WO2017143193A1 - Wearable token-based authentication for touch-enabled devices - Google Patents

Abstract

A token is disclosed for performing multi-factor authentication with a device having a capacitive touchscreen. In an example embodiment, the token comprises: a capacitive transmitter to capacitively communicate a token-based second credential to a touchscreen in conjunction with the entering of a first known factor. In example embodiments, the token facilitates single step, multi-factor authentication, comprises an optical receiver to optically receive optical communications from the capacitive touchscreen, and/or is a wearable token. A method for two-way communication between a token and a capacitive touchscreen is disclosed and comprises: transmitting a token identifier associated with the token capacitively from the token to the capacitive touchscreen; and receiving optical feedback information by the token from the capacitive touchscreen. A token is disclosed that comprises: a capacitive transmitter to capacitively communicate with a capacitive touchscreen; and an optical receiver to optically receive communications from the capacitive touchscreen.

Description

WEARABLE TOKEN- BASED AUTHENTICATION

FOR TOUCH-ENABLED DEVICES

FIELD OF THE INVENTION

The subject of this disclosure may relate generally to wearable token-based authentication systems, methods and devices. In particular to wearable token-based user authentication for touch-enabled devices.

BACKGROUND OF THE INVENTION

We live in a world where users own and frequently switch between multiple mobile devices. While these frequent interactions often help simplify users' day-to-day tasks, it can also present an increasing desire for secure and convenient ways of authenticating users to their multiple devices. Conventionally, user authentication to mobile devices has tended to be through passwords or PINs (personal identification number), identity cards (ID), and/or biometrics. Passwords/PINs and ID cards are vulnerable to being lost or stolen by an adversary, and it can also be inconvenient for users to remember multiple passwords to authenticate to different devices. Biometric sensors tend only to be available on a small subset of devices, and many such sensors lack robustness and/or can be easily spoofed.

There are a number of conventional approaches to token-based authentication, but all have certain limitations. For example, some conventional approaches to proving possession of a security token include swiping a magnetic stripe card, bringing an RFID (radio frequency identification) or NFC (near-field communication) device in proximity of a reader, manually entering a one-time password (OTP) provided and/or generated by the token, etc. Some such approaches (e.g., manual OTP entry, card swiping, etc.) involve extra time and effort from a user, which can be inconvenient and/or otherwise undesirable. Other such approaches (e.g., RFID, NFC, etc.) tend to rely on a sufficient energy budget (battery) to operate and the existence of appropriate receiver technology and protocols on each device.

SUMMARY OF THE INVENTION

In accordance with various example embodiments, a token is disclosed for performing multi-factor authentication with a device having a capacitive touchscreen. In an example embodiment, the token comprises: a capacitive transmitter to capacitively communicate a token-based second credential to a touchscreen in conjunction with the entering of a first known factor.

In an example embodiment, the token facilitates single step, multi-factor authentication by the capacitive transmitter passing, from the token to the touchscreen, the token identifier while the user inputs the password. In an example embodiment, the token further comprises an optical receiver to optically receive optical communications from the capacitive touchscreen enabling two-way communication between a wearable token and the capacitive touchscreen, and enabling challenge-response authentication. In an example embodiment, the token is a wearable token.

In accordance with another example embodiment, a method for two-way communication between a token and a capacitive touchscreen is disclosed. In an example embodiment, the method comprises: transmitting a token identifier associated with the token capacitively from the token to the capacitive touchscreen; and receiving optical feedback information by the token from the capacitive touchscreen.

In accordance with another example embodiment, a token is disclosed that comprises: a capacitive transmitter to capacitively communicate with a capacitive touchscreen; and an optical receiver to optically receive communications from the capacitive touchscreen.

BRIEF DESCRIPTION OF THE DRAWINGS

These and other features, aspects and advantages of the present invention will become better understood with reference to the following description, appending claims, and accompanying drawings where:

Figure 1 illustrates an example ring-shaped token being used to authenticate the wearer via a touchscreen device;

Figure 2 illustrates an example token being used to enter a password on a touchscreen device while also providing a token identifier;

Figure 3 illustrates an example embodiment of a token for implementing visual- assisted capacitive communication;

Figure 4 illustrates an overview of an example one-step two factor authentication protocol;

Figure 5 illustrates an overview of example visual-assisted capacitive communication in context of illustrative logical components inside a hardware token and touchscreen.

DETAILED DESCRIPTION

Accordingly, some embodiments include an authentication token that is designed to securely communicate identity, is easy to carry, and is highly energy-efficient. Some embodiments of the invention are implemented in a form factor that is conveniently wearable, such as a ring. Such a form factor helps ensure that the token remains on the user's person substantially at all times and is difficult to lose, steal, etc. However, implementing such a form factor can give rise to certain technical challenges, which implementations described herein seek to overcome. One such challenge is that it can be desirable for the token to freely communicate with a wide variety of touch-enabled electronic devices, including mobile devices (e.g., smart phones, tablets, touchscreen computers), Internet of Things appliances, ATMs, car screens, etc. Another such challenge is that it can be desirable for the token to consume very little power, so that it rarely needs charging, does not radiate excessive heat, etc. (all of which potentially causing the user to remove the token). Accordingly, some embodiments described herein include novel types of communication channels and/or communications protocols that facilitate the token securely proving its presence in a manner that consumes very little energy.

