A method and a user device for authenticating a user to access a digital document

The dual-passcode authentication method using QR codes and challenge patterns addresses vulnerabilities in existing systems, ensuring secure and cost-effective access to digital documents without additional plugins.

WO2026142939A1PCT designated stage Publication Date: 2026-07-02THALES DIS CPL USA INC

Patent Information

Authority / Receiving Office
WO · WO
Patent Type
Applications
Current Assignee / Owner
THALES DIS CPL USA INC
Filing Date
2025-12-19
Publication Date
2026-07-02

AI Technical Summary

Technical Problem

Existing authentication solutions for accessing digital documents are vulnerable to brute-force attacks, expose personal identifiable information, and require costly plugins, making them unsuitable for cost-effective and secure access.

Method used

A dual-passcode authentication method involving a first passcode entry followed by interaction with instructions like QR codes or challenge patterns, with a second passcode request transmitted to a web policy server for verification, ensuring secure and cost-effective access without additional plugins.

Benefits of technology

Enhances security with dual authentication and eliminates the need for additional software, providing an easy and cost-effective way to access digital documents both online and offline.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure US2025060507_02072026_PF_FP_ABST
    Figure US2025060507_02072026_PF_FP_ABST
Patent Text Reader

Abstract

Embodiments of the present disclosure relates to a user device and a method for authenticating a user to access a digital document. The method comprises the steps of receiving an access request from a user to access the digital document at a user device associated with the user and prompting the user to enter a first passcode. The method further comprises the steps of receiving a first input from the user within a user interface of the digital document and rendering instructions within the user interface of the digital document in an event the first input entered by the user matches with the first passcode. The method further comprises the steps of receiving a second input within the user interface of the digital document and allowing access of the digital document to the user in an event the second input from the user matches with a second passcode.
Need to check novelty before this filing date? Find Prior Art

Description

[0001] A METHOD AND A USER DEVICE FOR AUTHENTICATING A USER TO ACCESS A DIGITAL DOCUMENT

[0002] Field of the invention

[0003] The present disclosure relates to authentication systems . More particularly, the embodiments of the present disclosure relate to a user device and a method for authenticating a user to access a digital document .

[0004] Background of the invention

[0005] Security is of utmost importance for providing access of online or offline digital document to a user . Before granting the access of the digital document to the user, several authentication solutions exist today for verifying the identity of the user and ensuring that the access of the digital document is provided to a right / permitted user . One such authentication solution involves the usage of a password. If the user enters the password, then the access of the digital document is provided to the user, otherwise the access of the digital document is denied to the user .

[0006] However, such existing authentication solution has its own downside . One of the downsides is that the passwords are predictable and can be cracked through a brute-force attack. Secondly, the existing authentication has an elevated exposure risk due to personal identifiable information (PII ) data leaks . Other existing authentication solution is costly to implement and maintain, making it more suitable for enterprise-level applications . Such authentication solution requiresadditional plugins to be installed on the user device to access the digital document .

[0007] Therefore, there is a need for an improved solution which offers an easy and cost-effective way of accessing the digital document on the user device . There is also a need for an improved solution for accessing the digital document which eliminates the need of any additional plug-ins .

[0008] Summary of the Invention

[0009] In some exemplary embodiments, a method is provided for authenticating a user to access a digital document . The method comprises the steps of receiving an access request from a user to access the digital document at a user device associated with the user and prompting the user to enter a first passcode in response to the access request . The method also comprises the step of receiving a first input from the user within a user interface of the digital document after prompting the user to enter the first passcode . The method also comprises the step of rendering instructions within the user interface of the digital document in an event the first input entered by the user matches with the first passcode . The method also comprises the steps of receiving a second input from the user within the user interface of the digital document after rendering the instructions and allowing access of the digital document to the user in an event the second input from the user matches with a second passcode .

[0010] In some exemplary embodiments, the rendering of the instructions within the user interface comprisesrendering at least one of an access link, a challenge pattern, and a quick response (QR) code .

[0011] In some exemplary embodiments, a second passcode request is transmitted to a web policy server in an event the user interacts with the instructions .

[0012] In some exemplary embodiments, the second passcode is received by the user device of the user from the web policy server .

[0013] In some exemplary embodiments, the second passcode is a pre-defined passcode associated with a challenge pattern .

[0014] In some exemplary embodiments, contents of the digital documents is displayed within the user interface of the digital document at the user device of the user in an event the access to the digital document is allowed.

