Integrated Second Factor Authentication
Abstract
Techniques and apparatuses are described that enable integrated second factor authentication. These techniques and apparatuses enable the improved security of something you have without the accompanying inconvenience or chance of loss. To do so, a secure physical entity is integrated within a computing device. While this provides the something you have without a need to carry a separate object with you, the something you have also must not be able to be accessed remotely. To prevent remote access physical wires are connected from the secure physical entity to physical structures on the computing device. In this way, a hacker or cyber thief cannot convince an authentication system that the cyber attacker does indeed have the something you have because to do so the attacker must be in physical possession of the computing device.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A computing device comprising:
a secure physical entity integrated with the computing device; physical structures communicatively connected to the secure physical entity through wires; one or more processors; and one or more computer-readable storage media having instructions thereon that, responsive to execution by the one or more processors, perform operations comprising:
receiving, through the wires, a combination of physical selections made through the physical structures;
determining, based on the combination of physical selections, that a person is in possession of the secure physical entity; and
indicating that the person is in possession of the secure physical entity.
2 . The computing device of claim 1 , wherein indicating that the person is in possession of the secure physical entity is sufficient to enable access to a resource of the computing device.
3 . The computing device of claim 1 , wherein the operations further comprise:
receiving a credential; and responsive to authentication of the credential and to the indication that the person is in possession of the secure physical entity, enabling access to a resource of the computing device.
4 . The computing device of claim 1 , wherein at least one of the one or more processors and at least one of the one or more computer-readable storage media are integrated with the secure physical entity.
5 . The computing device of claim 4 , wherein the at least one of the one or more computer-readable storage media that is integrated with the secure physical entity is firmware, and wherein the firmware performs the operations.
6 . The computing device of claim 1 , wherein the secure physical entity includes wired input ports for each of the wires, the wired input ports not capable of being communicated with other than through the wires.
7 . The computing device of claim 1 , wherein the secure physical entity includes multiple unique combinations of physical selections associated each with one of multiple different persons.
8 . The computing device of claim 1 , wherein:
the secure physical entity is a silicon chip integral with an integrated circuit, motherboard, or other hardware of the computing device; the silicon chip is wired to the physical structures; and the receiving receives the combination of physical selections at the silicon chip and through the wires.
9 . The computing device of claim 1 , wherein the secure physical entity includes a previously set unique combination of physical selections associated with the person.
10 . The computing device of claim 1 , wherein indicating that the person is in possession of the secure physical entity presents a user interface through which credentials can be received.
11 . The computing device of claim 1 , wherein the operations further comprise receiving another physical selection made through an another physical structure, the other physical structure integral with a peripheral associated with, but remote from, the computing device, the receiving through a near field communication (NFC), and further comprising determining that the person is in possession of the secure physical entity based on the combination of physical selections and the other physical selection.
12 . The computing device of claim 1 , wherein the physical structures include a mechanical structure requiring movement to indicate a selection and a non-mechanical structure requiring proximity of a part of the person to indicate a selection.
13 . A method comprising:
receiving, through a wired or near-field communication (NFC) wireless transmission, a combination of physical selections, the combination of physical selections made through two or more physical structures, the two or more physical structures integrated with a computing device or a peripheral of the computing device; determining, based on the combination of physical selections, that a person is in possession of a secure physical entity, the secure physical entity integral with the computing device; and responsive to determining possession of the secure physical entity, enabling use of a resource of the computing device.
14 . The method of claim 13 , further comprising:
receiving a credential, and wherein enabling the use of the resource is further responsive to authentication of the credential.
15 . The method of claim 13 , further comprising, prior to receiving the combination of physical selections, initializing the secure physical entity to the person effective to store in the secure physical entity a selected combination of physical selections and associate the selected combination to the person or to the resource of the computing device.
16 . The method of claim 13 , wherein determining that the person is in possession of the secure physical entity comprises comparing the combination of physical selections with a unique combination associated with, and previously initialized to, the person.
17 . The method of claim 13 , wherein the secure physical entity is a silicon chip integral with an integrated circuit, motherboard, or other hardware of the computing device.
18 . The method of claim 13 , further comprising:
receiving a different combination of physical selections made through two or more different physical structures, the two or more different physical structures integrated with the computing device or the peripheral of the computing device; determining that the different combination of physical selections do or do not match one of multiple unique combinations stored in the secure physical entity; and
responsive to the different combination of physical selections not matching one of the multiple unique combinations, denying access to the resource of the computing device; or
responsive to the different combination of physical selections matching one of the multiple unique combinations, enabling use of the resource of the computing device.
19 . The method of claim 13 , wherein the physical structures include a key or button of a keyboard, the keyboard associated with but not integral with the computing device, the keyboard including a wireless NFC transmitter through which the NFC wireless transmission is transmitted.
20 . A method comprising:
receiving through wires a combination of physical selections, the combination of physical selections made through three or more physical structures, the three or more physical structures integrated with a computing device; determining, based on the combination of physical selections, that a person is in possession of a secure physical entity, the secure physical entity integral with the computing device; authenticating the person based on the combination of physical selections; and responsive to determining possession of the secure physical entity and authenticating the person, enabling use of a resource of the computing device.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.