FIELD OF INVENTION
[001] The embodiments herein generally relate to user authentication, and more particularly to a system and method for authenticating a user based on dynamically changing color codes.

BACKGROUND
[002] Generally, almost all electronic devices (for example, smart phones) are equipped with screen touch sensors which allow user to interact directly by touching the electronic device. Many applications have been designed/modified to take advantage of these touch screen as input devices. One such area includes security in which lock-screens prevent access to the electronic devices.
[003] Conventional methods and systems include for example, but not limited to, pin code, password-string, pattern, face recognition, voice recognition, motion recognition, swipe to unlock, signature-based, biometric authentication and the like. The pin code and password-based lock mechanism provides a medium level of security and takes input by allowing the user to touch the numbers displayed on the screen or by drawing a pattern on the screen, which may be vulnerable to shoulder surfing. Swipe to unlock may not provide any security to the electronic device and can be easily accessed by any unauthorized users.
[004] The motion recognition tracks the motions of the electronic device to authenticate the user. A motion sensing device or an accelerometer sensor in the electronic device can be used to sense the movements of the electronic device. A plurality of directional movements sensed by the electronic device can form a password which is matched with the stored or register motions to authenticate the user. Each time the user performs the same motion to authenticate themself, which may be vulnerable to shoulder surfing.
[005] Moreover, the biometric authentication can be used as an increased authentication security, which may involve an additional hardware to identify the biometric parameters. The use of additional hardware to provide biometric authentication can be expensive and is not ubiquitous on the electronic devices, particularly mobile phones.
[006] Though the existing systems and methods are effective to a degree in providing protection to the electronic devices but, have tradeoffs in terms of ease of usage, drawing unique patterns on screen, security level, vulnerability, remembering password strings or patterns, shoulder surfing, user requirement, cost, hardware, and the like.
OBJECT OF INVENTION
[007] The principal object of the embodiments herein is to provide a method and system for authenticating a user based intuitive interaction events performed on a plurality of randomly displayed items associated with at least one item and at least one color code, where the color code associated with each item is dynamically changed in response to receiving each interaction event performed by the user.
[008] Another object of the embodiments herein is to provide a mechanism for unlocking a screen of an electronic device using received interaction events on the randomly displayed items.
[009] Another object of the embodiments herein is to provide a mechanism for dynamically changing color codes associate with each of the randomly displayed items in response to receiving a an interaction event from the user.
[0010] Another object of the embodiments herein is to provide a mechanism for random entry of user chosen password in the system without using any typing means (contact-less). It is achieved by making a combination of color code rotation and accelerometer based motion performed by the user on a random values grid for entering the authentication password/pattern chosen by the user.
[0011] Another object of the embodiments herein is to provide a mechanism to thwart shoulder surfing without explicitly entering password.
SUMMARY
[0012] Accordingly the embodiments herein provide a method for authenticating a user. The method includes displaying randomly a plurality of items on an electronic device. Each item is associated with at least one value and at least one color code. Further, the method includes receiving at least one interaction event performed on at least one the displayed item. Further, the method includes dynamically changing the at least one color code associated with at least one item in response to receiving at least one interaction event performed on at least one of the displayed item. Furthermore, the method includes computing an input string based on at least one interaction even and determining a match between the input string and a preconfigured password to authenticate the user.
[0013] Accordingly the embodiments herein provide a method for authenticating a user using a server. The method includes displaying randomly a plurality of items on an electronic device. Each item is associated with at least one value and at least one color code. Further, the method includes sending a one-time password (OTP) comprising a preconfigured password to the electronic device, wherein the OTP is generated by the server to authenticate the user. Further, the method includes receiving at least one interaction event performed on at least one of the displayed item. Further, the method includes dynamically changing at least one color code associated with at least one item in response to receiving at least one interaction event performed on at least one of the displayed item. Furthermore, the method includes computing an input string based on at least one interaction event and determining a match between the input string and a preconfigured password to authenticate the user.
[0014] Accordingly the embodiments herein provide an electronic device for authenticating a user. The electronic device includes a display module configured to display randomly a plurality of items on an electronic device. Each item is associated with at least one value and at least one color code. Further, the electronic device includes an interaction event recognition module configured to receive at least one interaction event performed on at least one of the displayed item. The electronic device can be configured to dynamically change at least one color code associated with at least one item in response to receiving at least one interaction event performed on at least one of the displayed item. Further the electronic device includes a controller module configured to compute an input string based on at least one interaction event and determine a match between the input string and a preconfigured password to authenticate the user.
[0015] Accordingly the embodiments herein provide a server for authenticating a user. The server includes a display module configured to display randomly a plurality of items on an electronic device. Each item is associated with at least one value and at least one color code. Further, the server includes a password configuration module configured to send an OTP comprising a preconfigured password to the electronic device, wherein the OTP is generated by the server to authenticate the user. Further, the server includes an interaction event recognition module configured to receive at least one interaction event performed on at least one of the displayed item. Furthermore, the service includes a controller module configured to dynamically change at least one color code associated with at least one item in response to receiving at least one interaction event performed on at least one of the displayed item. Further, the server includes a controller module configured to compute an input string based on at least one interaction event and determine a match between the input string and a preconfigured password to authenticate the user.
[0016] Accordingly the invention provides a computer program product for authenticating a user. The computer program product includes a computer executable program code recorded on a computer readable non-transitory storage medium. The computer executable program code when executed causes the product to display randomly a plurality of items on an electronic device. Each item is associated with at least one value and at least one color code
Further, the computer executable program code executed causes the product to receive at least one interaction event performed on at least one of the displayed item Furthermore, the computer executable program code executed causes the product to receive at least one interaction event performed on at least one item rendered in the shape. Further, the computer executable program code executed causes the product to dynamically change at least one color code associated with at least one item in response to receiving at least one interaction event performed on at least one of the displayed item. Furthermore, the computer executable program code executed causes the product to compute an input string based on at least one interaction event. Furthermore, the computer executable program code executed causes the product to determine a match between the input string and a preconfigured password to authenticate the user.
[0017] Accordingly the invention provides a computer program product for authenticating a user. The computer program product includes a computer executable program code recorded on a computer readable non-transitory storage medium. The computer executable program code when executed causes the product to display randomly a plurality of items on an electronic device. Each item is associated with at least one value and at least one color code
Further, the computer executable program code executed causes the product to send an OTP comprising a preconfigured password to the electronic device, wherein the OTP is generated by the server to authenticate the user. Furthermore, the computer executable program code executed causes the product to receive at least one interaction event performed on at least one of the displayed item. Furthermore, the computer executable program code executed causes the product to compute an input string based on at least one interaction event.
Furthermore, the computer executable program code executed causes the product to determine a match between the input string and a preconfigured password to authenticate the user.
[0018] These and other aspects of the embodiments herein will be better appreciated and understood when considered in conjunction with the following description and the accompanying drawings. It should be understood, however, that the following descriptions, while indicating preferred embodiments and numerous specific details thereof, are given by way of illustration and not of limitation. Many changes and modifications may be made within the scope of the embodiments herein without departing from the spirit thereof, and the embodiments herein include all such modifications.