[0015] In some exemplary embodiments, the digital document comprises at least one of an online digital document and an offline digital document .

[0016] In some exemplary embodiments, the digital document corresponds to at least one of a portable document file (PDF) , an attachment document, an embedded document, a word document, an email document, a presentation document, a spreadsheet document, a folder, and a file .

[0017] In some exemplary embodiments, the web policy server determines one or more rules associated the digital document to access the digital document .

[0018] In some exemplary embodiments, the digital document is associated with a unique identifier .

[0019] In some exemplary embodiments, a user device is provided for authenticating a user to access a digital document . The user device comprises a display configuredto receive an access request from a user to access the digital document at a user device associated with the user and to prompt the user to enter a first passcode in response to the access request . The display is also configured to receive a first input from the user within a user interface of the digital document after prompting the user to enter the first passcode and render instructions within the user interface of the digital document in an event the first input entered by the user matches with the first passcode . The display is also configured to receive a second input from the user within the user interface of the digital document after rendering the instructions . The user device also comprises a processing unit configured to allow access of the digital document to the user in an event the second input from the user matches with a second passcode .

[0020] In some exemplary embodiments, the display is further configured to render the instructions comprising at least one of an access link, a challenge pattern, and a quick response (QR) code .

[0021] In some exemplary embodiments, a transmitter is configured to transmit a second passcode request to a web policy server in an event the user interacts with the instructions .

[0022] In some exemplary embodiments, the display is further configured to display contents of the digital documents within the user interface of the digital document at the user device of the user in an event the access to the digital document is allowed.

[0023] In some exemplary embodiments, a non-transitory computer-readable medium storing computer-executableinstructions is provided for authenticating a user to access a digital document . The computer-executable instructions configured for receiving an access request from a user to access the digital document at a user device associated with the user and prompting the user to enter a first passcode in response to the access request . The computer-executable instructions configured for receiving a first input from the user within a user interface of the digital document after prompting the user to enter the first passcode . The computer-executable instructions configured for rendering instructions within the user interface of the digital document in an event the first input entered by the user matches with the first passcode . The computer-executable instructions configured for receiving a second input from the user within the user interface of the digital document after rendering the instructions and allowing access of the digital document to the user in an event the second input from the user matches with a second passcode .

[0024] Brief description of the drawings

[0025] Figure 1 illustrates an exemplary system architecture of the present disclosure, in accordance with an exemplary embodiment of the present disclosure,

[0026] Figure 2 illustrates an exemplary method flow diagram for authenticating a user to access a digital document, in accordance with an exemplary embodiment of the present disclosure,

[0027] Figure 3A-3D illustrate exemplary instances occurred for authenticating the user to access thedigital document, in accordance with an exemplary embodiment of the present disclosure, and

[0028] Figure 4 depicts a block diagram of a server and / or a user device, in accordance with an exemplary embodiment of the present disclosure .

[0029] Detailed description

[0030] Figure 1 depicts an exemplary system architecture 100 in accordance with an exemplary embodiment of the present disclosure . The system architecture 100 comprises, but is not limited to, a web policy server 102 connected to a user device 106 through a network 104.

[0031] As used herein, the term "server" may refer to a physical server in a data center or a cloud server running in a cloud computing environment and possessing the capabilities of performing the authentication procedures .

[0032] As used herein, the term "user device" may refer to a smart device, a cellular device, a mobile phone, a smart watch, a tablet, a personal digital assistance, a laptop, a personal / desktop computer, a television, or any such device that is obvious to a person skilled in the art .

[0033] As used herein, the term "network" may refer to a wired network or a wireless network. The wired network generally requires cables, ethernet or wires to connect the user device 106 with the network 104. The wireless network enables the user device 106 to get wirelessly connected with the network 104. Examples of such wireless network includes, but is not limited to, a cellular network (such as GSM network, CDMA Network or any other telecommunication mobile network) or a short-rangenetwork (WiFi network, Near-field communication (NFC) , a ZigBee network, a bluetooth network etc . ) .

[0034] Although, Figures 1 shows that the user device 106 and the web policy server 102 are connected through the same network 104, however, it is understood for a person skilled in the art that the user device 106 and the web policy server 102 can also be connected through two different or separate networks .

