Patent
Providing access control and identity verification for communications when initiating a communication to an entity to be verified
| العنوان: | Providing access control and identity verification for communications when initiating a communication to an entity to be verified |
|---|---|
| Patent Number: | 12021,866 |
| تاريخ النشر: | June 25, 2024 |
| Appl. No: | 16/861663 |
| Application Filed: | April 29, 2020 |
| مستخلص: | The techniques herein are directed generally to providing access control and identity verification for communications when initiating a communication to an entity to be verified. In one particular embodiment, an illustrative method according to one or more embodiments of the present disclosure may comprise: initiating, from an initiating device, a communication to a receiving device on a communication channel; determining, by the initiating device over a verification channel with a verification service, whether an identity associated with the receiving device is verified by the verification service; managing, by the initiating device in response to the identity associated with the receiving device being verified, the communication to the receiving device according to the identity being verified; and managing, by the initiating device in response to the identity associated with the receiving device being unverified, the communication to the receiving device according to the identity being unverified. |
| Inventors: | Journey.ai (Denver, CO, US) |
| Assignees: | Journey.ai (Denver, CO, US) |
| Claim: | 1. A method, comprising: initiating, from an initiating device, a communication to a receiving device on a communication channel; determining, by the initiating device over a verification channel with a verification service associated with the initiating device, whether an identity of a particular user is verified by the verification service based on whether or not the particular user has logged into a verification service client application on the receiving device, wherein, prior to initiating the communication, the verification service establishes accounts for users of the verification service client application and determines that identities of the users are attested by an attestation service during account establishment; managing, by the initiating device in response to the identity of the particular user using the receiving device being verified and thus already attested by the attestation service during the account establishment, the communication to the receiving device according to the identity being verified and thus already attested; and managing, by the initiating device in response to the identity of the particular user using the receiving device being unverified, the communication to the receiving device according to the identity being unverified. |
| Claim: | 2. The method as in claim 1 , wherein initiating the communication to the receiving device on the communication channel is prior to determining whether the identity of the user using the receiving device is verified by the verification service, the method further comprising: initiating verification of the identity during the communication. |
| Claim: | 3. The method as in claim 2 , wherein initiating verification of the identity during the communication comprises: invoking the verification service client application on the receiving device to obtain verification. |
| Claim: | 4. The method as in claim 1 , further comprising: prompting the receiving device to install the verification service client application to then verify the identity of the user using the receiving device. |
| Claim: | 5. The method as in claim 1 , further comprising: determining that the identity of the user using the receiving device is unverified in response to expiration of a time limit prior to obtaining verification. |
| Claim: | 6. The method as in claim 1 , wherein determining whether the identity of the user using the receiving device is verified by the verification service prior to initiating the communication to the receiving device on the communication channel. |
| Claim: | 7. The method as in claim 1 , further comprising: informing the verification service, over the verification channel, of an intention to initiate the communication to the receiving device, causing the verification service to relay the intention to the receiving device. |
| Claim: | 8. The method as in claim 7 , wherein the intention comprises a particular time of initiating the communication. |
| Claim: | 9. The method as in claim 7 , further comprising: receiving a response to the intention, via the verification channel, requesting initiating the communication at a particular time, wherein the initiating device initiates the communication according to the particular time. |
| Claim: | 10. The method as in claim 1 , further comprising: receiving a prompt from the verification service client application on the receiving device to initiate the communication, wherein the initiating device initiates the communication in response to the prompt. |
| Claim: | 11. The method as in claim 10 , wherein the prompt is associated with a particular time for the communication, and wherein the initiating device initiates the communication according to the particular time. |
| Claim: | 12. The method as in claim 1 , wherein determining that the identity of the user using the receiving device is verified by the verification service is based on the verification service client application on the receiving device verifying the identity. |
