or Connect
AppleInsider › Forums › General › General Discussion › Apple invention changes iPhone user authentication settings based on location
New Posts  All Forums:Forum Nav:

Apple invention changes iPhone user authentication settings based on location

post #1 of 24
Thread Starter 
A patent application published on Thursday reveals an Apple solution that dynamically changes a mobile device's user interface, security levels and other behaviors based on its location, whether it be at the office or in a user's home.


Source: USPTO


In a filing with the U.S. Patent and Trademark Office titled "Location-sensitive security levels and setting profiles based on detected location," Apple describes a system in which the hardware and software of a mobile device work together to automatically adjust various UI and device behavior settings.

More importantly, the invention delivers a mechanism to adjust iPhone access levels based on its location, meaning different tolerances can be applied based on the relative security of a location. For example, a user may only need a simple four-digit passcode to unlock a device while at home, but authentication via Apple's Touch ID when in public areas like a shopping mall.

Apple notes that any suitable means can be used to determine location -- called a "location aspect" -- including cellular tower data, recognition of a home Wi-Fi network, GPS data or even proximity to other cellphones, among others. At least two location aspects are required for the system to function with any precision.




A secondary data processing logic, dubbed a "location context" module, determines which settings to apply based on the system's relative confidence in correctly placing device location. Using a predefined scale to measure against, the module defaults to certain settings based on thresholds of confidence.

Once homed in on a specific location, or preset threshold, the system determines whether to apply or modify a specialized user profile or device behavior.

Recognized locations can set low-level security factors, while unrecognized locations may trigger more stringent authentication requirements. Likewise, locations recognized as "unsecure" or public, like mobile Wi-Fi hotspots or geofenced areas not on the trusted list, can also invoke higher strength security factors. Further, public areas may also trigger higher authentication requirements for apps holding sensitive information like Address Book and Calendar.

For example, a user may be required to authenticate via Touch ID when outside of a trusted environment, while a passcode or password will do while at home. Once unlocked, the device may lower security requirements for a preset period of time. If the iPhone leaves the area, or the countdown timer reaches zero, the system resets to an appropriate protection level.




While the most stringent security measures should be used to ensure complete protection, the document points out that location-based methods can enhance user experience without introducing significant vulnerabilities. As mentioned in the filing, users may actually be less apt to employ restrictive -- and effective --authentication methods if they find it causes undue burden, which leads to weaker passwords or complete system disablement.

As for customized user profiles, the same location awareness mechanisms described above apply. Instead of modifying security settings, however, the system can change UI behavior and access to device functions based on predefined user preferences. Examples include prominently displaying productivity apps like FaceTime on the home screen when at work, or entertainments apps while at home.

Other examples of device behaviors include a "My Car" setting that allow certain features like dialing 911 and playing music, while disabling others. These settings can be invoked by a variety of triggers including connection to a car's infotainment system.

The remainder of the application focuses on technical minutiae regarding table lookups, alternate embodiments and example system controls including an alert mechanism that notifies the user of current location and operating mode.




Apple's Touch ID has in many ways addressed the perceived issue of employing strong authentication mechanisms without fuss, though some users may still find the feature unnecessary while at home or in a safe location. Adding location awareness to the equation not only streamlines the security process, but also offers a more personalized user experience.

Apple's location-sensitive security patent application was first filed for in 2012 and credits Alexander Reitter, David Amm, Julian Missig and Raymond Walsh as its inventors.
post #2 of 24
It seems over the next years smartphones actually start to become smart. 1smile.gif
Yeah, well, you know, that's just, like, my opinion, man.
Reply
Yeah, well, you know, that's just, like, my opinion, man.
Reply
post #3 of 24
Tom Tom had something similar on their GPS units a long time ago.
post #4 of 24
Quote:
Originally Posted by WonkoTheSane View Post

It seems over the next years smartphones actually start to become smart. 1smile.gif

No. Machines will never be smart, unless you keep lowering the bar for what qualifies as smart (for humans as well).

 

The price of freedom is: constant vigilance and the willingness to fight back. So if enough of us keep applying this, machines will remain our servants.