[0035] Further, the user device 106 may be associated with a user 108 who is using the user device 106 for various purposes as described herein. Herein, the user 108 may want access the digital document 110 at the user device 106. In some exemplary embodiments, the user 108 wishes to open and access the digital document 110 stored locally on the user device 106. Such locally stored digital document 110 may refer to an "offline" digital document . In some other exemplary embodiments, the user 108 wishes to open and access the digital document 110 stored at a remote cloud storage . Such remotely stored digital document 110 may refer to an "online" digital document which can be accessed via a web service . How the access of the digital document 110 is allowed to the user 108 is described below in Figure 2, and Figures 3A-3D.

[0036] As used herein, the term "digital document" may be associated with a unique identifier which may be created, managed and stored by an application associated with the digital document and may be executed by the user device 106. Such digital document may refer to a portable document file (PDF) , an attachment document, an embedded document, a word document, an email document, a presentation document, a spreadsheet document, anapplication, a service, a folder, a file, or any such document that is obvious to a person skilled in the art .

[0037] Figure 2 depicts an exemplary method flow diagram 200 for authenticating the user 108 to access the digital document 110, in accordance with an exemplary embodiment of the present disclosure . At step 202, the method flow diagram 200 starts .

[0038] At step 204, the user 108 may double-click, click, or touch or tap at the digital document 110, an access request from the user 108 may be received to access the digital document 110. Such access request may be received at the user device 106 associated with the user 108. Herein, the digital document 110 may accessed via an application installed on the user device 106 or accessed via a web service used through the user device 106 or directly at the user device 106.

[0039] In a first exemplary embodiment, if the digital document 110 is a portable document file (PDF) document, then a PDF reader application (such as Adobe Acrobat Reader) is needed to access the digital document 110. In a second exemplary embodiment, if the digital document 110 is a word document, then a word application (such as Microsoft Word) is needed to access the digital document 110. In a third exemplary embodiment, if the digital document 110 is an email document, then an email application (such as Microsoft Outlook) is needed to access the digital document 110. In a fourth exemplary embodiment, if the digital document 110 is a folder document stored on the user device 106, then a file explorer application is needed to directly access thedigital document 110. In a fifth exemplary embodiment, if the digital document 110 is a file document stored remotely on a cloud storage service (such as Google Docs) , then a web browser application is needed to access the digital document 110. In a sixth exemplary embodiment, if the digital document 110 is a web service (such as Facebook web service) , then a web browser application is needed to access the digital document 110.

[0040] Considering a first example that the digital document 110 is a PDF document or in a second example, the digital document 110 is an embedded PDF digital document (i . e . a second digital document) in another PDF digital document (i . e . a first digital document) . When the user 108 double-clicks, clicks, or touches or taps at the digital document 110, the user device 106 may transmit an access request to access the digital document 110 to an application (i . e . PDF reader associated with the digital document 110) installed on the user device 106. Such access request may comprise a unique identifier associated with the digital document 110. The application may receive the access request from the user 108 to access the digital document 110 at the user device 106. Also, when the user 108 double-clicks, clicks, or touches or taps at the digital document 110, a user interface of the application may also open i . e . a blank window of the application without any display of the content is also opened .

[0041] At step 206, when the application associated with the digital document 110 receives the access request, the application may retrieve the unique identifier associated with the digital document 110. And, in response to theaccess request, the application associated with the digital document 110 may prompt the user 108 to enter a first passcode . Referring to Figure 3A, the user interface of the application associated with the digital document 110 displays a message 302 (i . e . "First Passcode?") to the user 108. Such display of the message 302 may prompt the user 108 to enter the first passcode .

[0042] At step 208, after prompting the user 108 to enter the first passcode, the application associated with the digital document 110 may receive a first input from the user 108 within the user interface of the digital document 110. Referring to Figure 3B, the user interface of the application associated with the digital document 110 shows that the first input 304 (as an example, 6 characters input) is inputted by the user 108 at the user interface of the digital document 110.

[0043] At step 210, the application associated with the digital document 110 may compare the first input 304 entered by the user 108 with the first passcode . For such comparison, the application associated with the digital document 110 may first utilize the unique identifier associated with the digital document 110, retrieved from the access request . The application associated with the digital document 110 may utilize the unique identifier associated with the digital document 110 to determine the first passcode pre-defined by the user 108 for accessing the digital document 110. The application associated with the digital document 110 may store the first passcode in a local memory or a cloud storage .

[0044] Herein, the term "first passcode" may refer to at least of biometric data of the user 108, a personalidentification number, a system generated pattern based passcode with combination of (PH ) data, a password, a government or organization issued identifier, a personal identifier number (PIN) , a string of alphabets, numbers, special symbols (such as @, !"&%) , and a combination thereof . Further, the length of the first passcode may vary depending upon a type of the digital document 110.