BRIEF DESCRIPTION OF FIGURES
[0019] This invention is illustrated in the accompanying drawings, throughout which like reference letters indicate corresponding parts in the various figures. The embodiments herein will be better understood from the following description with reference to the drawings, in which:
[0020] FIG. 1 is a high level view of a system for authenticating a user, according to embodiments disclosed herein;
[0021] FIG. 2 is a block diagram showing different modules of an electronic device and a server for authenticating a user, according to embodiments disclosed herein;
[0022] FIGS. 3A-3D shows example illustrations of randomly displayed items on which user interactions can be performed to enter the password string for authenticating a user, according to embodiments disclosed herein;
[0023] FIG. 4 is a flowchart illustrating a method for authenticating a user of an electronic device, according to embodiments disclosed herein;
[0024] FIG. 5 is a flowchart illustrating a method for authenticating a user using a server, according to embodiments disclosed herein;
[0025] FIG. 6 shows example illustrations of various directional motions performed in conjunction with the randomly displayed items to authenticate a user, according to embodiments disclosed herein;
[0026] FIG. 7 shows example illustrations of a scenario where the password is a combination of numerical and the interaction events are performed on the values associated with the randomly displayed items to authenticate a user, according to embodiments disclosed herein;
[0027] FIG. 8 shows example illustrations of a scenario where the password is a combination of color codes and the interaction events are performed on the dynamically changing color codes associated with the randomly displayed items to authenticate a user, according to embodiments disclosed herein;
[0028] FIGS. 9A and 9B shows example illustrations of a scenario where the password is a combination of symbols and the interactions events are performed on the randomly displayed items to authenticate a user, according to embodiments disclosed herein; and
[0029] FIG. 10 depicts a computing environment implementing the system and the method for authenticating a user, in accordance to embodiments disclosed herein.

DETAILED DESCRIPTION OF INVENTION
[0030] The embodiments herein and the various features and advantageous details thereof are explained more fully with reference to the non-limiting embodiments that are illustrated in the accompanying drawings and detailed in the following description. Descriptions of well-known components and processing techniques are omitted so as to not unnecessarily obscure the embodiments herein. Also, the various embodiments described herein are not necessarily mutually exclusive, as some embodiments can be combined with one or more other embodiments to form new embodiments. The term “or” as used herein, refers to a non-exclusive or, unless otherwise indicated. The examples used herein are intended merely to facilitate an understanding of ways in which the embodiments herein can be practiced and to further enable those skilled in the art to practice the embodiments herein. Accordingly, the examples should not be construed as limiting the scope of the embodiments herein.
[0031] The embodiments herein achieve a system and method for authenticating a user. The method includes randomly displaying a plurality of items on an electronic device, wherein each item is associated with at least one value and at least one color code. Further, the method includes receiving at least one interaction event performed on at least one displayed item. Unlike conventional systems, on receiving each interaction event, the color code associated with each item is dynamically changed to make it difficult for an adversary to determine the color followed for selecting values or color codes of password on the displayed items. The user observers the color codes and value associated with each displayed item and accordingly perform the interaction events on the items to enter the password pursuant to a preconfigured password. On receiving each interaction event on the electronic device, the color code associated with each item can move in a predefined direction. The color codes associated with each item can also be changed, such as to increase the complexity of determining the password much higher for an adversary. Further, the method includes computing an input string based on the interaction events performed on the displayed items and determining a match between the input string and the preconfigured password to authenticate the user.
[0032] In another embodiment, a system and method for authenticating a user using a server is described. The method includes displaying randomly a plurality of items on an electronic device, wherein each item is associated with at least one value and at least one color code. Further, the method includes sending a one-time password (OTP) comprising a preconfigured password to the electronic device, wherein the OTP is generated by the server to authenticate the user. Furthermore, the method includes receiving at least one interaction event performed on at least one displayed item. Upon receiving each interaction event in the electronic device, the color code associated with each item can be dynamically changed. Furthermore, the method includes computing an input string based on at least one interaction event and determining a match between the input string and a preconfigured password to authenticate the user.
[0033] The methods and systems disclosed herein is simple, dynamic, and robust for authenticating a user based on based on the received interaction events. Typically, a Smartphone displays a plurality of items in a grid to allow the user enter the password by performing one or more the interaction events on the items to unlock the electronic device. Unlike conventional systems, the items are randomly presented on the screen of the electronic device, wherein each item is associated with one or more values and color codes. The use of multiple color codes and the dynamic change color code after every interaction event provides a secure mechanism for authentication and makes it difficult for a shoulder surfer or any other person observing the user interaction events to identify the color followed by the user while entering the input string (password) using the grid. Further, the values associated with each displayed item can also be changed while the user is performing the interaction events to enter the input string required for authentication, which makes it difficult for a shoulder surfer to determine the password. For example, the user observes the color codes and values associated with each item and accordingly perform the interaction events. At the same time, a shoulder surfer or any other person who is observing the user interaction events may not be able to determine the actual values or color codes entered by the user for authentication. Further, the actual user password can be associated with the value of the displayed item, or can be associated with the color code of the displayed item or a combination thereof, which further makes increases the complexity and make it difficult to identify the password by the shoulder surfers.
[0034] Advantageously, the system and method provides an intuitive method to authenticate the user based on the dynamic color codes and values associated with the randomly displayed items on the electronic device. The dynamically changing color code associated with the displayed item and the random placement of the displayed items ensures an effective protection for even a simple input string. Furthermore, the method and system can be used for random entry of user chosen password in the system without using any typing means (contact-less). It is achieved by making a combination of color code rotations and accelerometer based motion performed by the user on the displayed items for entering the authentication password/pattern chosen by the user. Furthermore, the proposed system and method can be implemented using existing electronic devices and may not require extensive setup and instrumentation.
[0035] Referring now to the drawings, and more particularly to FIGS. 1 through 10, where similar reference characters denote corresponding features consistently throughout the figures, there are shown preferred embodiments.
[0036] Throughout the description the term “item(s)” may refer any object, icon, shape, button or the like. Each item is associated with at least one color code and a value such as for example, but not limited to, an alphabet, a word, a string, a numeric number, a character, a figure, a symbol, a picture and the like. In an embodiment, example of items can include, but are not limited to, application icons displayed on a home screen of the electronic device, objects or icons from a webpage displayed on the electronic device, images from gallery items displayed on the electronic device, names of people from a phone contact list displayed on the electronic device, and the like.
[0037] FIG. 1 is a high level view of a system 100 for authenticating a user, according to embodiments disclosed herein. In an embodiment, the system 100 includes an electronic device 102 and a server 104 communicating among each other over a communication network 106.
[0038] The electronic device 102 described herein can be such as for example, but not limited, a cell phone, a personal digital assistant, a mobile personal computer, a laptop, a tablet, a phablet, a desktop computer, a communicator, or equivalent thereof.
[0039] The server 104 described herein can be for example, but not limited to, a payment gateway (PG) server, a financial server, a seller terminal, a desktop or wireless computer, or equivalent thereof.
[0040] The communication network 106 described herein can include a combination of various types of networks such as, for example, but not limited to Personal Area Networks (PANs), Local Area Networks (LANs), Wide Area Networks (WANs), Global System for Mobile Communication (GSM), Internet, value-added networks, interactive television networks, wireless communications networks, two-way cable networks, satellite networks, interactive kiosk networks, cellular networks, Personal Mobile Gateways (PMGs) or any other suitable communications networks that can provide a means of communication between the electronic device 102 and the server 104.
[0041] In an embodiment, the electronic device 102 can be configured to authenticate the user to provide access to the electronic device 102. Typically, the electronic device 102 such as Smartphone can includes a plurality of items displayed in a fashion on electronic device screen to unlock the electronic device 102. Conventional mechanisms make use of a predefined grid structure on which a user input is recorded. For example, different numbers arranged in the form of a matrix can be displayed to the user for receiving a preconfigured numerical password. In another example, a matrix of dots can be displayed to the user for receiving an input string (also referred as password) pursuant to the preconfigured numerical password.
[0042] Unlike conventional systems, the electronic device 102 can be configured to randomly display a plurality of items, where each item is associated with at least one value and at least one color code. The user observers the color and value associated with each displayed item and accordingly perform the interaction event on the items to enter the password pursuant to a preconfigured password. On receiving each interaction event on the electronic device 102, the color code associated with each item can move in a predefined direction. Further, the electronic device 102 can be configured to compute an input string based on the interaction events performed on the displayed items and determine a match between the input string and the preconfigured password to authenticate the user.
