[go: up one dir, main page]

GB2515449A - Method and system for User Acceptability - Google Patents

Method and system for User Acceptability Download PDF

Info

Publication number
GB2515449A
GB2515449A GB1304748.5A GB201304748A GB2515449A GB 2515449 A GB2515449 A GB 2515449A GB 201304748 A GB201304748 A GB 201304748A GB 2515449 A GB2515449 A GB 2515449A
Authority
GB
United Kingdom
Prior art keywords
user
confidence
measure
data
upper level
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB1304748.5A
Other versions
GB201304748D0 (en
Inventor
Errol Damelin
Daniel Hegarty
Jonty Hurwitz
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
WONGA Tech Ltd
Original Assignee
WONGA Tech Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by WONGA Tech Ltd filed Critical WONGA Tech Ltd
Priority to GB1304748.5A priority Critical patent/GB2515449A/en
Publication of GB201304748D0 publication Critical patent/GB201304748D0/en
Priority to PCT/EP2014/054593 priority patent/WO2014139956A1/en
Publication of GB2515449A publication Critical patent/GB2515449A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2133Verifying human interaction, e.g., Captcha

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Social Psychology (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

An input 2 is provided for receiving data identifying a user. A graphical control is presented to the user 8, the control providing a lower level, and upper level and a pointer movable between the lower and upper levels. The pointer is initially presented at a position between the lower and upper levels according to a trust rating 6. Selections 12 are made by the user on the graphical control indicating a final position of the control and any interim positions. An output dependent on the selections made by the user is sent to a confidence calculation unit to determine a measure of confidence of the acceptability of the user.