| Claim: | 13. The method as in claim 12 , wherein the verification service client application has verified the identity of the user using the receiving device prior to the initiating device initiating the communication, and wherein the verification service conveys that the identity of the user using the receiving device is verified to the initiating device over the verification channel in order for the initiating device to determine that the identity of the user using the receiving device is verified by the verification service. |
| Claim: | 14. The method as in claim 12 , wherein the communication is initiated prior to the verification service client application verifying the identity of the user using the receiving device, and wherein the verification service client application is caused to activate during the communication to perform verification of the identity of the user using the receiving device. |
| Claim: | 15. The method as in claim 1 , wherein determining that the identity of the user using the receiving device is unverified by the verification service is based on the verification service client application not being installed on the receiving device. |
| Claim: | 16. The method as in claim 1 , further comprising: managing the communication to the receiving device according to the identity being unverified based specifically on one of either the verification service client application on the receiving device being unable to verify the identity or in response to the verification service client application not being installed on the receiving device. |
| Claim: | 17. The method as in claim 1 , wherein determining whether the identity of the user using the receiving device is verified by the verification service comprises: requesting the user to comply with one or more multi-factor authentication (MFA) queries over the verification channel. |
| Claim: | 18. The method as in claim 1 , wherein managing the communication to the receiving device according to the identity being verified comprises one or more of: sharing secure information over the communication; allowing transaction requests received over the communication; modifying information associated with the verified identity; and continuing the communication. |
| Claim: | 19. The method as in claim 1 , wherein managing the communication to the receiving device according to the identity being verified comprises: receiving one or more identity attributes associated with the identity selected from a group consisting of: a name; an account number; an identification number, a verification level; a demographic; and a treatment level. |
| Claim: | 20. The method as in claim 1 , wherein managing the communication to the receiving device according to the identity being unverified comprises one or more of: preventing sharing secure information over the communication; preventing transaction requests received over the communication; preventing sharing of information associated with the unverified identity; preventing requests for modification of information associated with the unverified identity; instructing against sharing secure information over the communication; instructing against performing transaction requests received over the communication; instructing against sharing of information associated with the unverified identity; instructing against modification of information associated with the unverified identity; treating the communication with an unverified identity; and discontinuing the communication. |
| Claim: | 21. The method as in claim 1 , wherein the communication is selected from a group consisting of: a user-to-user communication; a user-to-enterprise communication; and an enterprise-to-user communication. |
| Claim: | 22. The method as in claim 1 , wherein the identity of the user using the receiving device is verified without the initiating device accessing personally identifying information (PII) associated with the identity. |
| Claim: | 23. The method as in claim 1 , wherein the communication is selected from a group consisting of: a voice communication; a video communication; a text communication; an email communication; and a data communication. |
| Claim: | 24. The method as in claim 1 , wherein the identity of the user using the receiving device is verified based on one or more authentication factors selected from a group consisting of: facial recognition; fingerprint recognition; iris recognition; device location information; social security number input; federal identification number input; password input; pin input; security question input; and credit card code input. |
| Claim: | 25. The method as in claim 1 , wherein the identity of the user using the receiving device is verified based on one or more authentication factors input at the receiving device, and wherein determining whether the identity of the user using the receiving device is verified by the verification service occurs without access to any authentication factors input at the receiving device. |
| Claim: | 26. The method as in claim 1 , further comprising: sending an identity verification request to the receiving device during the communication. |
| Claim: | 27. The method as in claim 26 , further comprising: receiving a verification of identity in response to the identity verification request without access to any verification response input at the receiving device. |
| Claim: | 28. The method as in claim 1 , further comprising, in response to the identity being verified: requesting an increased assurance of verification of the identity by the receiving device during the communication; and managing the communication to the receiving device according to whether an increased assurance is conveyed. |
