Method of using text and picture formatting options as part of credentials for user authentication, as a part of electronic signature and as a part of challenge for user verification

Abstract

We propose a method that uses formatting options of Font, Font Size, Font Color, Shading, Font Style, Font Effects, Font Underline, Character Effects, Picture coloring, as a part of user passwords, credentials, electronic signature, challenge for user authentication and captcha verification. User personalizes user name and or password or text by choosing combination of proposed factors for each character or word in password. Method includes optional time range where user would have different password and factor combinations for each time range. We also propose a method to use these factors for multi-factor authentication where user is required to format given text as per remotely sent instructions. We propose variation of proposed method that would send text and the instruction to format it using different factors through separate communication channels. For user verification, our method asks user to format the given text or given picture as instructed using different formatting options.

Claims

1. A computer-implemented process of authenticating a user requesting access to protected resource using credentials that are personalized using formatting options, the process comprising: using a computing device to perform the steps of: capturing credentials from the user which are formatted using formatting options, wherein the credentials comprise one or more of formatted user name, formatted password or formatted numerical PIN, and wherein the formatting options comprise Font, Font Size, Font Color, Shading, Font Style, Font Effects, Font Underline, and character effects; comparing the captured formatted credentials against formatted credentials stored on a server that are designated by the user as valid credentials prior to requesting access; flagging the captured credentials as valid and allowing the user to have access when the comparison indicates that a match occurs; flagging the captured credentials as invalid and rejecting the request for access when the comparison indicates that a match does not occur; alerting the user via alert communication methods chosen by the user including email, text message, voice message, voice call, SMS, audible alarm, or visual clues; and logging the user request and the steps performed by the computing device.

2. The process of claim 1, wherein the protected resource is a software application, software service, website, web service, data, hardware device, mobile app, smartphone app, physical area, physical item, bank account, trading account, credit limit, monetary balance, reward points, computer device, or communication device.

3. The process of claim 1, where in wherein the valid credentials are set for each time range and time range is of duration of minutes, a day, days, week, weeks, month, years, day of week or time period of the day.

4. A computer-implemented process of authenticating a user requesting access to protected resource using credentials that are personalized using formatting options, the process comprising: using a computing device to perform the steps of: capturing credentials from the user which are formatted using formatting options, wherein the credentials comprise a formatted picture selected out of many and formatted by the user, and wherein the formatting options comprise applying picture effects, tinting, filtering, folding, cropping, coloring, cutting, zooming, styling, picture bordering, and framing; comparing the captured formatted credentials against formatted credentials stored on a server that are designated by the user as valid credentials prior to requesting access; flagging the captured credentials as valid and allowing the user to have access when the comparison indicates that a match occurs; flagging the captured credentials as invalid and rejecting the request for access when the comparison indicates that a match does not occur; alerting the user via alert communication methods chosen by the user including email, text message, voice message, voice call, SMS, audible alarm, or visual clues; and logging the user request and the steps performed by the computing device.

5. The process of claim 1, wherein the protected resource is a software application, software service, website, web service, data, hardware device, mobile app, smartphone app, physical area, physical item, bank account, trading account, credit limit, monetary balance, reward points, computer device, or communication device.

6. The process of claim 1, where in wherein the valid credentials are set for each time range and time range is of duration of minutes, a day, days, week, weeks, month, years, day of week or time period of the day.

7. A computer-implemented user authentication process that is independently invokable for authenticating a user request to access a protected resource or to supplement authenticating a user requesting access to the protected resource, the process comprising: using a computing device to perform the steps of: delivering formatting instructions, which instruct the user how to format a given text using formatting options comprising of Font, Font Size, Font Color, Shading, Font Style, Font Effects, Font Underline, and character effects, to the user over an alternate channel including Email, SMS, voice message, picture message, video message, or hardware device given to user to receive instructions remotely; providing the text to the user to format; capturing the text on which the user has applied formatting using the formatting instructions; comparing the captured formatted text against a stored text on a server that is formatted using same instructions sent to the user using the alternate channel; flagging the captured text as correctly formatted and alternate authentication process as success when the comparison indicates that a match occurs; flagging the captured text as incorrectly formatted and alternate authentication process as failure when the comparison indicates that a match does not occur; alerting user via alert communication methods of user including email, text message, voice message, voice call, SMS, audible alarm, or visual clues; and logging the steps performed by the computing device.