Embodiments described herein include a wearable, low-energy security token (e.g., a ring) for authentication with touch-screen devices such as phones, tablets, watches, cars, etc. In some implementations, authentication of a user involves the user touching the token to a touchscreen, which can trigger an authentication protocol. For the sake of illustration, FIG. 1 shows a ring-shaped token being used to authenticate the wearer via a touchscreen device. As described herein, the ring token can support two-way communications (e.g., full-duplex) by capacitively communicating to the touchscreen, and optically receiving communications from the touchscreen.

For example, a secure channel can be established, and energy requirements can be reduced by exploiting a novel screen communication technique. According to some implementations, an uplink can be provided from the token to the device by modulating capacitance through a capacitor switching technique. A downlink can be provided by using a visible light communication (VLC) link from the screen pixels to an optical detector on the token. The downlink can facilitate identifying the device and providing feedback, which can be used to adjust transmission parameters, improve robustness in the authentication process, etc. Some embodiments use such a token for multi-factor (e.g., two-factor) authentication. In one such embodiment, the user can enter information with the token (e.g., enter a passcode, draw a partem, etc.) during the token-based authentication. For example, for higher security applications, such an approach can allow two-factor authentication in one step where the possession of a security token is identified during entry of a second credential. Some embodiments include a novel communications protocol, referred to herein as visual-assisted capacitive communication (VCC). VCC facilitates full-duplex communications between the token and the touchscreen through two contrasting technologies: capacitive communication, and visible light communication (VLC). In VCC, the token can communicate a unique ID to the device when in contact with the device's touchscreen through capacitive communication, and can use a VLC link from the screen pixels to an optical receiver on the ring for feedback. The token can use the feedback information to adjust its communication parameters. Such adjustment can minimize errors in the authentication process, minimize re-transmissions, and provide other features, which can improve energy efficiency.

Notably, implementations described herein further support a reasonably high data rate. Some prior related approaches (e.g., an approach referred to as capacitive touch communication (CTC)) only supported transmission of a few bits to a capacitive touch screen, which tended be useful only for distinguishing among small sets of possible users (e.g., a few family members). In contrast, approaches described herein can achieve high authentication accuracy with a low energy budget and a reasonably high data-rate capacity on the communication channel. A higher data rate can be particularly useful in scenarios where a larger minimum ID length is desired. For example, for frequent access scenarios (e.g., phone unlocking), a short ID may suffice; but for less frequent access scenarios (e.g., ATM access), a longer ID may be required to ensure higher security. A higher data rate can help ensure that the response time or latency for typical ID lengths remains within user acceptance limits.

Various implementations can communicate authentication credentials via the token in different ways. In one implementation, touching the token to the touchscreen can cause the token to capacitively communicate a token identifier (i.e., a user credential) to the device via the touchscreen. In another implementation, the token identifier is not transmitted from the token until another action is detected. For example, the token can wait for a visual cue from the touchscreen (e.g., a particular shape, pattem, color, etc.) prior to communicating the token identifier. The visual cue can be communicated in response, for example, to another type of authentication (e.g., a manually entered personal identification number (PIN), a biometric, login to an application, etc.).

In another implementation, the token identifier can be transmitted in chunks, along with other triggers. FIG. 2 illustrates such an implementation. As illustrated, a user wearing a ring token keys in a PIN, "0315." In response to keying in each digit of the PIN, a corresponding chunk of the token identifier ("1101101010110010") can be transmitted. For example, when the wearer uses the ring token to touch the digit "0", visual feedback from the touchscreen triggers the token to transmit a first chunk of the token identifier (" 1101"). Remaining chunks of the token identifier can be transmitted in response to visual cues generated after each other digit of the PIN is keyed in using the token. Alternatively, accurately keying in the PIN (or tracing out a path, etc.) can cause the touchscreen to generate a visual cue, and the token can optically receive the cue and capacitively transmit the token identifier in response thereto.

As illustrated by the above examples, a token-based approach as described herein, can permit single-step, multi -factor authentication. For example, a wearable ring-like token can communicate identity information, such as a unique token ID or a code generated by the token (i.e., a first authentication factor), to a device's touchscreen; while the user inputs a second authentication factor, such as a password or a swipe partem on the touchscreen. The device can authenticate the user upon successful verification and validation of the token ID and the second factor (e.g., concurrently). By the time the password or pattern is input by the user, the token ID can already have been communicated and recovered by the touchscreen device. Because the device is informed of both authentication factors at substantially the same time, two-factor authentication can be realized through a single step. This can help make the authentication process more convenient and faster, while maintaining the benefits of multi-factor security.

