Apple has been filed for a patent (number 9,959,539) for “continual authorization for secured functions.” It’s designed to make Macs, iPhones, iPads, and Apple Watches more secure.
In the patent filing, Apple notes that such devices may be configured to require one or more credentials proving authorization for performing one or more functions, referred to as “secured functions.” For example, a secured function that may require credentials before performance may be providing a purchasing interface for purchasing digital content (such as image files, music or other audio files, video files, software applications, and other such digital content) for the computing device.
When the device determines to provide the purchasing interface (such as in response to a user request for the purchasing interface), the computing device may require one or more credentials proving authorization before the computing device provides the purchasing interface. Such credentials may be provided by the user, may be stored by the device (such as in one or more cookies), and/or may be otherwise similarly provided before the computing device provides the purchasing interface.
For example, when a user requests the purchasing interface, the device may prompt the user for a password. The device may compare a password provided by the user with a stored password (such as by encrypting the user provided password with an encrypted version of the stored password) that is associated with an appropriate authorization to execute the purchasing interface. If the user provided password matches the stores password the computing device determines that the user is authorized to access the purchasing interface and provides the purchasing interface accordingly.
Apple notes that, in general, computing devices don’t require you to continuously provide passwords or other credentials constantly. Typically, a device obtains credentials proving authorization from a user to access the secured function for a period of time often referred to as the “grace period” (which may be 10 seconds, one hour, until the computing device or the software application utilized to access the secured function restarts, or any other such period of time).
However, users may not retain control of a device during such a grace period. For example, a mother may enter her password on her smart phone in order to purchase one or more songs to use on the phone. She may then put her phone down and not pay attention, enabling her toddler to pick up the phone and play with it.
In this case, the grace period may not have elapsed since the mother entered her password. As such, the toddler may inadvertently (simply by playing with the phone) purchase any number of songs for her mother’s phone. Likely, the mother will neither want the songs nor want to pay for them. As such, though the smart phone required the mother to enter her password to purchase songs, the smart phone was still unable to prevent the unauthorized purchases. Apple wants to help eliminate such scenarios.
Here’s Apple’s summary of the invention: “A computing device may determine to execute a secured function. The computing may obtain a biometric of the user of the computing device utilizing one or more biometric sensors associated with the computing device, determine that the biometric matches the biometric of a user authorized to utilize the secured function, and execute the secured function. Whenever during execution of the secured function the computing device determines that the biometric sensor no longer detects the biometric of the user, the computing device may cease execution of the secured function.”
Of course, Apple files for — and is granted — lots of patents by the U.S. Patent & Trademark Office. Many are for inventions that never see the light of day. However, you never can tell which ones will materialize in a real product.
Like this article? Consider supporting Apple World Today with a $5 monthly Team AWT membership.
