Authentication based on Geo-velocity

Before start to read this article, read my previous article to get an idea about Geo-velocity based adaptive authentication. User can be authenticate based on Geo-velocity by considering different kinds of use case scenarios as I mentioned below. It was explained that what are the possible use case scenarios which can be used to authenticate the user based on Geo-velocity.
“Alex successfully login to the system at 2 pm(IST) in Colombo, Sri Lanka.By using the same credentials that Alex has used, someone is trying to login to the system at 2.15(IST) in New York, USA.”
It’s obvious that someone can’t travel to the USA from Sri Lanka within 15 mins. Therefore system denies the access.By observing the flight history we can identify the impossible time periods that someone anyhow can’t travel a particular distance.
“In the registration, Alex has verified that he only logins from Sri Lanka. Alex successfully login to the system at 2 pm(Sri Lanka time) in Colombo, Sri Lanka.By using the same credentials that Alex has used, someone is trying to login to the system outside from Sri Lanka”
Since user has verified that he only logins from Sri Lanka, there is no need to give access someone from outside. Therefore system denies the access.For this case, if someone verifies that he only logins from a specific location, authenticate that user account by geo-location is enough(no need to authenticate by geo-velocity since he is not traveling)(p.c:- For the other use case scenarios in this article has been assumed that user has not verified that he is only login from a specific location)
“In the registration, Alex has verified that Sri Lanka, India and China as his login locations. Alex successfully login to the system in Colombo, Sri Lanka. By using the same credentials that Alex has used, someone is trying to login to the system from New York.”
Since Alex didn’t verify New York as his one of the login locations, without authenticating that access based on Geo-velocity, system will deny the access at the initial step. Therefore it’s clear that system can deny the access if someone trying to login to the system from a location which user has not verified.
“In the registration, Alex has verified that Sri Lanka, India and China as his login locations. Alex successfully login to the system in Colombo, Sri Lanka. By using the same credentials that Alex has used, someone is trying to login to the system from China.”
Since Alex has verified that one of his login locations can be China, system will have to authenticate that login request using the other authentication steps. If the user verified his login locations, the system can authenticate the user by Geo-velocity for only those locations.
“Alex successfully login to the system at 2pm(IST) in Colombo, Sri Lanka. By using the same credentials that Alex has used, someone is trying to login to the system at 4am(IST) in New York,USA.(after 14 hours)”
Within 14 hours anyone can’t travel to New York from Sri Lanka. Therefore system denies the access. The air travel (bird fly) shortest distance between Sri Lanka and United States is 15,013 km= 9,329 miles. If you travel with an airplane (which has average speed of 560 miles) from Sri Lanka to United States, It takes 16.66 hours to arrive. Therefore, even by a direct flight user can’t travel to USA within 14 hours. For this case, without searching in the database it can calculate the possible time gap between two login locations by using the distance and average/maximum speed of a flight and authenticate the login.
“Alex successfully login to the system at 2pm on Monday (IST) in Colombo, Sri Lanka. By using the same credentials that alex has used, someone is trying to login to the system at 7am on Tuesday(IST) in New York,USA.(after 17 hours)”
To travel within 17 hours, there should be a direct flight to New York from Sri Lanka. But according to the flight database, there is no such direct flight at that time. Therefore system denies the access. First it should check whether the time gap is considerable to travel. For this case, system should have real time flight details to get the details of direct flights between two locations in a given time period
“Alex successfully login to the system at 2 pm on Monday(IST) in Colombo, Sri Lanka. By using the same credentials that Alex has used, someone is trying to login to the system at 2 pm on Tuesday(IST) in New York,USA.(after 24 hours). But there is no possible way to travel within that period.”
Even Though, it is possible to travel New York from Sri Lanka within 24 hours, according to the flight database there are no flights which start to fly after 2 pm on Monday which arrives to USA before 2 pm Tuesday.(including transit flights). Therefore, system denies the access. For this case, system should connect with a real time flight database.
“Alex successfully login to the system from South Korea. By using the same credentials that Alex has used, someone is trying to login to the system from North Korea. Anybody can’t travel to North Korea from South Korea as it is disallowed.Therefore system denies the access”
It’s not allowed for someone to enter North Korea from South Korea, two continuous logins can’t be from South Korea and North Korea.For this case, a database should be maintained to store specific locations which are having geographical barriers and which are identified as forbidden areas because of terrorism.
So I hope by reading the above use case scenarios, now you understand how user can be authenticate based on Geo-velocity.
Thank you!