One aspect of embodiments described herein is visual-assisted capacitive communication (VCC), a novel communication technique that includes a novel capacitive communication technique with a visual feedback channel. The capacitive communication channel allows a wearable token to communicate with the touch-enabled device, while the visual channel provides a medium for the device to communicate back to the token. In some implementations, the visual channel can be used as a feedback channel that assists in improving the communication performance of the capacitive communication.

FIG. 3 shows an illustrative embodiments of a ring-shaped token for implementing VCC. The token includes an outer conductive layer and an inner insulative layer. When worn by a user, the insulative layer is effectively sandwiched as a dielectric layer between the skin of the user and the conductive surface, thereby forming a capacitor. An electrical switch can be coupled across the capacitor and controlled by a microcontroller. The microcontroller can have one or more codes (e.g., n-bit binary codes) stored thereon (or in communication therewith), and the "capacitor" of the token can be switched according to the code(s) to generate a modulated capacitance signal. The modulated capacitance signal can be used as a transmission (e.g., uplink) signal to a capacitive touchscreen device. The token can also include an optical detector (e.g., one or more photodiodes, charge coupled devices, etc.) for receiving optical feedback from the touchscreen device. For example, the screen pixels can be used to communicate via color, brightness, pattern, optical modulation, and/or in any other suitable manner. Some implementations of the token also include a mechanical switch to actuate the other functions of the token. For example, when the ring is pressed against the touchscreen, the mechanical switch can be depressed, which can initiate an authentication protocol using the VCC communications.

As described above, communications from the token to the touchscreen can be capacitive. For example, capacitive communication (CC) can effectively turn any capacitive touchscreen into a communication medium through which a hardware token can transmit a data sequence to the device. In essence, the hardware token can stimulate the touchscreen to generate a series of touchscreen events (e.g., repetitive and irregular touch events in a certain pattern). The pattern can be controlled and modulated by the token, so that it carries the data sequence to be transmitted, which is then decoded and received by the touch-enabled device. The particular types of CC described herein can increase data transmission rates by up to lOx over many traditional approaches (i.e., more than 40 bits per second). Moreover, the particular types of CC described herein can also reduce energy consumption for the communication by more than 2 orders of magnitude as compared to those prior approaches (e.g., where high-voltage electrical pulses from a token were used to stimulate touch-events on the device).

Some implementations of the CC link are essentially unidirectional, where the token is the transmitter and the touchscreen is the receiver. However, as described herein, an optical channel can be added to enable bi-directional communication. For example, two-way communications can facilitate challenge-response authentication, whereby a "response" from the authenticating device is part of the authentication. These and other types of authentication are only available with a feedback channel, which can be facilitated by integrating a visual channel into CC. The resulting novel visual-assisted capacitive communication (VCC) permits the touchscreen to communicate feedback information to the token through a visible light communication (VLC) channel.

Implementations can use a visual communication channel as a feedback link to acknowledge and communicate screen specific parameters to the token. Such feedback can be used in many ways, including, for example, to assist in improving capacitive communication quality. For example, information in the form of bits can be communicated from the screen by modulating the ON and OFF state of a rectangular block of screen pixels at high frequency (e.g., imperceptible to the eye), which can be received by a photodetector receiver on the token. With the token in extreme close proximity to the visual transmitter (e.g., with the ring touching the screen), the optical signal on the receiver can be a relatively low-noise signal, which can permit a simple, easily integrated receiver design. For example, some implementations use an off-the-shelf photodetector (that detects visible light wavelengths), without any filtering and/or amplification components. The received optical signal can be decode by the microcontroller and/or any other suitable component of the token.

In some implementations, the visual channel allows the touch-enabled device to communicate screen parameters and received signal quality metrics back to the token. For example, upon receipt of the signal through capacitive communication, the device can relay back to the token the number of touch-events registered on the device, and the refresh (clock) frequency of the screen, and/or any other suitable information. The feedback information can be used to adapt transmission parameters on the token, to help validate the token identifier(s) based on acknowledgment via the screen, etc. For example, the visual feedback design can effectively provide an additional dimension for authentication information verification. By keeping the token informed of the screen parameters, the feedback link can also help achieve virtual synchronization between the screen and ring, which can facilitate appreciably higher data-rate capacity in VCC as compared to traditional CC approaches.

Some embodiments include a novel protocol for one-step two-factor authentication (2FA). For the sake of illustration, a threat model is envisioned. First, the information from a lost or compromised device may be used to authenticate to another device. Second, if the signal from the wearable device is captured (or sniffed), it may be used to authenticate to devices (a "replay" attack). Third, in the event that the token is lost or stolen, the device may be authenticated by an unauthorized individual. The one-step 2FA protocol described herein can address such a threat model. For example, the authentication protocol can involve only a single step of data entry from the user (e.g., password/PIN), while requests for transmissions, transaction of a token identifier, and the acknowledgements can happen in the background through VCC. Accordingly, the second authentication factor can effectively be realized in a manner that is transparent to the user and concurrent with the first authentication factor.