Description

METHOD AND SYSTEM FOR USER ACCEPTABILITY
BACKGROUND OF THE INVENTION
This invention relates to methods and systems for determining acceptability of users of online systems.
There are many known systems and methods for verifying or authenticating that a user of a device or online terminal is who they say they are and that they have authority to access the data or service they are requesting. An example of such a system includes the standard arrangement for providing a username and password, this information having been provided separately to the user. By providing this knowledge, the user indicates to the access system that they have appropriate authorisation. More sophisticated schemes include smartcard systems as used in online banking systems or conditional access television systems in which a smartcard stores encryption algorithms which may be used in conjunction with a personal identification number (P1N) so as to indicate to an onhne system that the user has possession of the independently provided smartcard and PIN which have been delivered separately to the user.
Systems such as those described above can be very secure, particularly the chip and PIN style of system. Accordingly, these are typically deployed in systems, which simply allow or deny access to data or services as a result of a log-in procedure involving the acceptability step.
SUMMARY OF THE INVENTION
We have appreciated that some types of system, particularly online systems, do not need security at such a high level as the chip and PIN approach. Some systems may simply need a determination of whether a user is acceptable. For example, some online systems need the ability to determine that a user is acceptable to use the system without any independent channel of communication between the user and the online service other than by the online service itself. In addition, we have appreciated the need for speed of determining acceptability for online systems.
The invention is defined in the claims to which reference is now directed.
An embodiment of the invention provides a system having a graphical control presentation unit arranged to present to the user a geographical control, the S control comprising a lower level, upper level and a pointer moveable between the lower and upper level. The graphical control presentation unit is arranged to initially present the pointer at a position between the lower level and upper level and to present the upper level determined according to a trust rating calculated for the user The advantage of this approach is that the initial upper level position may be based on prior stored data related to the user, or indeed based on the fact that the system has little or no such stored data. In either case, the initial position is appropriately determined.
An input is arranged to receive data specifying a selection made by the user on the graphical control indicafing a final position of the control and any interim selections, and an output arranged to assert the data specifying initial position and the selections made by the user, to a confidence calculation unit, to use this data to determine a measure of confidence of the acceptability of the user. Using this approach, the confidence calculation unit is able to determine a confidence measure based not only on data such as indicating the choice and manner in which a user makes a selection, but also data indicating whether the initial position was similar to the final position selected as well as the final position itself.
The system may be arranged such that the initial position of the upper level or the the pointer is appropriate for the user, in which case the confidence calculation would give a lower confidence if the user made a different selection. Similarly, the system may be arranged such that the initial positions are inappropriate, in which case a lower confidence value would be calculated is the user does not change the position. In this way, the output of the system may be more than a simple access/deny message, but rather is a measure of confidence that may be expressed as a scalar value such as a percentage or a vector value such as scores for each of a number of metrics. Such a confidence measure may be used in subsequent processing in the onfine system to determine the extent to which access is given to data, services or other aspects of onne systems. An elegant system for providing appropriate user access may thereby be provided.
The graphical presentation unit may present multiple such controls and data from multiple such controls may be used as part of the acceptability calculation.
BRIEF DESCRIPTION OF THE DRAWINGS
The invention will now be described in more detail by way of example with reference to the drawings, in which: Figure 1: is a schematic diagram of a system embodying the invention; Figure 2: shows example graphical controls; and Figure 3: is a flow diagram showing a method embodying the invention.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
The invention may be embodied in an online access system that seeks responses from a user prior to allowing access to data or services, whether then provided online or via some other route. The invention is particularly applicable to systems requiring a rapid measure of acceptability of a user is needed, but without requiring any additional data exchange outside of the online system. An online system may be any system with which a user remotely seeks to communicate by wired, wireless or other connection for the purpose of obtaining access to a service.
The request for user acceptability may be made as part of the user's online usage, and must not delay this process unduly. Since a certain amount of time will be required for retrieval and the analysis, the call to this function should be made as early as possible so it can run in the background, and be ready once the user reaches the relevant section of their online use. The calculation of acceptability may also call third party data.
The measure of acceptability of a user, in embodiments of the invention, may be a scalar value such as a simple value on a scale from 1 to 10, or a more complex vector. The measure of acceptability may therefore be used in a variety of ways arid for a variety of purposes. One example is for system access. In this example, the measure of acceptability may be used to aliow access to a certain level of secure online material. Another example is for physical access as a secure entry system. In this example, rather than requiring an exact value to be entered, the graphical control allows for an inexacL value to be entered, but the manner in which the value is entered forms a part of the determination as to whether entry should be permitted. A new approach to security is thereby provided.
An embodiment of the invention provides a system such that a user is presented with a graphical display such as a slider having a lower level, upper level and a pointer at a position between. The pointer is set to an initial value and with an upper limit determined by the system and, based on this initial position, upper limit and subsequent movement of the pointer by the user, a measure of confidence for the user may be determined. The slider may indicate a parameter for a variety of choices, such as an input of a user related valuer a time period, a date or other value that the user may select.
System Overview Figure 1 is a diagram of the main functional components of a system I embodying the invention. It is to be understood that each of these components may comprise separate hardware or software modules, some of which may be combined. The modules are described separately for ease of understanding.
A user data input module 2 may be at a client device such as a PC, mobile telephoner tablet or any suitable device connected to the system 1 via wired or wireless connection such as the Internet. The user data input module may comprises one or more of a touch screen, mouse, keyboard, voice recognition or other control.
An input 4 receives the user data such as a username, userid (if the user is a prior user of the system) and any other suitable user related data from the client device. This is provided to a trust rating determination module 6. The trust module 6 calculates an initial value indicating the level to which the user is trusted. For example, a new user is given a low trust value. A user that frequently uses the system and has already proven to be a reliable user wiU be given a higher trust rating. Further details of determining initial trust ratings are given later.
Once determined, the trust rating is provided to a graphical control presentation module for determining an appropriate graphical display to present to the user based on the initial trust rating. The graphical display will have a lower level, upper level and possible posUions between for a moveable indicator, here referred to as a pointer. The graphical control presentation module 8 determines an appropriate upper limit and optionally the initial position for the pointer based on the trust rating for user. One approach to this is that the pointer could be higher along the scale ci the display, the higher the trust rating. Another approach is to vary the upper limit, but to fix the initial position at a position for ali users, such as at a delta offset from the mid position. The deita may be a fixed parameter of the system of variable.
The graphical control presentation module 8 provides an output to a display 11 on which the graphical control is presented to a user. A user input 12 is provided by which a user may manipulate the graphical control to select a value or values.
The user input 12 may be one or more of a touch screen, mouse, keyboard, voice recognition or other control. The user data input 2, the display 11 and the user input 12 may be combined as a single touchscreen device such as a smart phone or tablet computer, or may be separate such as a separate display, mouse and keyboard of a personal computer.
The user may select a value on the display using the pointer via a user input 12 which provides this value to the confidence calculation module 10 which calculates a confidence value from the intial position and the user selection. The confidence value may be asserted as an output signal on an output line 13 to control functionality of the systems I or provided to a separate system.
Figure 2 shows example graphical displays to present to a user by which selections may be made of input values for the system. Figure 2a shows a single slider 20 arrangement allowing a user to select a single value between a minimum value 21 and maximum value 22 usIng a poInter 24. The maximum value is determined according to a trust rating as previously described. In one example, a user that has previously used the system is provided with a high trust value and so the upper maximum value 22 may be high. However, if the user immediately selects the maximum value of access required each time they log Into the system, this behaviour could actually reduce the amount of access they are given. As another example, if the user selects a lower value of access required, then this may demonstrate a more considered approach by the user and allow a higher level of confidence to be calculated and greater access given.
As previously noted, the confidence value may be used to allow access to an amount of material or could be used for other purposes such as allowing an amount of bandwidth online or other such purposes.
Figure 2b is a similar arrangement to Figure 2a and shows multiple sliders with like components labelled as in Figure 2a. In this arrangement, each slider may represent different types of entry. For example, each slider may represent a period of time that a user may enter In response to a question. The confidence value may be based on the values provided.
Figure 2c is a rotary version of the sliders of Figure 2b and show a pointer 24 between minimum and maximum values as before.
In each of the embodiments shown in FIgure 2, a user has the ability to enter one or more values using an indicator along a scale to provide either an exact of an approximate value between the upper and lower levels.
Figure 3 shows a process embodying the invention that may be operabe at a cflent device or at a server. At receiving step 30, data is received identifying a user. At step 31, a determination is made as to whether the use is a new user. If so, a default trust rating is retrieved at step 36. If the user is not a new user, then their trust rating is retrieved at step 32. The retrieved trust rating is used as the basis for presenting sUders on screen at step 33. At step 34, the selections made by a user are received and at step 35 a confidence calculation made based on the selections made.

