Location determination for user authentication

摘要

User authentication techniques based on geographical locations associated with a client device is provided. A network connection can be established between two or more host machines and a client device. Upon a request received from the client device by one of these host machines, round trip times of test messages may be measured between the client device and each of the host machines. The round trip times can be utilized to determine the current geographical location of the client device. If the location is within a tolerance geographical area, the client device may be authenticated. Otherwise, the authentication may fail or additional security procedures may be implemented. In some examples, a travel time from a historical geographical location to current geographical location can be determined. This data may be also utilized in the user authentication process.

主权项

1. A method for user authentication, the method comprising:
establishing network connections between a client device and a first host machine and between the client device and a second host machine; receiving, by one or more processors, an authentication request from the client device; measuring, by the one or more processors, a first round trip time (RTT) between the first host machine and the client device; measuring, by the one or more processors, a second RTT between the second host machine and the client device; determining, by the one or more processors, a geographical location of the client device based at least in part on the first RTT and the second RTT, the geographical location corresponding to a point; determining, by the one or more processors, whether the geographical location of the client device is within a tolerance geographical area, the tolerance geographical area being circumscribed by a plurality of points, the plurality of points being varying respective distances from each of the first host machine and the second host machine; and in response to the authentication request, authenticating the client device, by the processor, based at least in part on the determination that the geographical location of the client device is within the tolerance geographical area.