FIG. 4 shows an overview of an embodiment of the one-step 2FA protocol. As illustrated, the authentication token can first send its ID and an authentication request to the mobile device via a CC channel. Upon recognizing the token's ID, the mobile device can use the visual channel to send back its device ID and/or a set of parameters and specifications of the screen. The first piece of information, the device ID, can help the token to decide which password to send for authentication (e.g., where the token has multiple stored codes for different devices, applications, etc.). The second piece of information, the screen specifications, can help the token to decide on the key parameters of the CC channel. An example of the screen parameter can be the maximum touch detection rate of the screen (i.e., a maximum number of touch events the screen can recognize per second). This parameter can allow the token to adapt its transmission rate to optimize for the CC channel. In a third step, the token can compute a one-time password (e.g., specifically) for that mobile device (or application, etc.), based on the device's ID and/or other parameters. The one-time password can be sent to the mobile device for authentication using the CC channel. In a final step, the result of the authentication can be returned to the token by the mobile device via the visual channel.

In some embodiments, the authentication protocol includes a preset procedure where the token and the device agree (the two devices will be registered to a secure server) on a hash function that both will be using during the validation process of the two IDs; the token ID and password/PIN. In this way, the validation can be performed at both devices, and different pairs of token-device can use different hash functions. For example, if a device is compromised or lost to an adversary, the information on that device may not be usable to authenticate on other devices.

VISUAL-ASSISTED CAPACITIVE COMMUNICATION

FIG. 5 shows an overview of visual-assisted capacitive communication (VCC) in context of illustrative logical components inside a hardware token and touchscreen. One aspect of VCC is capacitive communication, which effectively transmits to capacitive touchscreens by "spoofing" the screen's touch detection algorithm to generate a of sequence touch and no-touch events. Unlike some prior approaches, the capacitive communication of VCC uses capacitive modulation to generate a capacitive transmission signal that stimulates touchscreen events.

Capacitive touchscreens typically include an array of conducting electrodes behind a transparent, insulating glass layer, which can detect a touch by measuring additional capacitance of a human body through a touch point. When a user touches the screen, the finger acts as the second electrode in a capacitor; the internal electrode, the finger, and a glass layer in between constitute the virtually modified capacitor. This new capacitor and the user's body (that has a certain capacitance) is connected to the electrode circuit that is detected by a voltage integration circuitry inside the screen. The change in voltage measured at one or more screen electrodes is then passed to the screen controller for processing to conclude the presence or absence of human finger. In some touch-enabled devices, detected touch events are each represented by a 6-tuple structure, including touch event timestamps, touch event screen coordinates, transmitted ID, touch size, touch amplitude, and type of touch. The timestamp information of these series of events can be used to reconstruct originally transmitted data.

According to some prior approaches, a transmitter can send an unsynchronized low- frequency signal at relatively high voltage, and the signal can charge and discharge the screen capacitor based on the pulse patterns embedded on the signal. In this way, the wearable device can affect the internal voltage measurement process by injecting a high-voltage signal through the screen, thereby creating artificial touch events. This technique of generating touch events is based on high-voltage injection into the screen, referred to herein as "voltage- injection CC." Voltage-injection CC can be limited in various ways. Because the technique to generate touch events in voltage-injection CC can only indirectly affect the capacitance measurement of the screen (i.e., not the capacitance itself), it can be highly inefficient and ineffective in many contexts. As a result, such an approach can typically only generate a number of touch events that is far below the capacity of the touchscreen. The limitation in event generation can drastically impact the communication data rate, as data rate can be proportional to the number of touch events generated per second. For example, a typical reported data rate of voltage-injection CC is around 4 bits per second, which can be unsuitable for many authentication purposes. Another limitation is that, since such techniques inject a high altemating voltage (pulse) into the sensing electrode, it can rely on a high-capacity power source and can consume a relatively large amount of power. Another limitation is that the transmitter and the receiver are unsynchronized. This asynchrony can result in unpredictable numbers of artificial touch events having arrival times that can be close to random. Therefore, the generated event sequence might not follow the transmitted bit sequence partem, making it, in many cases, hard to detect the signals and reconstruct the original bit sequence. This can limit the ability of voltage-injection CC to demodulate a bit sequence with a random (or non-deterministic) length and/or bit order. Instead, it typically can only transmit short bit sequences with a length that is known to the transmitter and receiver.

The capacitive communication approaches described herein can provide an efficient and accurate way of effecting touch events, along with an appreciable increase in data communication rate and an appreciable reduction in power consumption as compared to voltage-injection CC. The CC approach described herein involves changing the capacitance of a token surface, with respect to a screen controller, by selectively connecting and disconnecting the token surface to the wearer's skin (e.g., finger). For example, as described above, the conductive token surface can be isolated from the wearer's skin via an insulative (dielectric) layer, so that providing a switchable path between the conductive surface and the skin effectively creates a switchable capacitor.