8. The process of claim 1, wherein the protected resource is a software application, software service, website, web service, data, hardware device, mobile app, smartphone app, physical area, physical item, bank account, trading account, credit limit, monetary balance, reward points, computer device, or communication device.

9. The process of claim 7, wherein the text provided to user to format is delivered using the alternate channel including Email, SMS, text message, voice message, picture message, or video message.

10. The process of claim 7, wherein formatting instructions delivered are encoded and decodable by the user having a decode key.

11. The process of claim 7, wherein formatting instructions delivered are in the form of format instruction hints that the user has setup while configuring a set of formatting instructions for the process to choose randomly when the user makes access request.

12. A computer-implemented user authentication process that is independently invokable for authenticating a user request to access a protected resource or to supplement authenticating a user requesting access to the protected resource, the process comprising: using a computing device to perform the steps of: delivering formatting instructions, which instruct the user how to format a given picture using formatting options comprising of applying picture effects, tinting, filtering, folding, cropping, coloring, cutting, zooming, styling, picture bordering, and framing, to the user over an alternate channel including Email, SMS, voice message, picture message, video message, or hardware device given to user to receive instructions remotely; providing the picture to the user to format; capturing the picture on which the user has applied formatting using the formatting instructions; comparing the captured formatted text against a stored picture on a server that is formatted using same instructions sent to the user using the alternate channel; flagging the captured image as correctly formatted and alternate authentication process as success when the comparison indicates that a match occurs; flagging the captured image as incorrectly formatted and alternate authentication process as failure when the comparison indicates that a match does not occur; alerting user via alert communication methods of user including email, text message, voice message, voice call, SMS, audible alarm, or visual clues; and logging the steps performed by the computing device.

13. The process of claim 1, wherein the protected resource is a software application, software service, website, web service, data, hardware device, mobile app, smartphone app, physical area, physical item, bank account, trading account, credit limit, monetary balance, reward points, computer device, or communication device.

14. The process of claim 7, wherein the picture provided to user to format is delivered using a different alternate channel including Email, SMS, text message, voice message, picture message, or video message.

15. The process of claim 7, wherein formatting instructions delivered are encoded and decodable by the user having a decode key.

16. The process of claim 7, wherein formatting instructions delivered are in the form of format instruction hints that the user has setup while configuring a set of formatting instructions for the process to choose randomly when the user makes access request.

Description

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWING

(1) Flowcharts

(2) FIG. 1. User authentication using Formatting options

(3) Formatted credentials for User authentication compared against pre-defined formatted user credentials.

(4) FIG. 2 Multifactor authentication using formatting options.

(5) Formatted credentials for User authentication, user sent instructions to format through alternate communication preference.

(6) FIG. 3 Multifactor authentication using formatting options (Advanced).

(7) Secret code and formatting instructions sent through separate alternate communication preference.

(8) FIG. 4 User verification: User asked to format text using formatting options.

(9) FIG. 5 User verification: User asked to format picture using formatting options.

(10) FIG. 6 Electronic Signature using formatting options

(11) User asked to format signature using formatting options.

(12) Examples of Process Implementation.

(13) FIG. 7 User authentication: Credentials formatted using different font color.

(14) FIG. 8 User authentication: Credentials formatted using different fill colors.

(15) FIG. 9 User authentication: Credentials formatted using different fonts.

(16) FIG. 10 User authentication: Credentials formatted using different font style.

(17) FIG. 11 User authentication: Credentials formatted using different font size.

(18) FIG. 12 User authentication: Credentials formatted using multiple formatting options

(19) FIG. 13 User authentication: Selecting and Coloring a picture as part of credentials.

(20) FIG. 14 User authentication: Selecting and Coloring a picture as part of credentials, in addition to user id and password. User would have to select his picture and color it.

(21) FIG. 15 User authentication: Coloring a picture as per instructions sent.