[0043] In another embodiment, a system and method for authenticating a user using the server 104 is described. Typically, an electronic payment service is an essential feature in the electronic commerce market, and electronic payment is generally made through several types of services including credit card payment, mobile phone payment, phone billing, transfer account, and so on. Some companies provide all of these payment services, called integrated electronic payment services. However, most payment gateway companies use different types of authentication or authorization techniques to authenticate or authorize the user. When the user (i.e., customer) attempts to make a purchase or perform a transaction, the electronic device 102 may send a request for payment or perform any transaction with the server 104. Upon receiving the request, the server 104 can be configured to generate and send a one-time password (OTP) including a preconfigured password to the electronic device 102. The preconfigured password described herein can include a preconfigured password including a combination of values or color codes For example, the preconfigured password can be a combination of color codes like GGBR (Green, Grey, Blue, Red) or numerical 1682, and the like. The user can view the one-time password (OTP) including the preconfigured password and understand the interaction events to be performed on the randomly displayed items to authenticate themselves. Further, various operations to authenticate a user of an electronic device, such as to provide unlock and provide access to the user to the electronic device is described in conjunction with the FIGS. 2 through 9.
[0044] The FIG. 1 shows a limited overview of the system 100 but, it is to be understood that another embodiment is not limited thereto. The system 100 is only one example of a suitable environment and is not intended to suggest any limitation as to the scope of use or functionality of the invention. The system 100 should not be interpreted as having any dependency or requirement relating to any one or combination of components shown in the illustrative system 100 for authenticating the user. Further, the system 100 can include different modules communicating among each other along with other hardware or software components. For example, the component can be, but not limited to, a process running in the electronic device or server, an executable process, a thread of execution, a program, or a computer. By way of illustration, both an application running on an electronic device and the electronic device can be the component.
[0045] FIG. 2 is a block diagram showing different modules 200 of the electronic device 102 or the server 104, according to embodiments disclosed herein. In an embodiment, the electronic device 102 or the server 104 can be configured to include a display module 202, an interaction event recognition module 204, a color code module 206, a controller module 208, a storage module 210 and a communication module 212.
[0046] The display module 202 can be configured to randomly display a plurality of items on screen of the electronic device 102, where each item is associated with at least one value and at least one color code. The value described herein can include for example, but not limited to, an alphabet, a word, a string, a numeric number, a character, a figure, a symbol, a picture, and the like. Unlike conventional grid displays, which have a fixed position of each value in the grid, the display module 202 can be configured to randomly display the value on each item arranged in the form of grid or any other shape. For example in one authentication instance, the values displayed on the items can be 1, 7, 3, 5, 4, 9, 6, 2, and 8. In yet another instance, the values can be dynamically changed in a predefined direction or any other direction after receiving an interaction event performed on at least one displayed item. The dynamically changing values associated with the displayed item and the random placement of the displayed items ensures an effective protection for even a simple input string.
[0047] Further, a color code can be associated with each item which is also dynamically changed in a predefined direction or any other direction after receiving an interaction event performed on at least one displayed item. For example, if an item associated with a number 1 is displayed with a red background then upon receiving an interaction event performed on the displayed item the color code in the background of the number 1 may get dynamically changed to brown. The use of multiple and dynamically color codes after every interaction event provides a secure mechanism for authentication and makes it difficult for a shoulder surfer or any other person observing the user interaction events to identify the color followed by the user while entering the input string (password) using the displayed items.
[0048] The interaction event recognition module 204 can be configured to recognize the interaction events performed by the user on the displayed items. Examples of interaction events, can include, but is not limited to motion event, gesture event, touch event, and the like. The interaction recognition module 204 can be configured receive and recognize the interaction event performed by the user on the displayed items. The interaction recognition module 204 configured to be coupled or integrated with for example, but not limited to a gesture recognition module, an accelerometer sensor, a touch sensor, and the like to identify the various types of interactions performed by the user. In an embodiment, each interaction event can include a sequence of interaction events performed to compute an input string or a substring of the input string. For example, the user may perform a motion event to enter the string or substring of the password. Typically this may involve the user holding the electronic device 102 with one or both hands and moving the whole device in a physical gesture in a premeditated and purposeful way. The movements of the electronic device 102 in two or three dimensions may be sensed by an accelerometer integrated into the interaction event recognition module 204 within the electronic device 102. The sensed motion may be translated into digital directional motion information. In an embodiment, this directional motion information may include at least a part of the password. For example, the entire string or a substring of the actual password. Further, it is to be understood that the integration of the interaction event recognition module 102 with different types of modules to identify the different types of interaction event are all implementation-dependent considerations of the electronic device 102. Further, it is to be appreciated that various combinations of different types of interaction events to enter the password can also be possible. For example, to enter a first substring of the password, the user can perform a motion event on the displayed item. Similarly, to enter a second substring of the password, the user can perform a touch gesture on the displayed items.
[0049] The color code module 206 can be configured to associate at least one color code to each of the randomly displayed item. Further, the color code module can 206 be configured to dynamically change the color code associated with each item in response to receiving the interaction event performed by the user. In an embodiment, the color codes can be dynamically changed based on a feedback from a user indicating the interested value. The feedback can include for example, but is not limited to, a pause, a vibration, an audio signal, a highlight, and the like. The feedback received at the interaction event recognition module 204 can be used to identify the end of one interaction performed on one of the displayed item. For example, while performing a motion event on the displayed items to enter a part of the password, the user may pause for need to do a small pause when the color corresponding to the first value reaches to the next target value of the password.
[0050] In an embodiment, each color code can be associated with a hold time threshold. The user can pause by pressing a button while performing the interaction events. The interaction recognition module 204 can be configured to indentify a button event and stops counting the hold time threshold associated with the items. Consider a scenario where, after entering half of the input string the user may pause to attend a phone call and gets back to entering the rest of the input string on completion of the call. The pause can be defined by the user using existing controls options present in the electronic device 102. In an example, the power button can be used to pause the authentication process. The availability of an addition pause during authentication allows the user to switch to other urgent tasks during authentication.
[0051] If the user does not pause the authentication process, the hold time threshold associated with the item may be counted and if the hold time threshold associated with the item is exceeded then the electronic device 102 may disqualify the user for authentication. The presence of the additional time-out features described above enhances the security. For example, an electronic device with highly confidential data may include additional hold time threshold features during the authentication process. Further, the user of the electronic device 102 can set a pre-defined hold time threshold as per preferences.
[0052] The controller module 208 can be configured to compute an input string based on the interaction events performed on the displayed items. The controller module 208 can be configured to identify each value or color code corresponding to each interaction of the event, wherein the value or color code correspond to the items on which the interaction event is performed is identified based on the feedback received from the user. Further, the controller module 208 can be configured to concatenate the identified values or color codes corresponding to each interaction event to compute the input string.
[0053] For instance where the preconfigured password is a combination of values and when the feedback related to the interaction event is received at the interaction event recognition module 204, the controller module 208 can be configured to identify the corresponding value associated with the item on which the interaction event was performed. Further, the controller module 208 can be configured to concatenate the identified values corresponding to each interaction event to compute the input string.
[0054] For instance where the preconfigured password is a combination of color codes and when the feedback related to the interaction event is received at the interaction event recognition module 204, the controller module 208 can be configured to identify the corresponding color code associated with the item on which the interaction event was performed. Further, the controller module 208 can be configured to concatenate the identified color codes corresponding to each interaction event to compute the input string.
[0055] Further, the controller module 208 can be configured to determine if there is a match between the computed input string and a preconfigured password to authenticate said user. In response to detecting that the user is authenticated, the controller module 208 can be configured to perform at least one action such as for example, but is not limited to, allowing unlocking the electronic device 102, allowing a transaction or payment request in the server 104, and the like.