Daniel Swanson

Reply

Daniel Swanson

Reply
post #5 of 24
Quote:
Originally Posted by WonkoTheSane View Post

It seems over the next years smartphones actually start to become smart. 1smile.gif

they're only as smart as the user. ;) 

post #6 of 24
Quote:
Originally Posted by iloveapplegear View Post

Tom Tom had something similar on their GPS units a long time ago.

 

Do explain how what you claim Tom Tom had years ago is anything like this?  I've never heard of a GPS with no other functionality having anything like this, or even needing anything like this.

post #7 of 24

While very useful, I wonder if the patent will hold up.  The Moto X detects when you're in the car and reads caller id and text messages to you, and you can set it to bypass your screen lock when it's connected to specific Bluetooth devices.  While I think the Apple patent goes further, the precedent is there (unless of course Apple applied for the patent before Motorola used it or filed their own patent).

post #8 of 24

Seems like everyone is getting interested in location-based unlocking. Google filed a similar looking application around the same time, and people had been scripting location-based behavior for their lockscreens even before that.

 

References:

(http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=%2Fnetahtml%2FPTO%2Fsearch-adv.html&r=1&p=1&f=G&l=50&d=PG01&S1=%2820130822.PD.%20AND%20Google.AS.%29&OS=PD/20130822%20AND%20AN/Google&RS=%28PD/20130822%20AND%20AN/Google)

 

(http://android.stackexchange.com/questions/30290/looking-for-location-specific-screen-locking-behaviour).

post #9 of 24
Touch ID is faster than entering a passcode anyway so that's pretty unnecessary as far as a location-based security setting change. Other stuff looks interesting though.
You can't spell appeal without Apple.
Reply
You can't spell appeal without Apple.
Reply
post #10 of 24
Quote:
Originally Posted by d4NjvRzf View Post
 

Seems like everyone is getting interested in location-based unlocking. ...

I presented an idea to my boss a few/several years ago for something that contained many of these ideas but after figuring out what I would need to do, gave up on it because developers didn't have access to the Apple api's needed to do it. What Apple is patenting can only be done by Apple because of sandboxing and a variety of other things. The drawing shows a house but I was using it at work to automagically configure iPhones depending on what building and room they were in. This is a lot easier now with iBeacons and something I hope my former company investigates. Of course, they took an easier way out and just allowed phones in buildings and areas they were never allowed in before, putting the requirement for configuration on the user (like in airplanes where the user used to have to turn off their phone or at leave put it in airplane mode--the honest people did this, everyone else blew off the flight attendants). At this point I don't care about previous attempts, what Apple has patented and the mobile products and ideas they're coming up with will go a long way in putting more iPhones and iPads in the hands of corporate and government workers, which should help AAPL (I care about this now because I could finally invest, which I did).

post #11 of 24
Quote:
Originally Posted by hpod View Post
 

 

Do explain how what you claim Tom Tom had years ago is anything like this?  I've never heard of a GPS with no other functionality having anything like this, or even needing anything like this.

It was (and is ) a feature of TT security about locking and unlocking device at your home location, it was around at least 5 years ago.

post #12 of 24
Quote:
Originally Posted by iloveapplegear View Post
 

It was (and is ) a feature of TT security about locking and unlocking device at your home location, it was around at least 5 years ago.

 

And that's not quite the same as this.  What you are referring too is much simpler, and vastly limited in comparison to what Apple submit an application for above.  Patenting a steering wheel isn't the same as patenting a steering wheel that can control radio, a/c, heat, etc., not to mention unlock different features in homes, cars, while walking, etc, complete with different use cases in each of those locations.

post #13 of 24
Quote:
Originally Posted by mac_dog View Post

Quote:
Originally Posted by WonkoTheSane View Post

It seems over the next years smartphones actually start to become smart. 1smile.gif
they're only as smart as the user. " src="http://forums-files.appleinsider.com/images/smilies/1wink.gif" style="line-height:1.4em;">
 

Maybe smarter ... Smart phones don't take selfies 1biggrin.gif
"Swift generally gets you to the right way much quicker." - auxio -

"The perfect [birth]day -- A little playtime, a good poop, and a long nap." - Tomato Greeting Cards -
Reply
"Swift generally gets you to the right way much quicker." - auxio -

"The perfect [birth]day -- A little playtime, a good poop, and a long nap." - Tomato Greeting Cards -
Reply
post #14 of 24
Quote:
Originally Posted by DanielSW View Post
 

No. Machines will never be smart, unless you keep lowering the bar for what qualifies as smart (for humans as well).