Claims (10)

  1. CLAIMS1. A system for providing a measure of confidence of acceptability of a user of an onhne system, comprising: an input for receiving data identifying the user; a graphical control presentation unit arranged to present to the user a graphical control, the control comprising a lower level, upper level and a pointer moveabie between the lower and upper level, wherein the graphical control presentation unit is arranged to initially present the pointer at a position between the lower level and upper level and to present the upper level determined according to a trust rating; an input arranged to receive data specifying selections made by the user on the graphical control indicating a final position o the control and any interim positions; and an output arranged to assert data providing the selections made by the user, to a confidence calculation unit, to use this data to determine a measure of confidence of the acceptability of the user.
  2. 2. A system according to claim 1. including the confidence calculation unit arranged to determine the measure of confidence that the user is the specified individuaL
  3. 3. A system according to claim 2, wherein the confidence calculation unit is arranged to determine the measure of confidence as a function of the data specifying the selections made by the user and one or more further factors.
  4. 4, A system according to any of claims 1, 2 or 3, wherein system is arranged to retrieve the trust rating based on the data identifying the user.
  5. 5. A system according to any of claims 1 2 or 3, wherein system is arranged to retrieve a default trust rating if the data identifying the user specificies that the user is a new user of the system.
  6. 6. A method for providing a measure of confidence of acceptability of a user of an online system, comprising: receiving data identifying the user; presenting to the user a geographical control, the control comprising a lower level, upper level and a pointer moveable between the lower and upper level, wherein pointer is initially presented at a position between the lower level and upper level and the upper level is determined according to a trust rating; receiving data specifying selections made by the user on the graphical control indicating a final position of the control and any interim positions; and asserting data providing the selections made by the user, to a confidence calculation unit, to use this data to determine a measure of confidence of the acceptability of the user.
  7. 7. A method according to claim 6, comprising determining the measure of confidence that the user is the specified individual.
  8. 8. A system according to claim 7. comprising determining the measure of confidence as a function of the data specifying the selections made by the user and one or more further factors.
  9. 9. A system according to any of claims 6, 7 or 8, comprising retrieving the trust rating based on the data identifying the user.
  10. 10. A system according to any of claims 6, 7 or 8, comprising retrieving a default trust rating if the data identifying the user specificies that the user is a new user of the system.
GB1304748.5A 2013-03-15 2013-03-15 Method and system for User Acceptability Withdrawn GB2515449A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
GB1304748.5A GB2515449A (en) 2013-03-15 2013-03-15 Method and system for User Acceptability
PCT/EP2014/054593 WO2014139956A1 (en) 2013-03-15 2014-03-10 Method and system for user acceptability

