Secure access to physical and digital assets using authentication key
Abstract
Authorized access to a digital asset is obtained by associating an authentication tag with a physical object accessible to a user, by configuring the tag with a first dataset comprised of a random distribution of three-dimensional elements and with a second dataset comprised of machine-readable data elements, and by authorizing a mobile device to scan the elements. The first and second datasets together comprise an authentication key that uniquely identifies the object and, in turn, the user. The authentication key is scanned by a device in response to a prompt from the digital asset to obtain scanned key data. Predetermined key data and a device identifier indicative of the authorized device are stored in a database. Access to the digital asset is allowed when the scanned key data matches the stored predetermined key data, and when the device scanning the data is authorized.
Claims
exact text as granted — not AI-modified1 - 12 . (canceled)
13 . A method for authorizing access by a user to a digital asset of a first entity, comprising:
storing a unique device identifier indicative of a mobile device of the user in a database of a second entity that is independent from the first entity; storing key data from an authentication key of an authentication tag in the database of the second entity, the authentication key including a first dataset comprised of a random distribution of three-dimensional elements and a second dataset comprised of machine-readable data elements, the authentication key uniquely identifying the user; providing the user with a physical object having the authentication tag and authorizing only the mobile device having the unique device identifier to read the authentication key of the authentication tag; reading a session identification code provided by the first entity using the mobile device in response to the user requesting access to the digital asset, the first entity thereafter prompting the user to read the authentication key with the mobile device to generate scanned key data; and determining if the scanned key data read by the mobile device matches the key data stored in the database of the second entity, and allowing access by the user to the digital asset only if the scanned key data read by the mobile device matches the key data stored in the database of the second entity.
14 . The method of claim 13 , further comprising:
receiving, from the user, a user name and password to the first entity prior to the first entity providing the session identification code to the user.
15 . The method of claim 13 , wherein the reading the authentication key of the authentication tag is performed by configuring the mobile device as a portable, handheld, image capture device, and by aiming the image capture device at the authentication tag to capture return light from the three-dimensional elements.
16 . The method of claim 13 , further comprising:
registering a name of the user with the first entity when the scanned key data matches the key data stored in the database.
17 . The method of claim 13 , wherein the mobile device is authorized to read the authentication key of the authentication tag by comparing a device identifier of the mobile device with the unique device identifier stored in the second database upon the mobile device reading the session identification code.
18 . The method of claim 13 , wherein the machine-readable data elements of the second dataset are encoded in at least one Radio Frequency Identification (RFID) chip.
19 . The method of claim 13 , further comprising:
displaying a plurality of icons indicative of at least one of a card, a service, an asset on the mobile device, and activating a selected icon when the scanned key data matches the key data stored in the database of the second entity.
20 . The method of claim 13 , further comprising:
storing a second unique device identifier indicative of a second mobile device of a second user in the database and determining if the scanned key data read by both the mobile device and the second mobile device matches the key data stored in the database of the second entity; and allowing the user to access the digital asset only if the scanned key data read by both the mobile device and the second mobile device matches the key data stored in the database of the second entity.
21 . The method of claim 13 , wherein the session identification code includes a plurality of session parameters that are captured by the mobile device in response to an access request.
22 . The method of claim 21 , wherein at least one of the plurality of session parameters comprises geolocation coordinates of the mobile device.
23 . A system for authorizing access by a user to a digital asset, the user utilizing a mobile device with a unique device identifier, comprising:
a first entity possessing the digital asset; a second entity independent from the first entity that stores the unique device identifier of the mobile device and stores key data from an authentication key of an authentication tag in a database, the authentication key including a first dataset comprised of a random distribution of three-dimensional elements and a second dataset comprised of machine-readable data elements, the authentication key uniquely identifying the user; a physical object having the authentication tag with the authentication key, the authentication key capable of only being read by the mobile device having the unique device identifier; and a computing device independent from the mobile device, the computing device displaying a session identification code provided by the first entity in response to the user requesting access to the digital asset through the computing device, the first entity prompting the user to read the authentication key to generate scanned key data upon the mobile device reading the session identification code, the first entity allowing access by the user to the digital asset only if the scanned key data read by the mobile device matches the key data stored in the database of the second entity.
24 . The system of claim 23 , wherein the user provides a user name and password to the first entity using the computing device prior to the first entity providing the session identification code to the user.
25 . The system of claim 23 , wherein the mobile device reads the authentication key of the authentication tag by configuring the mobile device as a portable, handheld, image capture device, and by aiming the image capture device at the authentication tag to capture return light from the three-dimensional elements.
26 . The system of claim 23 , wherein the physical object comprises a storage medium that stores the authentication key that can only being accessed by the mobile device having the unique device identifier.
27 . The system of claim 23 , wherein the session identification code includes a plurality of session parameters that are captured by the mobile device in response to an access request.
28 . The system of claim 27 , wherein at least one of the plurality of session parameters comprises geolocation coordinates of the mobile device.
29 . The system of claim 23 , wherein the mobile device is authorized to read the authentication key of the authentication tag by comparing a device identifier of the mobile device with the unique device identifier stored in the second database upon the mobile device reading the session identification code.
30 . The system of claim 23 , wherein the machine-readable data elements of the second dataset are encoded in at least one Radio Frequency Identification (RFID) chip.
31 . The system of claim 23 , wherein a second user utilizes a second mobile device having a second unique device identifier, the second unique device identifier being stored in the database, the first entity prompting both the user and the second user to read the authentication key to generate scanned key data upon both the mobile device and the second mobile device reading the session identification code, the first entity allowing access by the user to the digital asset only if the scanned key data read by both the mobile device and the second mobile device matches the key data stored in the database of the second entity.
32 . The system of claim 23 , wherein additional key data from an additional authentication key of the authentication tag that uniquely identifies the physical object is stored in the database, the first entity allowing access by the user to the digital asset only if scanned additional key data read by the mobile device matches the additional key data stored in the database.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.