 

The price of freedom is: constant vigilance and the willingness to fight back. So if enough of us keep applying this, machines will remain our servants.

Most of Human's 'smartness' is contextual awareness, and learned adaptation.   Machines can do this.

 

Your 2nd paragraph can be equally applied as a racist screed and states a fear that you don't believe your first paragraph.

post #15 of 24
Quote:
Originally Posted by AppleInsider View Post

 

[...]For example, a user may be required to authenticate via Touch ID when outside of a trusted environment, while a passcode or password will do while at home.[...]

Actually The opposite is more likely the case.

 

TouchID for 'trusted' scenarios

 

TouchID AND passcode/word for untrusted.

 

in a trusted scenario, timers may be relaxed...  instead of 5 minutes in your home, it's 5 hours, or until you leave the premises (and premise can be effectively your WiFi range and/or a GPS/accelerometer distance away (end of your driveway, and not in your CarPlay enabled car that has your iDevice registered).   

 

That's what I want.  I'm at a truck stop, forget my iPad in the booth, and as soon as my iWatch gets out of range, it locks down immediately, and pass codes are needed to unlock.  I'm at home, I wake up without needing to authenticate to turn on the news, or at worst, just touch my finger to my iPad to unlock it.

post #16 of 24
Quote:
Originally Posted by hpod View Post
 

 

And that's not quite the same as this.  What you are referring too is much simpler, and vastly limited in comparison to what Apple submit an application for above.  Patenting a steering wheel isn't the same as patenting a steering wheel that can control radio, a/c, heat, etc., not to mention unlock different features in homes, cars, while walking, etc, complete with different use cases in each of those locations.

 

 

Just saying the concept is not new. 

post #17 of 24
Quote:
Originally Posted by iloveapplegear View Post
 

 

 

Just saying the concept is not new. 

 

I don't disagree on that...but this takes that concept to a completely different level.

post #18 of 24
Quote:
Originally Posted by rob53 View Post

Quote:
Originally Posted by d4NjvRzf View Post

 
Seems like everyone is getting interested in location-based unlocking. ...
I presented an idea to my boss a few/several years ago for something that contained many of these ideas but after figuring out what I would need to do, gave up on it because developers didn't have access to the Apple api's needed to do it. What Apple is patenting can only be done by Apple because of sandboxing and a variety of other things. The drawing shows a house but I was using it at work to automagically configure iPhones depending on what building and room they were in. This is a lot easier now with iBeacons and something I hope my former company investigates. Of course, they took an easier way out and just allowed phones in buildings and areas they were never allowed in before, putting the requirement for configuration on the user (like in airplanes where the user used to have to turn off their phone or at leave put it in airplane mode--the honest people did this, everyone else blew off the flight attendants). At this point I don't care about previous attempts, what Apple has patented and the mobile products and ideas they're coming up with will go a long way in putting more iPhones and iPads in the hands of corporate and government workers, which should help AAPL (I care about this now because I could finally invest, which I did).

Some of this can be done by 3rd-party developers using iBeacons, TouchID, Extensions. Handoff and HomeKit. *

A WiFiSLAM API (when implemented) could be used to map buildings and determine inside locations.

Then, there's this thing called "Apple Connectivity" (not really defined) that will allow an iDevice to control accessories (devices) from a remote location.

* HomeKit may be a misnomer -- as it's specs are robust enough that it could easily be adapted to enterprise (OfficeKit?):
  • multiple homes ~= multiple buildings or areas
  • multiple zones ~= multiple floors or areas
  • multiple rooms ~= multiple offices, etc
  • multiple accessories including custom
  • multiple services including custom
  • multiple characteristics including custom
  • multiple actionsets/trigger including custom

Your Boss: "Siri: set the plenum in the HVAC duct to @rob53's office to maintain a 76-degree temperature"

Siri: "MisterBossMan: I made the change. Do you want me to notify you when the desired temperature is attained"

Your Boss: "Yes"

...

