US2021110061A1PendingUtilityA1

Secure access to physical and digital assets using authentication key

59
Assignee: ZORTAG INCPriority: Jan 24, 2018Filed: Nov 30, 2020Published: Apr 15, 2021
Est. expiryJan 24, 2038(~11.5 yrs left)· nominal 20-yr term from priority
G06F 21/36G06Q 20/401H04W 12/63H04W 12/084G06Q 20/3223G06Q 20/4014G06K 19/06037G06Q 20/4016G06K 19/0723G06Q 20/409G06F 21/35G06Q 20/3276G06Q 10/00H04L 63/0853H04L 63/083G06K 7/1417G06F 2221/2111G06K 19/14G06F 21/31G06K 7/1413G06K 7/10366G07F 7/08G06F 21/6245H04W 12/77H04W 4/80G06Q 20/382H04W 12/06G06F 2221/2137
59
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

Authorized access to a digital asset is obtained by associating an authentication tag with a physical object accessible to a user, by configuring the tag with a first dataset comprised of a random distribution of three-dimensional elements and with a second dataset comprised of machine-readable data elements, and by authorizing a mobile device to scan the elements. The first and second datasets together comprise an authentication key that uniquely identifies the object and, in turn, the user. The authentication key is scanned by a device in response to a prompt from the digital asset to obtain scanned key data. Predetermined key data and a device identifier indicative of the authorized device are stored in a database. Access to the digital asset is allowed when the scanned key data matches the stored predetermined key data, and when the device scanning the data is authorized.

Claims

exact text as granted — not AI-modified
1 - 12 . (canceled) 
     
     
         13 . A method for authorizing access by a user to a digital asset of a first entity, comprising:
 storing a unique device identifier indicative of a mobile device of the user in a database of a second entity that is independent from the first entity;   storing key data from an authentication key of an authentication tag in the database of the second entity, the authentication key including a first dataset comprised of a random distribution of three-dimensional elements and a second dataset comprised of machine-readable data elements, the authentication key uniquely identifying the user;   providing the user with a physical object having the authentication tag and authorizing only the mobile device having the unique device identifier to read the authentication key of the authentication tag;   reading a session identification code provided by the first entity using the mobile device in response to the user requesting access to the digital asset, the first entity thereafter prompting the user to read the authentication key with the mobile device to generate scanned key data; and   determining if the scanned key data read by the mobile device matches the key data stored in the database of the second entity, and allowing access by the user to the digital asset only if the scanned key data read by the mobile device matches the key data stored in the database of the second entity.   
     
     
         14 . The method of  claim 13 , further comprising:
 receiving, from the user, a user name and password to the first entity prior to the first entity providing the session identification code to the user.   
     
     
         15 . The method of  claim 13 , wherein the reading the authentication key of the authentication tag is performed by configuring the mobile device as a portable, handheld, image capture device, and by aiming the image capture device at the authentication tag to capture return light from the three-dimensional elements. 
     
     
         16 . The method of  claim 13 , further comprising:
 registering a name of the user with the first entity when the scanned key data matches the key data stored in the database.   
     
     
         17 . The method of  claim 13 , wherein the mobile device is authorized to read the authentication key of the authentication tag by comparing a device identifier of the mobile device with the unique device identifier stored in the second database upon the mobile device reading the session identification code. 
     
     
         18 . The method of  claim 13 , wherein the machine-readable data elements of the second dataset are encoded in at least one Radio Frequency Identification (RFID) chip. 
     
     
         19 . The method of  claim 13 , further comprising:
 displaying a plurality of icons indicative of at least one of a card, a service, an asset on the mobile device, and activating a selected icon when the scanned key data matches the key data stored in the database of the second entity.   
     
     
         20 . The method of  claim 13 , further comprising:
 storing a second unique device identifier indicative of a second mobile device of a second user in the database and determining if the scanned key data read by both the mobile device and the second mobile device matches the key data stored in the database of the second entity; and   allowing the user to access the digital asset only if the scanned key data read by both the mobile device and the second mobile device matches the key data stored in the database of the second entity.   
     
     
         21 . The method of  claim 13 , wherein the session identification code includes a plurality of session parameters that are captured by the mobile device in response to an access request. 
     
     
         22 . The method of  claim 21 , wherein at least one of the plurality of session parameters comprises geolocation coordinates of the mobile device. 
     
     
         23 . A system for authorizing access by a user to a digital asset, the user utilizing a mobile device with a unique device identifier, comprising:
 a first entity possessing the digital asset;   a second entity independent from the first entity that stores the unique device identifier of the mobile device and stores key data from an authentication key of an authentication tag in a database, the authentication key including a first dataset comprised of a random distribution of three-dimensional elements and a second dataset comprised of machine-readable data elements, the authentication key uniquely identifying the user;   a physical object having the authentication tag with the authentication key, the authentication key capable of only being read by the mobile device having the unique device identifier; and   a computing device independent from the mobile device, the computing device displaying a session identification code provided by the first entity in response to the user requesting access to the digital asset through the computing device, the first entity prompting the user to read the authentication key to generate scanned key data upon the mobile device reading the session identification code, the first entity allowing access by the user to the digital asset only if the scanned key data read by the mobile device matches the key data stored in the database of the second entity.   
     
     
         24 . The system of  claim 23 , wherein the user provides a user name and password to the first entity using the computing device prior to the first entity providing the session identification code to the user. 
     
     
         25 . The system of  claim 23 , wherein the mobile device reads the authentication key of the authentication tag by configuring the mobile device as a portable, handheld, image capture device, and by aiming the image capture device at the authentication tag to capture return light from the three-dimensional elements. 
     
     
         26 . The system of  claim 23 , wherein the physical object comprises a storage medium that stores the authentication key that can only being accessed by the mobile device having the unique device identifier. 
     
     
         27 . The system of  claim 23 , wherein the session identification code includes a plurality of session parameters that are captured by the mobile device in response to an access request. 
     
     
         28 . The system of  claim 27 , wherein at least one of the plurality of session parameters comprises geolocation coordinates of the mobile device. 
     
     
         29 . The system of  claim 23 , wherein the mobile device is authorized to read the authentication key of the authentication tag by comparing a device identifier of the mobile device with the unique device identifier stored in the second database upon the mobile device reading the session identification code. 
     
     
         30 . The system of  claim 23 , wherein the machine-readable data elements of the second dataset are encoded in at least one Radio Frequency Identification (RFID) chip. 
     
     
         31 . The system of  claim 23 , wherein a second user utilizes a second mobile device having a second unique device identifier, the second unique device identifier being stored in the database, the first entity prompting both the user and the second user to read the authentication key to generate scanned key data upon both the mobile device and the second mobile device reading the session identification code, the first entity allowing access by the user to the digital asset only if the scanned key data read by both the mobile device and the second mobile device matches the key data stored in the database of the second entity. 
     
     
         32 . The system of  claim 23 , wherein additional key data from an additional authentication key of the authentication tag that uniquely identifies the physical object is stored in the database, the first entity allowing access by the user to the digital asset only if scanned additional key data read by the mobile device matches the additional key data stored in the database.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.