[0056] The communication module 212 can be configured to allow the communication between the electronic device 102 and the server 104. The communication module 212 can be configured to include various interfaces to allow the communication between various components throughout the system 100. Further, the detailed operations performed by various modules and methods described herein are described in detail in conjunction with the FIGS. 3 through 9.
[0057] FIGS. 3A-3D shows example illustrations of randomly displayed items on which user interactions can be performed to enter the password string for authenticating a user, according to embodiments disclosed herein. In an embodiment, the FIG. 3A illustrates an example of a graphical user interface display of items, where each item is associated with a value (numbers 1-7) and a color code arranged in a grid format. In an embodiment, the colors available in a color palette of the electronic device 102 can be used to define the color codes. Examples of color code can include, but is not limited to, red, yellow, orange, violet, indigo, brown, black, white, grey, green, red, yellow, and the like. Further, in some embodiments, the user can select the color codes as per user preferences, and the color palette availability. The user observers the color codes and value associated with each displayed item and accordingly perform the interaction events on the items to enter the password pursuant to a preconfigured password. For example, when the user performs an interact event on the item associated with the number 7, the a part of the password can either be associated with value 7 or the color code 7 which is predetermined by the electronic device 102 or the server 104 based on the preconfigured password.
[0058] Each value or color code associated with the corresponding item on which the interaction event is performed is identified based on the feedback received in the electronic device 102. The feedback can include a pause, an audio signal, a highlight, a vibration, and the like. The feedback indicates the end of user interaction and ensures the correct identification of the displayed item on which the interaction event was performed.
[0059] Although the FIG.3A shows a plurality of numbers displayed with associated background color code, it must be understood that any color code can be applied on the number itself instead of the background. For example, each number can be displayed using a different font color code. For example, number 1 can be displayed in red color, number 2 can be displayed in green color, number 4 can be displayed in yellow color, number 6 can be displayed in red color, and so on.
[0060] In an embodiment, the Fig 3B illustrates an example of a graphical user interface randomly displaying alphabets, where the input string can be a combination of alphabets. The interaction event recognition module 204 can be configured to identify the interaction events performed by the user based on the displayed alphabets to authenticate the user.
[0061] In an embodiment, the Fig 3C illustrates an example of a graphical user interface randomly displaying shapes, where the input string can be a combination of random shapes. The interaction event recognition module 204 can be configured to identify the interaction events performed by the user on the displayed shapes to authenticate the user.
[0062] In an embodiment, the Fig 3D illustrates an example of a graphical user interface randomly displaying symbols, where the input string can be a combination of symbols. The interaction event recognition module 204 can be configured to identify, the interaction events performed by the user on the displayed symbols to authenticate the user.
[0063] Unlike convention systems and method for authentication, where the user can be presented with a fixed display of items, the random display of items and the dynamically changing color code enhances the security during the authentication of the user. Further, even though the input string may be a simple combination of the items like numbers, the changing of color codes provides an additional security feature. Further, although the display of items can be shown in a matrix grid, it should be understood that the items can be displayed in any shape preferred by the user. For example, the items can be presented in the shape of a number, an alphabet, an image, and the like.
[0064] FIG. 4 is a flowchart illustrating a method 400 for authenticating the user of the electronic device 102, according to embodiments disclosed herein. The various steps of the method 400 are summarized into individual blocks where some of the steps can be performed by various modules of the electronic device 102, the user of the electronic device 102, the server 104 and the like. The method 400 and other description described herein provide a basis for a control program, which can be implemented using a microcontroller, microprocessor, or an equivalent thereof.
[0065] In an embodiment, at step 402, the method 400 includes displaying randomly a plurality of items on the electronic device 102, where each item displayed is associated with at least one value and at least one color code. Unlike conventional systems, each vales associated with each item is randomly display in any format.
[0066] At step 404, the method 400 includes receiving at least one interaction event performed on at least one displayed item. Examples of interaction events, can include, but is not limited to motion event, gesture event, touch event and the like. The user observers the color code and value associated with each displayed item and accordingly perform the interaction events on the items to enter the password pursuant to a preconfigured password. The method 400 allows the interaction event recognition module 204 to identify the interaction event. On receiving each interaction event on the electronic device 102, at step 406, the method 400 includes dynamically changing at least one color code associated with each item in response to receiving each interaction event. The method 400 allows the color code module 206 to dynamically change the color code associated with each item in a predefined direction. The color codes associated with each item can also be changed, such as to increase the complexity of determining the password much higher for an adversary. Unlike conventional authentication systems and methods where fixed colors are used for the displayed items, the dynamically changing color code of each item provides enhanced security. For example, when the interaction event is received on the displayed item, the color code of each item changes before the next interaction event is received. An unauthorized observer may lose track of the interaction event due to the changing colors. Further, as the interaction event may relate to either the value of the displayed item or the associated color which is predetermined by the electronic device based on the preconfigured password, the unauthorized observer may not be able to identify the actual password used by the user for authentication.
[0067] In an embodiment, each color code can be associated with a hold time threshold. The user can pause by pressing a button while performing the interaction events. The interaction recognition module 204 can be configured to indentify a button event and stops counting the hold time threshold associated with the items. Consider a scenario where, after entering half of the input string the user may pause to attend a phone call and gets back to entering the rest of the input string on completion of the call. The pause can be defined by the user using existing controls options present in the electronic device 102. In an example, the power button can be used to pause the authentication process. The availability of an addition pause during authentication allows the user to switch to other urgent tasks during authentication.
[0068] If the user does not pause the authentication process, the hold time threshold associated with the item may be counted and if the hold time threshold associated with the item is exceeded then the electronic device 102 may disqualify the user for authentication. The presence of the additional time-out features described above enhances the security. For example, an electronic device with highly confidential data may include additional hold time threshold features during the authentication process. Further, the user of the electronic device 102 can set a pre-defined hold time threshold as per preferences.
[0069] At 408, the method 400 includes computing an input string based on at least one interaction event. In an example, when the feedback related to the interaction event is received at the interaction event recognition module 204, the method 400 allows the controller module 208 to identify the corresponding value associated with the item on which the interaction event was performed. The controller module 208 can then concatenate the identified values corresponding to each interaction event to from the input string.
[0070] In an example, if the preconfigured password is a combination of values then the electronic device predetermines that a value correspond to an item need to be identified in response receiving any interaction event performed by the user. When the feedback related to the interaction event is received at the interaction event recognition module 204, the method 400 allows the controller module 208 to identify the corresponding value associated with the item on which the interaction event was performed. Further, the method 400 allows the controller module 208 to concatenate the identified values corresponding to each interaction event to compute the input string.
[0071] In another example, if the preconfigured password is a combination of color codes then the electronic device predetermines that a color code correspond to an item need to be identified in response receiving any interaction event performed by the user. When the feedback related to the interaction event is received at the interaction event recognition module 204, the method 400 allows the controller module 208 to identify the corresponding value associated with the item on which the interaction event was performed. Further, the method 400 allows the controller module 208 to concatenate the identified values corresponding to each interaction event to compute the input string.
[0072] At step 410, the method 400 includes determining a match between the input string and the preconfigured password to authenticate the user. In an example, once the input string is computed based on the received feedback for each user interaction, the method 400 allows the controller module 208 to determine whether there is a match between the computed input string and the preconfigured password to authenticate the user.
[0073] At step 412, the method 400 includes determining whether the user is authenticated. At step 414, the method 400 includes allowing access to the electronic device 102 in response to determining that the user is authenticated. In an embodiment, the method 400 allows the controller module 208 to unlock the screen of the electronic device 102 in response to determining the match between the computed input string and the preconfigured password.
[0074] At step 416, the method 400 includes determining whether a threshold for maximum number of retries has reached in response to determining that the user is not authenticated. Further, the method 400 includes repeating the steps 404 to 416 in response to determining a mismatch between the computed input string and the preconfigured password. Furthermore, at step 418, the method 400 including displaying alternate authentication and verification means in response to determining that the user has reached the threshold for maximum number of retries.