Siri: "MisterBossMan: @rob53's office is maintaining a 76-degree temperature "
"Swift generally gets you to the right way much quicker." - auxio -

"The perfect [birth]day -- A little playtime, a good poop, and a long nap." - Tomato Greeting Cards -
Reply
"Swift generally gets you to the right way much quicker." - auxio -

"The perfect [birth]day -- A little playtime, a good poop, and a long nap." - Tomato Greeting Cards -
Reply
post #19 of 24
I've been wanting this for many years. I also want this authentication to work with a wrist-worn device so that if I get home my Mac will auto-unlock for me when I walk up to it any my iPhone will auto-lock if someone grabs it out of my hand on the subway.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #20 of 24
Quote:
Originally Posted by hpod View Post
 

 

Do explain how what you claim Tom Tom had years ago is anything like this?  I've never heard of a GPS with no other functionality having anything like this, or even needing anything like this.

Yes, some TomTom devices had a passcode you had to put in to use the device or to change any settings unless you were in a set location (usually at home).

post #21 of 24
Quote:
Originally Posted by Evilution View Post

Yes, some TomTom devices had a passcode you had to put in to use the device or to change any settings unless you were in a set location (usually at home).

I know Garmin has offered location-based unlocking for years now, at least since 2007. I don't recall it being a TomTom feature too but it could be. In any event unlocking your electronic device via a specific location is hardly new. Obviously Apple believes they have a unique and patent-worthy implementation of setting user permissions based on geographic location. Way too soon to know if the USPTO agrees but they may.

EDIT: The feature is described in this 2006 Garmin Owners Manual.
static.garmincdn.com/pumac/1184_OwnersManual.pdf
Edited by Gatorguy - 7/3/14 at 12:50pm
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #22 of 24
Could see a 10 digit letter and number to 4 digit number make since for security reasons. Better then the google where if your watch is near it's unlocked idea.
post #23 of 24
Quote:
Originally Posted by Dick Applebaum View Post


Some of this can be done by 3rd-party developers using iBeacons, TouchID, Extensions. Handoff and HomeKit. *

Like I said, when I started the project, none of this was available and Apple had restricted api's. I'm glad Apple is opening things up a bit and providing advanced capabilities. What I was working on had nothing to do with controlling the typical home, it had to do with controlling the capabilities of an iOS device depending on where it was located. If you look at the second graphic, first diagram, that's exactly what I was working on (location-based security). The ability to automatically turn certain features off and change certain settings on a managed iPhone without any interaction by the user and without the ability of the user to make any changes. If you read into this patent, I believe you'll understand that Apple isn't just providing a way for someone to control their own house but for managed devices to be restricted as well. I'm not against this if used in the proper environment.

 

One environment that has nothing to do with my former job is in schools. Think about a teacher being able to change settings of all their student's phones during class time and especially during tests. They would actually have to pay attention. Once class is over and the kids leave their room, their settings are returned to normal. What Apple has patented has the ability to do this, except in Los Angeles where kids will have lots of fun using Android and Microsoft devices without any of this control.

post #24 of 24
Quote:
Originally Posted by Gatorguy View Post


I know Garmin has offered location-based unlocking for years now, at least since 2007. I don't recall it being a TomTom feature too but it could be. In any event unlocking your electronic device via a specific location is hardly new. Obviously Apple believes they have a unique and patent-worthy implementation of setting user permissions based on geographic location. Way too soon to know if the USPTO agrees but they may.

EDIT: The feature is described in this 2006 Garmin Owners Manual.
static.garmincdn.com/pumac/1184_OwnersManual.pdf


Yeah, but Apple's doing it now, so it gets a new patent.  What prior art?  There's no such thing where Apple's concerned.

 

And of course there's the whole obviousness aspect, it's not like this wouldn't be obvious to a trained monkey, let alone someone skilled in the art. 

 

This country needs real patent reform.

New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: General Discussion
AppleInsider › Forums › General › General Discussion › Apple invention changes iPhone user authentication settings based on location