When the token is in close proximity to (e.g., touching) the capacitive touchscreen, toggling the switch (i.e., creating a capacitive event) can stimulate a corresponding touch event on the touchscreen. Thus, artificial touch events can be generated by controlling the switch through an ON-OFF sequence of electrical pulses generated by a microcontroller on the token. In contrast to voltage-injection CC, this capacitor switching approach directly affects the effective capacitance observed by the event detection mechanism on the touchscreen. Notably, such an approach can efficiently generate touch events without modifying the internal touch detection mechanism of a typical screen controller, thereby facilitating implementation in context of off-the-shelf touchscreen enabled devices. Further, by avoiding high-voltage signal generation, the capacitive switching approach can achieve better energy efficiency, which can provide features, such as longer battery life (or smaller battery form factor, etc.), less heat generation, etc.

In various implementations, the sequence of artificial events generated can follow bit patterns (Ts and O's) that correspond the information to be transmitted to the touchscreen. Implementing the bit pattem can involve a novel modulation technique that defines how a bit sequence can be represented in terms of artificial touch events. Notably, designing such a modulation scheme compatible with the artificial touch events can present various challenges. For example, if the period duration is improperly selected, the number of events generated during a switch ON time period can be unpredictable. Implementations design the ON time- duration to match with an internal touch sampling frequency of the screen. For example, if the ON time is too short, it can be missed by the screen controller; if the ON time is too long, unexpected touch events may be generated due to the change in human capacitance within this duration, and the screen being very sensitive can capture these changes leading to errors in event detection algorithm. The ON time-duration can be dynamically set based on feedback from the screen, as described above. Another challenge to such a modulation scheme is that, even though the screen controller can capture all events generated by the token, drifts in the arrival time of stimulated events (e.g., due to random delay and workload of the touchscreen device) can lead to errors in a demodulation process.

In one example, embodiments identifying an optimal ON/OFF duration for the token to generate events that will be correctly recognized by the touchscreen. Further, implementations design a mapping of the ones and zeros from the bit sequence to "Touch" and "No Touch" states to overcome the challenges caused by the inconsistency of time arrival of registered events. The ON time is the period during which the screen controller can capture the change in capacitance and record touch events. A smaller ON period can reduce the number of unexpected registered touch events. Some implementations can determine an optimal ON duration through an empirical approach, for example, by iterating from a largest ON duration to a smallest ON duration, while recording the total number of registered events on the screen. An optimal ON duration can be determined as the one where the number of events registered are equal to the number of ON durations in the token's signal. The OFF time is the period during which no event should be registered to the screen controller. In some implementations, particularly where the screen can only distinguish two different events (captured on two different scanning times), a small OFF time can be selected so that the sum of events recognized during ON time and OFF time is at least greater than a scanning rate of the screen (e.g., obtained from manufacturer specifications).

In another example, embodiments can map a bit sequence to the ON/OFF (Touch/No- Touch) states of the pulse in any suitable manner. For example, a Manchester encoding scheme can be used, in which a T is modulated by generating an event during one ON time duration and a no-event in one OFF time duration; and a '0' is modulated by generating no- events during one ON (or OFF) time duration. Such a mapping can allow for a stipulated interval between two successive touch events such that they are distinguishable by the touch controller. Using a minimal number of ON states can also minimize energy consumption of the transmitter (token). In addition, the communication payload can also include "pilot" bits. One implementation includes preamble pilots (e.g., 1-bit long) that are appended at the start and the end of the payload bits to guarantee that the system is able to detect bit zero if the sequence starts or ends with 0s. Another implementation includes identification, or mid- amble, pilots (e.g., 1-bit long) that are placed in the middle of the payload (e.g., midway in the bit-sequence) to separate different bit chunks, helping the receiver eliminate time drift of multiple similar touch events.

As a case-study example, consider transmitting character 'm' from a token to a touchscreen using the proposed modulation technique. Represented in 8-bit format, the ASCII binary code of the character 'm' is '0110 1101 '. Using 'U' and 'D' to annotate the state at which the switch is opened (UP) and closed (DOWN), respectively, a control sequence could be DD UD UD DD UD UD DD UD.

Some embodiments further include a demodulation scheme for demodulating the artificial touch events and recovering the bit sequence transmitted by the token. The scheme described herein assumes a typical 6-tuple data structure for recording touch events, and the scheme uses event-type and arrival time-stamp properties to recover the bit sequence. Typically, a touchscreen controller differentiates finger interactions with screen through the event-type property; finger touch down (DOWN), finger lift up (UP event), finger move across the screen (MOVE), etc. Typically a human touch interaction with the screen includes one DOWN event and one UP event. As described above, such human touch interactions can be spoofed by OPEN and CLOSE operations (or the like) of a hardware switch in a token transmitter. For example, when the switch transitions from OPEN state to CLOSE state, it can create a DOWN event on the screen; and when the switch transitions from CLOSE state to OPEN state, the screen can record an UP event. In some implementations, then, the receiver can maps a DOWN-then-UP event as bit T, and an UP -then-DOWN event as bit Ό'. Notably, in such a scheme, a contiguous sequence of bit O's is also represented as an UP- then-DOWN event; however, the UP duration is longer; UP event of the bit 1 right before the 0s and the DOWN event of the bit 1 that follows suit.