(22) FIG. 16 User verification: Coloring a picture as prompted

DETAILED DESCRIPTION

(23) Given below are the examples of user choosing different factor values for different characters in his password text. a. Example of User choosing different colors for different characters: Here We- is colored in blue, are-2 colored in red, H colored in Green, app colored in pink and y! colored in black. b. Example of User choosing different fonts for different characters: Here We- is having Font Arial, are-2 is having Font Lucida Handwriting, H is having Font Arial Black, app is having Font Tempus Sans ITC and y! is having Font Broadway. c. Example of User choosing different font sizes for different characters: Here We- is having Font size 11, are-2 is having Font size 16, H is having Font size 8, app is having Font size 14 and y! is having Font size 9. d. Example of User choosing different font styles for different characters: Here We- is not having Font style Regular, are-2 is having Font style Bold, H is having Font style Italic, appy! is having Font style Bold Italic. e. Example of User choosing different font effects for different characters: Here We- is having Font effect Superscript, are- is having Font effect small caps, not is having Font effect Strikethrough, very- is having Font effect Double Strikethrough, is having Font effect ALL CAPS. f. Example of User choosing different font underline style for different characters: Here We-are is having no Font underline style, 2Happy is having Font Underline style. g. Example of User choosing different shading for different characters: Here We-2-are is having shading of dark black, very- is having shading of light blue, and Happy! is having shading of dark grey.

(24) Given below is the example of user using combination of factors of font, font style, font size and font color. User can configure one or more set of factors for password characters.

(25) E.g. MySecretcode1 on Monday, Wednesday, Friday and MySecretCode2 on rest of the days of the week.

(26) Our Method includes an optional factor of Time range to be used with other factors proposed.

(27) User can choose to have same set of factors all the time or he can choose to have set of factors vary by time. User can choose different factors at different times like day of the week, season, by time of day, week, month or by particular time ranges like 8 to 12 PM Font 1 and Size 10, Color sequence 1, 12 to 3 PM Font 2 and Size 12, Color sequence 2. User may also choose to vary password by time.

(28) During authentication, user has to submit correct password and format it using set of factors of font, font size, font color, font style, font effects, font underline that would be valid at the time of entry. In example above user has chosen two sets of formatting for his password. One for Monday, Wednesday and Friday and other for Tuesday, Thursday, Saturday and Sunday.

(29) We also propose a method to use these format factors for multi-factor authentication where user is required to format password or given text as per remotely sent instructions. User will be asked in Real Time to enter password or given text in given format by sending randomly generated instructions via different communication means like email, text message, chat message, voice message, video message or through dedicated instruction receiving device receiving instructions remotely.

(30) E.g. User attempting to login to his account is sent an instruction via registered device to enter password in Arial Font size 14, color blue for first two characters, color dark green for last two characters, last 4 characters in italic. If user enters correct password and formats it according to factor combination instruction sent to him, he is considered to have pass the validation and allowed access.

(31) We propose variation of proposed method that would send text and the instruction to format it using different factors through separate communication channels.

(32) We propose another variation for multi-factor authentication where instead of actual instruction, user is sent factor combination code or message that pairs with configured factor combination. Only user would know which code pairs with which configuration. User will have to format the password or given text using his the instruction that would match with the code or message that he received.

(33) E.g. when user is sent code BigOrange and he would infer that it is paired with factors of Font size 16 and Font color Orange based on his personal knowledge just as he knows his password. User will apply font size of 16 and font color of orange to pass the validation. Code can be generated by user himself or it can be some system generated value like FC1001. User would be pre-configuring pairs of Format factor combinations. If user has configured 3 pairs of format code and format factor combination, system will randomly choose one code and send it to the user.

(34) During user verification, user has to format the characters of word(s) in exactly in same way as it is instructed by using same Font, Font Size, Font Color, Font Style, Font Effects and Font Underline given in instructions. If match occurs, entity attempting to fulfill a challenge is considered to be real human user.

(35) We also propose technique that can be used as an alternative to passwords and user captcha verification text.

(36) Images are always easy for users to remember and work with.

(37) The new technique is to have user perform actions such as picture tweaking, applying picture effects, tinting, filtering, folding, coloring, cutting, zooming, picture bordering and framing to match stored picture credential in case user authentication or to match displayed picture during user captcha verification. User can store different picture credential for different time slots and locations.

(38) If picture that gets generated as a result of user actions matches stored credential picture valid at that moment, user is said to be authenticated. Similarly, during captcha verification if user actions result in a match with displayed picture, entity attempting at captcha is considered to be real human user and not a robot program.

(39) Proposed techniques are aimed at making it very hard to making it impossible for hackers to steal or use stolen credentials and at the same time it's easy for users to use it.