[0075] The various actions, acts, blocks, steps, and the like in method 400 may be performed in the order presented, in a different order or simultaneously. Further, in some embodiments, some actions, acts, blocks, steps, and the like may be omitted, added, modified, skipped, and the like without departing from the scope of the invention.
[0076] FIG. 5 is a flowchart illustrating a method 500 for authenticating a user of the electronic device 102 using the server 104, according to embodiments disclosed herein. The various steps of the method 500 are summarized into individual blocks where some of the steps can be performed by various modules of the electronic device 102, the server 104, and user of the electronic device 102 and the like. The method 500 and other description described herein provide a basis for a control program, which can be implemented using a microcontroller, microprocessor, or an equivalent thereof.
[0077] In an embodiment, at step 502, the method 500 includes displaying randomly a plurality of items on the electronic device 102. Each item displayed randomly can be associated with at least one value and at least one color code. Consider an example, when the user attempts to make a purchase or perform a transaction, the electronic device 102 may send a request for payment or perform any transaction to the server 104. Upon receiving the request, the method 500 allows the server 104 to instruct the electronic device 102 to randomly display a plurality of items on the electronic device 102 for user authentication.
[0078] At step 504, the method 500 includes sending a one-time-password (OTP) including a preconfigured password to the electronic device 102. The preconfigured password described herein can include a sequence of interaction events to be performed on one or more items; a type of interaction to be performed on the items, a number of times the interactions to be performed on the items, or a combination thereof. In an embodiment, a password configuration module at the server 104 can be configured to generate the OTP and send the OTP to authenticate the user of the electronic device 102.
[0079] At step 506, the method 500 includes receiving at least one interaction event performed on at least one displayed item. Examples of interaction events, can include, but is not limited to motion event, gesture event, touch event and the like. Based on the received OTP, the user performs the interaction events on the items in accordance to received preconfigured password. The user observers the color code and value associated with each displayed item and accordingly perform the interaction events on the items to enter the password pursuant to the OTP. The method 500 allows the interaction event recognition module 204 to identify the interaction event. On receiving each interaction event on the electronic device 102, at step 508, the method 500 includes dynamically changing at least one color code associated with each item in response to receiving each interaction event. The method 500 allows the color code module 206 to dynamically change the color code associated with each item in a predefined direction. The color codes associated with each item can also be changed, such as to increase the complexity of determining the password much higher for an adversary.
[0080] In an embodiment, each color code can be associated with a hold time threshold. The user can pause by pressing a button while performing the interaction events. The interaction recognition module 204 can be configured to indentify a button event and stops counting the hold time threshold associated with the items. Consider a scenario where, after entering half of the input string the user may pause to attend a phone call and gets back to entering the rest of the input string on completion of the call. The pause can be defined by the user using existing controls options present in the electronic device 102. In an example, the power button can be used to pause the authentication process. The availability of an addition pause during authentication allows the user to switch to other urgent tasks during authentication.
[0081] If the user does not pause the authentication process, the hold time threshold associated with the item may be counted and if the hold time threshold associated with the item is exceeded then the electronic device 102 may disqualify the user for authentication. The presence of the additional time-out features described above enhances the security. For example, an electronic device with highly confidential data may include additional hold time threshold features during the authentication process. Further, the user of the electronic device 102 can set a pre-defined hold time threshold as per preferences.
[0082] At 510, the method 500 includes computing an input string based on at least one interaction event. In an example, when the feedback related to the interaction event is received at the interaction event recognition module 204, the method 500 allows the controller module 208 to identify the corresponding value associated with the item on which the interaction event was performed. The controller module 208 can then concatenate the identified values of corresponding to each interaction event to from the input string.
[0083] In an example, if the OTP is a combination of values then the electronic device predetermines that a value correspond to an item need to be identified in response receiving any interaction event performed by the user. When the feedback related to the interaction event is received at the interaction event recognition module 204, the method 400 allows the controller module 208 to identify the corresponding value associated with the item on which the interaction event was performed. Further, the method 400 allows the controller module 208 to concatenate the identified values corresponding to each interaction event to compute the input string.
[0084] In another example, if the OTP is a combination of color codes then the electronic device predetermines that a color code correspond to an item need to be identified in response receiving any interaction event performed by the user. When the feedback related to the interaction event is received at the interaction event recognition module 204, the method 400 allows the controller module 208 to identify the corresponding value associated with the item on which the interaction event was performed. Further, the method 400 allows the controller module 208 to concatenate the identified values corresponding to each interaction event to compute the input string.
[0085] At step 512, the method 500 includes determining a match between the input string and the preconfigured password to authenticate the user. In an example, once the input string is computed based on the received feedback, the method 500 allows the controller module 208 to determine whether there is a match between the computed input string and the preconfigured password to authenticate the user.
[0086] At step 514, the method 500 includes determining whether the user is authenticated. At step 516, the method 500 includes allowing access to at least one action such as to access the transaction or payment in response to determining that the user is authenticated. At step 518, the method 500 includes determining whether the user has a threshold for maximum number of retries has reached in response to determining that the user is not authenticated. Further, the method 500 includes repeating the steps 506 to 518 in response to determining a mismatch between the computed input string and the preconfigured password.
[0087] Furthermore, at step 520, the method 500 includes displaying alternate authentication and verification means in response to determining that the user has reached the threshold for maximum number of retries.
[0088] Advantageously, the system and method provides a new method to authenticate the user using the randomly displayed items and dynamically changing color codes. The various actions, acts, blocks, steps, and the like in method 500 may be performed in the order presented, in a different order or simultaneously. Further, in some embodiments, some actions, acts, blocks, steps, and the like may be omitted, added, modified, skipped, and the like without departing from the scope of the invention.
[0089] FIG. 6 shows example illustrations of various directional motions performed in conjunction with the randomly displayed items to authenticate the user, according to embodiments disclosed herein. The interaction event recognition module 204 can include an accelerometer, configured to sense the movement of the electronic device 102. The FIG.6 shows different directional motions which can be recognized by the electronic device 102.
[0090] In an embodiment, the user of the electronic device 102 can define directions of motion. The system can train the user on the movements to be performed for defining the direction of motion. The accelerometer can be configured to identify the direction of motion of the electronic device 102 and send the motion readings to the controller module 208. The motion readings can be stored in a vector form. The controller module 208 can be configured to correlate a received vector with a plurality of vectors defined for multiple motions. Further, the controller module 208 can determine the direction of motion of the electronic device 102 by finding a match for the received vector. The match is found by choosing the direction vector with maximum correlation with the received vector. Further, the controller module 208 can associate the direction of motion of the electronic device 102 with a randomly displayed item using a feedback. The user can rotate the electronic device 102, and reach the desired item on the display. Further, the feedback can be displayed to the user by means of a highlight. On receiving feedback the controller module 208 can be configured to dynamically change the color code associated with each item displayed on the screen of the electronic device.
[0091] The use of directional motion and dynamically changing color codes provides a contactless mechanism for authenticating the user. The user can rotate the electronic device 102 in accordance to pre-defined directions and pre-configured pin to authenticate themselves. Further, the user can easily authenticate themselves in unstable conditions. For example, the user can easily unlock the electronic device 102 while driving or walking.