Detecting the UP-to-DOWN event sequences (and vice-versa) reliably and consistently can involve the receiver algorithm knowing precise arrival times of the touch events. However, touchscreen controllers are typically designed primarily to detect touch events, but not to precisely capture the time at which a signal arrives on the screen. While the arrival times can be estimated from the event time-stamps generated by the controller, the timestamps can be inconsistent with the series of signals arriving on the screen due to time drifts. Accordingly, some implementations accommodate the transmitter to truncate longer bit sequences (for transmission) into smaller chunks. Some implementations also include pilot bits with each chuck to add reliability to detecting the chunks. At the receiver, some implementations asymmetrically recover bit 'l's and 'O's based on the distribution of UP and DOWN events in each chunk duration. This process can enable the bit recovery process to be conducted in short time windows thus limiting errors and inconsistencies caused by time drifts.

The bits 'l's and 'O's can be recovered from the touch-events based on the event types and the arrival time. If tr(i) represents the arrival time of an event i, the bit-recovery mechanism in the token receiver can be described as a two-step procedure. In a first step, two successive events i and i +1 can represent a bit T if and only if: (a) the ith event type is DOWN and the (i + l)th event type is UP; and (b) the difference between arrival times of those events is less than the ON duration of the incoming signal. In a second step, the two events i and i +1 represent a sequence of N continuous 0s when the ith event type and the (i+l)th event type are UP and DOWN, respectively. Also, the inter-arrival times of the two events should be greater than the entire bit period. If these two conditions are met, determining the number of 0s between the two touch events can be straightforward; for example, equal to the ratio of the inter-arrival time, and the sum of ON and OFF durations.

As described above, embodiments further include an optical feedback channel. For example, some authentication procedures described herein involve recovering two forms of identity (i.e., two factors of authentication): one communicated from the token, and another manually input by the user. These can be authenticated against users stored in a database, or the like. For example, the database can be pre-loaded, or be downloaded from a server (using a wireless connection) upon authentication service initiation, accessed on the cloud, etc. As described above, implementations permit the two forms of ID to be input at a same time. However, the accuracy of such authentication in a one-step procedure can rely on the accurate recovery of the identity information. Manual inputs such as password typing or swipe patterns provide a visual feedback of what the user is inputting to the device and can be reentered during re-attempts for login. However, such reattempts (re-transmissions) through the capacitive communication channel will extrude more battery energy on the token and do not necessarily guarantee improvement in accuracy.

By reconfiguring the transmit parameters, such as the length of bit sequence and the duration of ON and OFF states, based on the number of events generated on the screen, errors in recovering the bits at the receiver (i.e., the receiver at the mobile device) can be significantly reduced. Further, knowledge of clock frequency of the screen at the transmitter can enable synchronous (coherent) communication between the token and the screen. Synchronization in the VCC process can significantly minimize (almost remove) inconsistency and irregularities in screen touch event generation. Such feedback information can be provided by the optical feedback link. For example, upon first contact of the token with the touchscreen, the touch-enabled device can communicate its clock frequency, total number of events generated, and/or other information via its screen using a visible light communication (VLC) channel.

Use of the VLC can provide a number of features. One feature is that an implicit arrangement of screen as transmitter and a hardware receiver can present a VLC system where information can be transmitted by modulating the light intensity from the screen pixels to an optical receiver integrated into a wearable token. Another feature is that the extreme close proximity between the transmitter (screen pixel) and the receiver can allow for reliable, high-data-rate communication as the distance based path loss and perspective issues are less of a concern. Another feature is that, though both devices essentially are transceivers, the transmission and reception can be on orthogonal channels (i.e., CC and VLC), thereby avoiding scheduling mechanisms.

The VLC system can be implemented with communications between screen pixels of the touchscreen and photodiode (or similar) receiver circuitry of the token. Information to be communicated, encoded as bits, can be modulated as ON and OFF states of the screen pixels, or as any other optically detectable change in the screen pixels. For example, when the token makes contact with the screen for communicating through VCC, a white color or a black color can be displayed on the screen (in the region of the photodetector) representing the ON or OFF states, respectively. Transitioning between these states at a rate equal to the data rate can provide reliable detection of the ON-OFF states of the screen on the photodetector on the token.