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB1304748.5A GB2515449A (en) 2013-03-15 2013-03-15 Method and system for User Acceptability

Publications (2)

Publication Number Publication Date
GB201304748D0 GB201304748D0 (en) 2013-05-01
GB2515449A true GB2515449A (en) 2014-12-31

Family

ID=48226450

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1304748.5A Withdrawn GB2515449A (en) 2013-03-15 2013-03-15 Method and system for User Acceptability

Country Status (2)

Country Link
GB (1) GB2515449A (en)
WO (1) WO2014139956A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112199658B (en) * 2020-10-16 2024-04-09 咪咕文化科技有限公司 Verification method and system of verification code, client device and server device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1056014A1 (en) * 1999-05-28 2000-11-29 Hewlett-Packard Company System for providing a trustworthy user interface
US20060042483A1 (en) * 2004-09-02 2006-03-02 Work James D Method and system for reputation evaluation of online users in a social networking scheme

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8136167B1 (en) * 2008-10-20 2012-03-13 Google Inc. Systems and methods for providing image feedback
US8474018B2 (en) * 2010-09-03 2013-06-25 Ebay Inc. Role-based attribute based access control (RABAC)
US20120323700A1 (en) * 2011-06-20 2012-12-20 Prays Nikolay Aleksandrovich Image-based captcha system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1056014A1 (en) * 1999-05-28 2000-11-29 Hewlett-Packard Company System for providing a trustworthy user interface
US20060042483A1 (en) * 2004-09-02 2006-03-02 Work James D Method and system for reputation evaluation of online users in a social networking scheme

Also Published As

Publication number Publication date
WO2014139956A1 (en) 2014-09-18
GB201304748D0 (en) 2013-05-01

Similar Documents

Publication Publication Date Title
CN110178179B (en) Voice signature for authenticating to electronic device users
KR102601279B1 (en) Remote usage of locally stored biometric authentication data
EP3198911B1 (en) Scalable authentication process selection based upon sensor inputs
US10282537B2 (en) Single prompt multiple-response user authentication method
US9866549B2 (en) Antialiasing for picture passwords and other touch displays
EP2892002B1 (en) Method of executing function of electronic device and electronic device using the same
US9756040B2 (en) User authentication method with enhanced security
US20170064555A1 (en) Dynamic unlock mechanisms for mobile devices
US20150242605A1 (en) Continuous authentication with a mobile device
US9000927B2 (en) System and method for monitoring biometric data
US9721087B1 (en) User authentication
KR102649375B1 (en) Methods, systems and media for authenticating users using biometric signatures
US11710157B2 (en) Methods, systems, and media for presenting an advertisement that facilitates the purchase of content associated with an application
CN111915315B (en) Authentication mode recommendation method and device, electronic equipment and readable storage medium
US20150143493A1 (en) Electronic device and login method thereof
GB2515449A (en) Method and system for User Acceptability
KR102570399B1 (en) Method and apparatus for recommending places
US12245041B2 (en) Dynamic keyboard for electronic computing device
US12124555B2 (en) Method and device for providing secure access to an electronic device
US20140279390A1 (en) Method and system for determining an online loan
KR102177392B1 (en) User authentication system and method based on context data
US11159840B2 (en) User-aware remote control for shared devices
CN119007323B (en) Management method and terminal for intelligent exhibition one-code communication
US11989665B2 (en) Methods and systems for customizing recommendations based on user actions
US11785094B2 (en) Secure content delivery computer system

Legal Events

Date Code Title Description
732E Amendments to the register in respect of changes of name or changes affecting rights (sect. 32/1977)

Free format text: REGISTERED BETWEEN 20150507 AND 20150513

WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)