[0092] For example, consider a scenario when the preconfigured password is 1938. The number 1 may be highlighted automatically by the electronic device 102. On moving the electronic device 102 in a down direction the highlight keeps moving. The user needs to rotate the electronic device until the highlight reaches the number 9. On reaching 9 the user can stop moving the device and pause. The pause acts as feedback and the highlighted number 9 is recognized as the number on which the interaction event is performed by the user. After the pause, the user needs to rotate the electronic device 102 in a diagonally up direction. The user needs to rotate the electronic device 102 in the diagonally up direction until the highlight reaches the number 3. On reaching 3, the user can stop moving the electronic device 102 and pause for a moment to enter the corresponding value as a part of the password. The pause acts as feedback and the highlighted number 3 is recognized as the number on which the interaction event is performed by the user. After the pause, the user needs to rotate the electronic device 102 in a down direction. The user needs to rotate the electronic device 102 in the down direction until highlight reaches the number 8. On reaching 8, the user can stop moving the electronic device 102 and pause for a moment to enter the corresponding value as a part of the password. The pause acts as feedback and the highlighted number 8 is recognized as the number on which the interaction event is performed by the user.
[0093] The controller module 208 can be configured to combine all the numbers on which the user performs the interaction events to compute the inputs string 1938, which is matched against the preconfigured password 1938 to authenticate the user.
[0094] FIG. 7 shows example illustrations of a scenario where the password is a combination of numerical and the interaction events are performed on the values associated with the randomly displayed items to authenticate a user, according to embodiments disclosed herein. A plurality of items is displayed randomly on the screen of the electronic device 102, where each item is associated with at least one number and color code. For a preconfigured password 1982, the user is required to perform interaction events with the randomly displayed numbers.
[0095] At 702, the user performs an interaction event on an item with number 1 and a feedback is received at the interaction event recognition module 204 of the electronic device 102. The user selection of the number 1 is shown as a circle around 1. Based on the feedback, the interaction on the number 1 is recognized. Further, on receiving the feedback that has been performed, the controller module 208 can be configured to instruct the color code module 206 to dynamically change the color code associated with each of the displayed item.
[0096] At 704, note that each of the displayed item has a different color code in comparison to the color codes shown in the step 702. Here, the user can use a motion event on the items to move from the number 1 to a number 9. Based on the feedback, the interaction on the number 9 is recognized. Upon receiving the feedback indicating that the interaction event has been performed, the controller module 208 can be configured to instruct the color code module 206 to dynamically change the color code associated with each of the displayed item.
[0097] At 706, note that each of the displayed item has a different color code in comparison to color code shown in the step 704. The user can use a motion event on the items to move from the number 9 to a number 8. Based on the feedback received, the interaction event on the number 8 is recognized. Upon receiving the feedback indicating that the interaction event has been performed, the controller module 208 can be configured to instruct the color code module 206 to dynamically change the color code associated with each of the displayed item.
[0098] At 708, note that each of the displayed number has a different color code in comparison to the color codes shown in the step 706. The user can use a motion event on the items to move from the number 8 to a number 2. Based on the feedback, the interaction on the number 2 is recognized. Upon receiving the feedback indicating that the interaction event has been performed. The controller module 208 can be configured to instruct the color code module 206 to dynamically change the color code associated with each of the displayed number.
[0099] The controller module 208 can be configured to identify the value corresponding to each displayed item number on which the interaction event was performed after each feedback is received. Further, the controller module 208 can be configured to concatenate the value of each item on which the interaction events was performed to form the input string 1982.
[00100] FIG. 8 shows example illustrations of a scenario where the password is a combination of color codes and the interaction events are performed on the dynamically changing color codes associated with the randomly displayed items to authenticate a user, according to embodiments disclosed herein. A plurality of items associated with at least one number and color code can be displayed randomly on the screen of the electronic device 102. For a preconfigured password = Color Code 2 + Color Code 8 + Color Code 3 + Color Code 5 (CC2+CC8+CC3+CC5), the user is required to perform interaction events with the randomly displayed color codes associated with the displayed items.
[00101] At 802, the user interacts with the color code 2 associated with the displayed number 9, and a feedback is received at the interaction event recognition module 204 of the electronic device 102. The user selection of color code 2 is shown as a circle in 802. Based on the feedback, the interaction event with color code of number 9 is recognized. Upon receiving the feedback indicating that the interaction event has been performed; the controller module 208 can be configured to instruct the color code module 206 to dynamically change the color code associated with each of the displayed item.
[00102] At 804, note that each of the displayed item has a different color code in comparison to the color codes of the displayed items shown in the step 802. The user can perform a swipe gesture on the items to move from color code 2 to color code 8. Based on the feedback, the interaction event with the color code 8 on number 1 is recognized. Upon receiving the feedback indicating that the interaction event has been performed; the controller module 208 can be configured to instruct the color code module 206 to dynamically change the color code associated with each of the displayed item.
[00103] At 806, note that each of the displayed item has a different color code in comparison to the color codes shown in the step 804. The user may perform a swipe gesture on the items to move from color code 8 to color code 3. Based on the feedback, the interaction with the color code 3 on number 2 is recognized. Upon receiving the feedback indicating that the interaction event has been performed, the controller module 208 can be configured to instruct the color code module 206 to dynamically change the color code associated with each of the displayed item.
[00104] At 808, note that each of the displayed number has a different color code in comparison to color code shown in the step 806. The user can perform a swipe gesture on the items to move from color code 3 to color code 5. Based on the feedback, the interaction with the color code 5 on number 1 is recognized. Upon receiving the feedback indicating that the interaction event has been performed, the controller module 208 can be configured to instruct the color code module 206 to dynamically change the color code associated with each of the displayed item.
[00105] Although the input string is CC2+CC8+CC3+CC5, an unauthorized observer may think that the password is associated with numbers 91721 which is an incorrect password. Hence, the authentication mechanism is misleading to the unauthorized observers and can prevent imposter attacks.
[00106] The controller module 208 can be configured to identify the color codes of the items on which the interaction event was performed after each feedback. Further, the controller module 208 can be configured to concatenate the color codes corresponding to each item on which the interaction event was performed to form the input string (Color Code 2+ Color Code 8 + Color Code 3 + Color Code 5).
[00107] In an embodiment, the display of the random items can be dynamically shuffled in response to receiving a feedback related to the interaction event. Further more details related to dynamic shuffling of the randomly displayed items is described in detail in conjunction with FIG.9A and FIG.9B.
[00108] FIGS. 9A and 9B shows example illustrations of a scenario where the password is a combination of symbols and the interactions events are performed on the randomly displayed items to authenticate a user, according to embodiments disclosed herein.
[00109] In FIG.9A, a plurality of items is displayed randomly on the screen of the electronic device 102, where each item is associated with at least one number and color code. For the preconfigured password 1947, the user is required to perform interaction events with the randomly displayed numbers.
[00110] At 902, the user interacts with the number 1 by rotating the number 1 and a feedback is received at the interaction event recognition module 204 of the electronic device 102. Based on the feedback, the interaction event with the number 1 is recognized. Upon receiving the feedback indicating that the interaction event has been received, the controller module 205 can be configured to instruct the color code module 206 to dynamically change the color code associated with each of the displayed item. Furthermore, on receiving the feedback indicating that the interaction event has been received, the controller module 208 can be configured to also instruct the display module 202 to dynamically shuffle the numbers associated with each item.
[00111] At 904, the user interacts with number 9 by rotating the number 9 and a feedback is sent the feedback to the interaction event recognition module 204 of the electronic device 102. Based on the feedback, the interaction event with the number 9 is recognized. Upon receiving the feedback indicating that the interaction event has been received, the controller module 205 can be configured to instruct the color code module 206 to dynamically change the color code associated with each of the displayed item. Furthermore, on receiving the feedback indicating that the interaction event has been received, the controller module 208 can be configured to instruct the display module 202 to dynamically shuffle the numbers associated with each item.
[00112] At 906, the user interacts with number 4 by rotating the number 4 and a feedback is sent the feedback to the interaction event recognition module 204 of the electronic device 102. Based on the feedback, the interaction event with the number 4 is recognized. Upon receiving the feedback indicating that the interaction event has been received, the controller module 205 can be configured to instruct the color code module 206 to dynamically change the color code associated with each of the displayed items. Further, on receiving the feedback indicating that the interaction event has been received, the controller module 208 can be configured to instruct the display module 202 to dynamically shuffle the displayed numbers associated with each item.