PROTOTYPE IMPLEMENTATION

The following describes an illustrative prototype of a token for implementing VCC, as described herein. The prototype environment includes a wearable hardware token and a software application on a smartphone device running Android OS. The prototype token device consists of a micro-controller, powered by a coin-cell battery, which controls the ON- OFF operations of an electrical switch. The switch, along with an insulating layer, acts as the interface between the ring surface (the ring has a flat rectangular face on one end) and the ring's body. A programmable Arduino Pro Mini 3.37V generates electrical pulses based on the bit sequence, stored in its flash memory, using the modulation technique, as described above. A mechanical switch is coupled with the surface of the ring, under the conductive layer on the surface. When this switch is pressed against the screen, it closes to turn on the Arduino to start the communication. When the ring is lifted off the screen, the switch returns to its normal-open mode, and all power on the ring can be turned off. This can help save energy of the ring, and can prevent the bit sequence from being accidentally transmitted. The bit sequence corresponds to the token ID that is to be transmitted from the ring to the device. The electrical pulses control a relay switch (one instance of the relay is reed relay) that helps to register capacitive touch events on the host device (i.e., receiver) when the ring is in contact with the host device's touch screen surface. To ensure that the capacitance changes are significant enough to enforce consistent touch events between each switching cycle, a capacitor can be placed in between the human finger and the relay switch.

The prototype design includes careful grounding (GND) so as to eliminate any extraneous and parasitic capacitance that can influence the capacitance changes in the circuit. The design leads to primarily three GND points: Battery's GND, Mobile device's GND, and Human's GND. Due to the multiple distributed GNDs, the prototype can have unstable signals when operating over different environments. For example, the GND value (voltage or reference capacitance) when a user operates the ring from 8th floor of a building can be different from that on the 1st floor. The anomaly can be eliminated by ensuring that GNDs across different components of the circuit are carefully connected to a single, common, GND point. For example, all GNDs can be wired together to a single point that connects to a virtual common reference point on the human body. Treating the common ground electrical value as reference, signals from the prototype are more tractable and stable across different environments.

The photodetector receiver is implemented as an off-the-shelf photodetector (BPV10) that connects in series to a 1 ohm resistor and then to the digital IN pin of the Arduino on the ring. A script on the Arduino can detect the light intensity and demodulate Is and 0s based on simple thresholding. The sampling rate of the photodetector is set to the maximum clock frequency of the Arduino, which is significantly higher than the transmission rate of 60bps.

The prototype also includes an Android application to read the token IDs communicated by the token device. The IDs are pre-populated and an array of ID options are stored in the flash memory of the tokens. The application contains a JAVA implementation of VCC's demodulation algorithm and the One-step 2FA protocol. Upon usage, the user tap the ring surface on the numbers displayed on the screen to key in their unique PIN codes (the code will be known to the user and the app on the device). Upon completion of the PIN code input, the app simultaneously verifies the PIN number and the ring's ID, emulating the 2FA in single-step. Upon recovery of the bit sequence, the screen is also set to modulate the screen pixels through VLC using white and black colors as ON and OFF states. A 10x 10 screen pixel region is used where the ring makes contact in this case.

The various techniques can be implemented with any suitable hardware and/or software component(s) and/or module(s), including, but not limited to circuits, application specific integrated circuits (ASICs), general purpose processors, digital signal processors (DSPs), field programmable gate arrays (FPGAs), programmable logic devices (PLD), discrete gates, transistor logic devices, discrete hardware components, or combinations thereof. For example, steps of methods or algorithms, or other functionality described in connection with embodiments, can be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in any form of tangible storage medium. Some examples of storage media that may be used include random access memory (RAM), read only memory (ROM), flash memory, EPROM memory, EEPROM memory, registers, a hard disk, a removable disk, a CD-ROM and so forth. A storage medium may be coupled to a processor such that the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor. A software module may be a single instruction, or many instructions, and may be distributed over several different code segments, among different programs, and across multiple storage media. Thus, a computer program product may perform operations presented herein. For example, such a computer program product may be a computer readable tangible medium having instructions tangibly stored (and/or encoded) thereon, the instructions being executable by one or more processors to perform the operations described herein. The computer program product may include packaging material. Software or instructions may also be transmitted over a transmission medium. For example, software may be transmitted from a website, server, or other remote source using a transmission medium such as a coaxial cable, fiber optic cable, twisted pair, digital subscriber line (DSL), or wireless technology such as infrared, radio, or microwave.

The methods disclosed herein include one or more actions for achieving the described method. The method and/or actions can be interchanged with one another without departing from the scope of the claims. In other words, unless a specific order of actions is specified, the order and/or use of specific actions can be modified without departing from the scope of the claims. The various operations of methods and functions of certain system components described above can be performed by any suitable means capable of performing the corresponding functions.

Other examples and implementations are within the scope and spirit of the disclosure and appended claims. For example, features implementing functions can also be physically located at various positions, including being distributed such that portions of functions are implemented at different physical locations. Also, as used herein, including in the claims, "or" as used in a list of items prefaced by "at least one of indicates a disjunctive list such that, for example, a list of "at least one of A, B, or C" means A or B or C or AB or AC or BC or ABC (i.e., A and B and C). Further, the term "exemplary" does not mean that the described example is preferred or better than other examples.

