis, receiving an access request from the user device, the access request including the credential and a second effort, providing the second effort to the validation server, receiving a validation response from the validation server, and granting access to the user device as a function of the validation response.

This allows for a provider to issue a physical or electronic credential that connects effort to other components, and can be used to validate identity on disconnected systems. With this portability, GDPR Article 20 requirements are met, and healthcare insurance fraud can be easily addressed, as well as anonymous authentication requirements, such as medical trials.

A method of authenticating a user of a user device, the method includes receiving a user effort-based identity authentication token from a user device, generating a challenge request, receiving an effort validation response, generated by an effort validation server in response to a user performed requested effort, receiving the effort-based identity authentication token, and authenticating the user as a function of the received validation response and the user effort-based identity authentication token.

Authentication with an application token. This allows for a trusted provider (SaaS, etc.) to offer third-party validation of identity without disclosing any personal information, and maintains privacy to comply with GDPR and other regulations. Your bank, your email, and your merchant can all check against the same provider.

Additional techniques for authenticating a user via gestures, QR codes, and passphrases generated to incorporate typing habits of the user. A passphrase system generates a one-time use passphrase, which incorporates hallmarks and/or quirks of the user's typing, and presents the generated passphrase as an authentication challenge to authenticate as the user. If metrics collected during the authentication challenge are statistically similar to metrics of the user's typing, the authentication succeeds; otherwise, the authentication fails. A user's gesture habits during input of an authentication drawing may be used as a target for future authentication attempts. A user's input motions (typing and/or gestures) may be converted into a secure QR code; a different host device may use the secure QR code to obtain the target metrics for future authentication attempts of the user.

This expands on the previous patent (10,235,507), with additional techniques described for gesture, mobile, and wearable device sensor analysis, and the application QR standards that offer portability of sensitive information for authentication.

A method of performing a transaction between a first user of a first input device, and a second user of a second input device, the method includes generating, via the first input device, a transaction request with a with a first effort-based identity token associated with first user, receiving a response with the token and a validation key obtained from a validation server via the second input device based on a second effort-based identity token associated with the second user and a second user effort, providing the second user effort and second effort-based identity token to the validation server, receiving a second effort validation key from the validation server, and sending the transaction with the first user and second user identity-based tokens and first and second effort validation keys to the second person to complete the transaction while ensuring both the first and second users are consistent throughout the transaction.

This allows for a trusted provider (SaaS, etc.) to offer validation between two parties without exchanging personal information. With more anonymous, freelance transactions in the “1099 economy”, this provides both assurance and privacy.

A variety of systems and methods can include evaluation of human user effort data. Various embodiments apply techniques to identify anomalous effort data for the purpose of detecting the efforts of a single person, as well as to segment and isolate multiple persons from a single collection of data. Additional embodiments describe the methods for using real-time anomaly detection systems that provide indicators for scoring effort data in synthesized risk analysis. Other embodiments include approaches to distinguish anomalous effort data when the abnormalities are known to be produced by a single entity, as might be applied to medical research and enhance sentiment analysis, as well as detecting the presence of a single person's effort data among multiple collections, as might be applied to fraud analysis and insider threat investigations. Embodiments include techniques for analyzing the effects of adding and removing detected anomalies from a given collection on subsequent analysis.

This covers techniques that analyze and segment complex data into meaningful groups, and indentify anomalies from attributes derived in the analysis itself.

The second patent that has been allowed from an application filed in 2018. This includes the methods used to examine a set of training data and determine which parts belong, using the composition of the data itself. This can be used to both improve an AI model, as well as build sub-models from a data collection that may represent one or more groups of useful data.