[00113] At 908, the user interacts with number 7 by rotating the number 7 and a feedback is received at the interaction event recognition module 204 of the electronic device 102. Based on the feedback, the interaction with the number 7 is recognized. Upon receiving the feedback indicating that the interaction event has been received, the controller module 205 can be configured to instruct the color code module 206 to dynamically change the color code associated with each of the displayed item. Furthermore, on receiving the feedback indicating that the interaction event has been received, the controller module 208 can be configured to instruct the display module 202 to dynamically shuffle the displayed numbers associated with each item.
[00114] The controller module 208 can be configured to identify the value of the number on which the interaction event is performed after each feedback. Further, the controller module 208 can be configured to concatenate the value of each item on which the interaction event was performed to form the input string 1947.
[00115] In FIG.9B, a plurality of items is displayed randomly on the screen of the electronic device 102, where each item is associated with at least one shape and color code. For the preconfigured password comprising the combination of a triangle, a circle, a cross and a heart, the user is required to perform interaction events with the randomly displayed shapes.
[00116] At 910, the user interacts with number 1 by tapping the triangle and a feedback is received at the interaction event recognition module 204 of the electronic device 102. Based on the feedback, the interaction with the triangle shape is recognized. Further, on receiving the feedback indicating that the interaction event has been received, the controller module 205 can be configured to instruct the color code module 206 to dynamically change the color associated with each of the displayed item. Upon receiving the feedback indicating that the interaction event has been received, the controller module 208 can be configured to instruct the display module 202 to dynamically shuffle the displayed shapes associated with each item.
[00117] At 912, the user interacts with the circle by tapping the circle and a feedback is received at the interaction event recognition module 204 of the electronic device 102. Based on the feedback, the interaction with the circle shape is recognized. Upon receiving the feedback indicating that the interaction event has been received, the controller module 205 can be configured to instruct the color code module 206 to dynamically change the color associated with each of the displayed item. Furthermore, on receiving the feedback indicating that the interaction event has been received, the controller module 208 can be configured to instruct the display module 202 to dynamically shuffle the displayed shapes associated with each item.
[00118] At 914, the user interacts with the cross by tapping on the cross and a feedback is received at the interaction event recognition module 204 of the electronic device 102. On receiving the feedback indicating that the interaction event has been received, the controller module 208 can instruct the color code module 206 to dynamically change the color code associated with each of the displayed item. Further, on receiving the feedback that an interaction event has been received, the controller module 208 can instruct the display module 202 to dynamically shuffle the displayed shapes associated with each item.
[00119] At 916, the user interacts with the heart shape by tapping on the heart shape and a feedback is sent the interaction event recognition module 204 of the electronic device 102. Based on the feedback, the interaction with the heart shape is recognized. Further, on receiving the feedback indicating that the interaction event has been received, the controller module 205 can be configured to instruct the color code module 206 to dynamically change the color associated with each of the displayed item. Furthermore, on receiving the feedback indicating that the interaction event has been received, the controller module 208 can be configured to instruct the display module 202 to dynamically shuffle the displayed shapes associated with each item.
[00120] The controller module 208 can identify the type of the shape on which the interaction event was performed after each feedback. Further, the controller module 208 can be configured to concatenate the identified shape corresponding to the items for each interaction event to form the input string.
[00121] The controller module 208 can identify the type of the shape on which the interaction event was performed after each feedback. Further, the controller module 208 can be configured to concatenate the type of each shape on which the interaction event was performed to form the input string.
[00122] The combination of dynamically changing color code and randomly changing display of items in response to receiving user interactions can make a simple input string seem complex to a random observer. Further, though the above description is described with respect to the electronic device like Smart phone but, it is to be understood that the proposed system and method for authenticating the user and unlocking an electronic device can be used in security system such as a payment processing system, Internet banking systems, a door locking and unlocking system, a safe locking and unlocking system, a car locking and unlocking system, and the like.
[00123] Although the above description is described using the items displayed on the electronic device but, it is to be appreciated that the authentication can also be performed using a combination of different means. In an embodiment, instead of performing the interaction events with the displayed items the users can switch to conventional keypad to enter the password. For example, when the preconfigured password is RBGY (Red, Blue, Green, Yellow), the user can use an alphanumeric keypad on the electronic device 102 to enter the letter “r” corresponding to red color code, followed by the letter “b” corresponding to Blue color code, and so on. Further, the user can switch between performing interaction events with the displayed items and entering the password manually using the alphanumeric keypad. In another example, on the color grid, color first digit can be made by gesture to confirm the color code for entering the password (If on red color grid or number grid user make a gesture representing “R” then takes as user input without moving shaking device).
[00124] FIG. 10 depicts a computing environment implementing the method of authenticating a user of the electronic device 102, in accordance with various embodiments of the present invention. As depicted, the computing environment 1102 comprises at least one processing unit 1004 that is equipped with a control unit 1006 and an Arithmetic Logic Unit (ALU) 1008, a memory 1010 a storage unit 1012, a clock chip 1014, plurality of networking devices 1016, and a plurality Input output (I/O) devices 1018. The processing unit 1004 is responsible for processing the instructions of the algorithm. The processing unit 1004 receives commands from the control unit 1006 in order to perform its processing. Further, any logical and arithmetic operations involved in the execution of the instructions are computed with the help of the ALU 1008.
[00125] The overall computing environment 1002 can be composed of multiple homogeneous or heterogeneous cores, multiple CPUs of different kinds, special media and other accelerators. The processing unit 1004 is responsible for processing the instructions of the algorithm. The processing unit 1004 receives commands from the control unit 1006 in order to perform its processing. Further, any logical and arithmetic operations involved in the execution of the instructions are computed with the help of the ALU 1008. Further, the plurality of process units may be located on a single chip or over multiple chips.
[00126] The algorithm comprising of instructions and codes required for the implementation are stored in either the memory unit 1010 or the storage 1012 or both. At the time of execution, the instructions may be fetched from the corresponding memory 1010 or storage 1012, and executed by the processing unit 1004. The processing unit 1004 synchronizes the operations and executes the instructions based on the timing signals generated by the clock chip 1014. The embodiments disclosed herein can be implemented through at least one software program running on at least one hardware device and performing network management functions to control the elements. The elements shown in the FIGS. 1-10 include various units, blocks, modules, or steps described in relation with methods, processes, algorithms, or systems of the present invention, which can be implemented using any general purpose processor and any combination of programming language, application, and embedded processor.
[00127] The foregoing description of the specific embodiments will so fully reveal the general nature of the embodiments herein that others can, by applying current knowledge, readily modify or adapt for various applications such specific embodiments without departing from the generic concept, and, therefore, such adaptations and modifications should and are intended to be comprehended within the meaning and range of equivalents of the disclosed embodiments. It is to be understood that the phraseology or terminology employed herein is for the purpose of description and not of limitation. Therefore, while the embodiments herein have been described in terms of preferred embodiments, those skilled in the art will recognize that the embodiments herein can be practiced with modification within the spirit and scope of the embodiments as described herein

CLAIMS:We claim:
1. A method for authenticating a user, the method comprising:
displaying randomly a plurality of items on an electronic device, wherein each said item is associated with at least one value and at least one color code;
receiving at least one interaction event performed on at least one said displayed item, wherein said at least one color code associated with each said item is dynamically changed in response to receiving each said interaction event;
computing an input string based on said at least one interaction event; and
determining a match between said input string and a preconfigured password to authenticate said user.
2. The method of claim 1, wherein computing said input string based on said at least one interaction event comprising:
identifying said at least one color code corresponding to at least one said item on which at least one said interaction event is performed, wherein said at least one color code is identified based on a feedback received in said electronic device; and
concatenating said at least one identified color code corresponding to each said interaction event to compute said input string.