Various changes, substitutions, and alterations to the techniques described herein can be made without departing from the technology of the teachings as defined by the appended claims. Moreover, the scope of the disclosure and claims is not limited to the particular aspects of the process, machine, manufacture, composition of matter, means, methods, and actions described above. Processes, machines, manufacture, compositions of matter, means, methods, or actions, presently existing or later to be developed, that perform substantially the same function or achieve substantially the same result as the corresponding aspects described herein can be utilized. Accordingly, the appended claims include within their scope such processes, machines, manufacture, compositions of matter, means, methods, or actions.

Claims

WHAT IS CLAIMED IS:

1. A token for performing multi-factor authentication with a device having a capacitive touchscreen, the token comprising:

a capacitive transmitter to capacitively communicate a token-based second credential to a touchscreen in conjunction with the entering of a first known factor.

2. The token of claim 1, wherein the first known factor is a password, and wherein the token-based second credential is a token identifier.

3. The token of claim 2, wherein the token facilitates single step, multi-factor authentication by the capacitive transmitter passing, from the token to the touchscreen, the token identifier while the user inputs the password.

4. The token of claim 1 , wherein the token facilitates single step, multi-factor authentication by using the token itself to physically enter the first known factor; and wherein the token-based second credential is communicated to the touchscreen during one or more of the times that the token is used to physically enter the first known factor.

5. The token of claim 4, wherein the token-based second credential is completely communicated to the touchscreen by the time the first known factor has been entered.

6. The token of claim 5, wherein each touch of the token for entering the first known factor also enters a portion of the token-based second credential.

7. The token of claim 2, further comprising an optical receiver to optically receive optical communications from the capacitive touchscreen enabling two-way communication between a wearable token and the capacitive touchscreen, and enabling challenge-response authentication.

8. The token of claim 1 , wherein the token is a wearable token.

9. The token of claim 1, wherein the authentication is according to visual-assisted capacitive communication (VCC).

10. The wearable token of claim 8, wherein the capacitive communications from the wearable token to the capacitive touchscreen comprises modulating capacitance by capacitor switching.

11. The wearable token of claim 7, wherein the optical communication from the capacitive touchscreen to the wearable token comprises a visible light communication (VLC) link by which screen pixels of the touchscreen communicate with an optical detector receiver on the wearable token.

12. The wearable token of claim 7, wherein the two-way communication further comprises adjusting capacitive communication parameters and transmission scheduling in response to feedback from the touchscreen via the optical communications.

13. The wearable token of claim 8, wherein the wearable token is a ring.

14. A method for two-way communication between a token and a capacitive touchscreen, the method comprising:

transmitting a token identifier associated with the token capacitively from the token to the capacitive touchscreen; and

receiving optical feedback information by the token from the capacitive touchscreen.

15. The method of claim 14, wherein the token is a wearable token, and wherein the transmitting comprises modulating capacitance by capacitor switching.

16. The method of claim 15, wherein the receiving comprises receiving a visible light communication (VLC) signal via screen pixels of the touchscreen.

17. The method of claim 15, further comprising:

adjusting the wearable token's capacitive communication parameters and/or transmission scheduling in response to the receiving.

18. The method of claim 15, wherein:

the transmitting comprises:

first transmitting a token label associated with the wearable token capacitively from the wearable token to the capacitive touchscreen; and

second transmitting a wearer identifier associated with a wearer of the wearable token capacitively from the wearable token to the capacitive touchscreen; and

the receiving comprises:

first receiving a device label optically by the wearable token from the capacitive touchscreen in response to the first transmitting; and

second receiving an authentication acknowledgement optically by the wearable token from the capacitive touchscreen in response to the second transmitting.

19. A token comprising:

a capacitive transmitter to capacitively communicate with a capacitive touchscreen; and

an optical receiver to optically receive communications from the capacitive touchscreen.

20. The token of claim 19, wherein the token is a wearable token.

21. The wearable token of claim 20, further comprising:

a ring-shaped housing having the capacitive transmitter and the optical receiver housed thereby.

22. The wearable token of claim 20, wherein the capacitive transmitter comprises:

a conductive surface;

an insulative layer disposed between the conductive surface and a wearer interface a token identification store;

an electrical switch coupled between the conductive surface and the wearer interface; a microcontroller coupled with the token identification store and the electrical switch, and

configured to selectively actuate the electrical switch according to data of the token identification store, thereby generating a modulating capacitance signal.

23. The wearable token of claim 22, wherein, when the wearer interface is in contact with a skin site, and the conductive surface, the insulative layer, and the skin site form a switched capacitor.

24. The wearable token of claim 20, further comprising:

a mechanical switch configured to actuate at least the capacitive transmitter when the wearable token is physically placed in contact with the capacitive touchscreen.