| Claim: | 29. The method as in claim 28 , wherein requesting the increased assurance of verification of the identity occurs automatically in response to one or more triggers during the communication. |
| Claim: | 30. The method as in claim 1 , further comprising: receiving an identity verification request from the receiving device during the communication; and responding to the identity verification request to the receiving device. |
| Claim: | 31. The method as in claim 30 , wherein receiving the identity verification request and responding to the identity verification request occurs via the verification channel. |
| Claim: | 32. The method as in claim 1 , further comprising: displaying a verification level of the receiving device. |
| Claim: | 33. The method as in claim 1 , further comprising: determining that the identity of the user using the receiving device is verified based on receiving a verification token; and passing the verification token from the initiating device to a second device to cause the second device to determine that the identity of the user using the receiving device is verified based on receiving the verification token. |
| Claim: | 34. The method as in claim 1 , further comprising: determining that the identity of the user using the receiving device is verified based on receiving an unexchangeable verification token. |
| Claim: | 35. The method of claim 1 , further comprising: determining, by the verification service, that the identity of the particular user is attested without disclosing confidential information of the particular user to the initiating device. |
| Claim: | 36. An apparatus, comprising: one or more network interfaces to communicate on a communication channel; one or more network interfaces to communicate on a verification channel; a processor adapted to execute one or more processes; and a memory configured to store a process executable by the processor, the process when executed operable to perform a method comprising: initiating a communication to a receiving device on the communication channel; determining, over the verification channel with a verification service associated with the apparatus, whether an identity of a particular user is verified by the verification service based on whether or not the particular user has logged into a verification service client application on the receiving device, wherein, prior to initiating the communication, the verification service establishes accounts for users of the verification service client application and determines that identities of the users are attested by an attestation service during account establishment; managing, in response to the identity of the particular user using the receiving device verified and thus already attested by the attestation service during the account establishment, the communication to the receiving device according to the identity being verified and thus already attested; and managing, in response to the identity of the particular user using the receiving device being unverified, the communication to the receiving device according to the identity being unverified. |
| Claim: | 37. A tangible, non-transitory, computer-readable medium storing program instructions that cause a computer to execute a process comprising: initiating a communication to a receiving device on a communication channel; determining, over a verification channel with a verification service associated with the computer, whether an identity of a particular user is verified by the verification service based on whether or not the particular user has logged into a verification service client application on the receiving device, wherein, prior to initiating the communication, the verification service establishes accounts for users of the verification service client application and determines that identities of the users are attested by an attestation service during account establishment; managing, in response to the identity of the particular user using the receiving device being verified and thus already attested by the attestation service during the account establishment, the communication to the receiving device according to the identity being verified and thus already attested; and managing, in response to the identity of the particular user using the receiving device being unverified, the communication to the receiving device according to the identity being unverified. |
| Patent References Cited: | 8819803 August 2014 Richards 10117098 October 2018 Naguthanawala 10325259 June 2019 Shahidzadeh 10389874 August 2019 Farnsworth 11089028 August 2021 Alpaugh 20010020228 September 2001 Cantu 20030163700 August 2003 Paatero 20050227680 October 2005 Snowden 20060005237 January 2006 Kobata 20120144198 June 2012 Har 20130111205 May 2013 Biswas 20130339726 December 2013 Yoshida et al. 20140223573 August 2014 Reedy et al. 20140230038 August 2014 Leong 20140310782 October 2014 Vanderveen 20140317413 October 2014 Deutsch 20160253481 September 2016 Tian 20170250816 August 2017 Popa et al. 20170318152 November 2017 Chen 20180013562 January 2018 Haider et al. 20180139206 May 2018 Ezell 20180176372 June 2018 Algard 20180278746 September 2018 Yacov 20180375860 December 2018 Gandhi 20190149539 May 2019 Scruby 20190325129 October 2019 Wang 20190349372 November 2019 Smith 20200042723 February 2020 Krishnamoorthy 20110071201 June 2011 101721582 March 2017 |
| Other References: | International Search Report dated Apr. 19, 2020 in connection with PCT Application No. PCT/US2019/64562. cited by applicant |
| Primary Examiner: | Abyaneh, Ali S |
| Attorney, Agent or Firm: | BEHMKE INNOVATION GROUP LLC Behmke, James M. Schofield, Andy L. |
| رقم الانضمام: | edspgr.12021866 |
| قاعدة البيانات: | USPTO Patent Grants |
| الوصف غير متاح. |