3. The method of claim 1, wherein computing said input string based on said at least one interaction event comprising:
identifying said at least one value corresponding to at least one said item on which at least one said interaction event is performed, wherein said at least one value is identified based on a feedback received in said electronic device; and
concatenating said at least one identified value corresponding to each said interaction event to compute said input string.
4. The method of claim 2 or claim 3, wherein said feedback is at least one of a pause, a vibration, an audio signal, and a highlight.
5. The method of claim 1, wherein said value is at least one of an alphabet, a word, a string, a numeric number, a character, a figure, and a symbol.
6. The method of claim 1, wherein said interaction event is at least one of a motion event, a gesture event, a touch event, and a button event.
7. The method of claim 1, wherein said at least one interaction event comprises a sequence of movements performed by said user.
8. The method of claim 1, wherein said preconfigured password is preconfigured by said user and stored in said electronic device.
9. The method of claim 1, wherein each said color code is associated with a hold time threshold.
10. The method of claim 1, wherein said method further comprises:
determining whether said hold time threshold associated with at least one said color code is expired before receiving at least one said interaction event; and
disqualifying said user in response to determining that said hold time threshold associated with at least one said color code is expired before receiving at least one said interaction event.
11. A method for authenticating a user using a server, the method comprising:
displaying randomly a plurality of items on an electronic device, wherein each said item is associated with at least one value and at least one color code;
sending a one-time password (OTP) comprises a preconfigured password to said electronic device, wherein said OTP is generated by said server to authenticate said user;
receiving at least one interaction event performed on at least one said displayed item in accordance to said received preconfigured password, wherein said at least one color code associated with each said interaction is dynamically changed in response to receiving each said interaction event;
computing an input string based on said at least one interaction event; and
determining a match between said input string and said preconfigured password to authenticate said user.
12. The method of claim 11, wherein computing said input string performed on at least one said item based on said at least one interaction event comprising:
identifying said at least one color code corresponding to at least one said item on which at least one said interaction event is performed, wherein said at least one color code is identified based on a feedback received in said electronic device; and
concatenating said at least one identified color code corresponding to each said interaction event to compute said input string.
13. The method of claim 11, wherein computing said input string based on said at least one interaction event comprising:
identifying said at least one value corresponding to at least one said item on which at least one said interaction event is performed, wherein said at least one value is identified based on a feedback received in said electronic device; and
concatenating said at least one identified value corresponding to each said interaction event to compute said input string.
14. The method of claim 12 or claim 13, wherein said feedback is at least one of a pause, a vibration, an audio signal, and a highlight.
15. The method of claim 11, wherein said value is at least one of an alphabet, a word, a string, a numeric number, a character, a figure, and a symbol.
16. The method of claim 11, wherein said interaction event is at least one of a motion event, a gesture event, a touch event and a button event.
17. The method of claim 11, wherein said at least one interaction event comprises a sequence of movements performed by said user.
18. The method of claim 11, wherein each said color code is associated with a hold time threshold.
19. The method of claim 11, wherein said method further comprises:
determining whether said hold time threshold associated with at least one said color code is expired before receiving at least one said interaction event; and
disqualifying said user in response to determining that said hold time threshold associated with at least one said color code is expired before receiving at least one said interaction event.
20. An electronic device for authenticating a user, the electronic device comprising:
a display module configured to display randomly a plurality of items on an electronic device, wherein each said item is associated with at least one value and at least one color code;
an interaction event recognition module configured to receive at least one interaction event performed on at least one said displayed item, wherein said at least one color code associated with each said item is dynamically changed in response to receiving each said interaction event; and
a controller module configured to:
compute an input string based on said at least one interaction event; and
determine a match between said input string and a preconfigured password to authenticate said user.
21. The electronic device of claim 20, wherein compute said input string based on said at least one interaction event comprising:
identify said at least one color code corresponding to at least one said item on which at least one said interaction event is performed, wherein said at least one color code is identified based on a feedback received in said electronic device; and
concatenate said at least one identified color code corresponding to each said interaction event to compute said input string.
22. The electronic device of claim 20, wherein compute said input string based on said at least one interaction event comprising:
identify said at least one value corresponding to at least one said item on which at least one said interaction event is performed, wherein said at least one value is identified based on a feedback received in said electronic device; and
concatenate said at least one identified value corresponding to each said interaction event to compute said input string.
23. The electronic device of claim 21 or claim 22, wherein said feedback is at least one of a pause, a vibration, an audio signal, and a highlight.
24. The electronic device of claim 20, wherein said value is at least one of an alphabet, a word, a string, a numeric number, a character, a figure, and a symbol.
25. The electronic device of claim 20, wherein said interaction event is at least one of a motion event, a gesture event, a touch event, and a button event.
26. The electronic device of claim 20, wherein said at least one interaction event comprises a sequence of movements performed by said user.
27. The electronic device of claim 20, wherein said preconfigured password is preconfigured by said user and stored in said electronic device.
28. The electronic device of claim 20, wherein each said color code is associated with a hold time threshold.
29. The electronic device of claim 20, wherein said method further comprises:
determining whether said hold time threshold associated with at least one said color code is expired before receiving at least one said interaction event; and
disqualifying said user in response to determining that said hold time threshold associated with at least one said color code is expired before receiving at least one said interaction event.
30. A server for authenticating a user, the server comprising:
a display module configured to display randomly a plurality of items on an electronic device, wherein each said item is associated with at least one value and at least one color code;
an password configuration module configured to send a one-time password (OTP) comprises a preconfigured password to said electronic device, wherein said OTP is generated by said server to authenticate said user;
a interaction event recognition module configured to at least one interaction event performed on at least one said displayed item, wherein said at least one color code associated with each said item is dynamically changed in response to receiving each said interaction event; and
a controller module configured to:

compute an input string based on said at least one interaction event; and
determine a match between said input string and said preconfigured password to authenticate said user.
31. The server of claim 30, wherein computing said input string based on said at least one interaction event comprising:
identifying said at least one value corresponding to at least one said item on which at least one said interaction event is performed, wherein said at least one value is identified based on a feedback received in said electronic device; and
concatenating said at least one identified value corresponding to each said interaction event to compute said input string.
32. The server of claim 30, wherein computing said input string performed on at least one said item based on said at least one interaction event comprising:
identifying said at least one color code corresponding to at least one said item on which at least one said interaction event is performed, wherein said at least one color code is identified based on a feedback received in said electronic device; and
concatenating said at least one identified color code corresponding to each said interaction event to compute said input string.
33. The server of claim 31 or claim 32, wherein said feedback is at least one of a pause, a vibration, an audio signal, and a highlight.
34. The server of claim 30, wherein said value is at least one of an alphabet, a word, a string, a numeric number, a character, a figure, and a symbol.
35. The server of claim 30, wherein said interaction event is at least one of a motion event, a gesture event, a touch event, and button event.
36. The server of claim 30, wherein said at least one interaction event comprises a sequence of movements performed by said user.
37. The server of claim 30, wherein each said color code is associated with a hold time threshold.
38. The server of claim 30, wherein said method further comprises:
determining whether said hold time threshold associated with at least one said color code is expired before receiving at least one said interaction event; and
disqualifying said user in response to determining that said hold time threshold associated with at least one said color code is expired before receiving at least one said interaction event.
39. A computer program product comprising a computer executable program code recorded on a computer readable non-transitory storage medium, wherein said computer executable program code when executed causing the actions as claimed in at least one of claim 1, claim 2, claim 3, claim 4, claim 5, claim 6, claim 7, claim 8, claim 9, and claim 10.
40. A computer program product comprising a computer executable program code recorded on a computer readable non-transitory storage medium, wherein said computer executable program code when executed causing the actions as claimed in at least one of claim 9, claim 10, claim 11, claim 12, and claim 13, claim 14, claim 15, claim 16, claim 17, claim 18, and claim 19.