[0045] In some exemplary embodiments, the first passcode associated with the digital document 110 may be predefined by the user 108 at a time of using the application associated with the digital document 110 for the first time, a time of creating the digital document 110 or anytime before protecting the digital document 110 with a passcode .

[0046] In an event the first input 304 entered by the user 108 does not match with the first passcode, the application associated with the digital document 110 may rej ect or deny the access request from the user 108 to access the digital document 110. Considering an example, if the first passcode is "E7DFR6" and the first input 304 is "E6DFR6 », then, in this example, the access request from the user 108 is denied as the first passcode does not match with the first input .

[0047] In an event the first input 304 entered by the user 108 matches with the first passcode, the application associated with the digital document 110 may render instructions 306, 308, 310 within the user interface of the digital document 110. Considering an example, if the first passcode is "E7DFR6" and the first input 304 is "E7DFR6", then, in this example, the access request fromthe user 108 is accepted as the first passcode matches with the first input .

[0048] In the second example where the digital document 110 is an embedded PDF digital document (i . e . the second digital document) in another PDF digital document ( i . e . the first digital document) , the application associated with the digital document 110 may display non-sensi five or non-conf idential content (along with the instructions 306, 308, 310) in an event the first input 304 entered by the user 108 matches with the first passcode . For accessing the sensitive or confidential content of the embedded PDF digital document (i . e . the second digital document) in the another PDF digital document (i . e . the first digital document) , the user 108 may have to interact with the instructions 306, 308, 310. In some exemplary embodiments, rendering of the instructions within the user interface comprises rendering at least one of a quick response (QR) code 306, an access link 308 and a challenge pattern 310. Referring to Figure 3C, the user interface of the application associated with the digital document 110 shows the quick response (QR) code 306, the access link 308 and the challenge pattern 310.

[0049] In a first exemplary embodiment, the user 108 may choose to interact with the QR code 306 or the access link 308. If the user 108 choose to interact with the QR code 306, then, the user 108 may scan the QR code 306 using the user device 106 or any other device associated with the user 108. If the user 108 choose to interact with the access link 308, then, the user 108 may click or tap or touch the access link 308 at the user deviceOn scanning the QR code 306 or clicking or tapping or touching the access link 308, the user device 106 executing the application associated with the digital document 110 may communicate with the web policy server 102 through the network 104 and may transmit a second passcode request for the user 108 to access the digital document 110. Such second passcode request may also comprise at least one of the unique identifier associated with the digital document 110, an identity of the user 108 such as a name of the user 108 and a unique identifier associated with the user 108.

[0050] The web policy server 102 may receive the second passcode request for the user 108 to access the digital document 110. Then, the web policy server 102 may determine one or more rules associated the digital document 110 to access the digital document 110 by the user 108, based on the unique identifier associated with the digital document 110. In a first exemplary embodiment, a first rule of the one or more rules correspond to a number of times the second passcode can be sent to the user 108 for accessing the digital document 110. For an example, the user 108 has a maximum limit of 10 times for accessing the digital document 110 each day. Once this maximum number of times is exceeded, the second passcode may not be generated and sent to the user 108 by the web policy server 102.

[0051] In a second exemplary embodiment, a second rule of the one or more rules correspond to a geofencing based access request by the user 108. For an example, the user 108 is allowed to access the digital document 110 only when the user 108 is in a geo-fence of a specificarea / location . In a third exemplary embodiment, a third rule of the one or more rules correspond to allow access of the digital document 110 to the user 108 only from certain regions . For an example, the user 108 is allowed to access the digital document 110 only when the user 108 is in a specific region such as a Paris, France . In a fourth exemplary embodiment, a first fourth of the one or more rules correspond to allow access of the digital document 110 to the user 108 only at a specific time interval . For an example, the user 108 is allowed to access the digital document 110 only when the user 108 is accessing it only during the office hours, 9 : 00 AM to 6 : 00 PM) . In a fifth exemplary embodiment, a fifth rule of the one or more rules correspond to allow access of the digital document 110 to the user 108 only on enforcing captcha to avoid spam. For an example, the user 108 is allowed to access the digital document 110 only when the user 108 enters a CAPTCHA as prompted by the web policy server 102. In a sixth exemplary embodiment, a sixth rule of the one or more rules correspond to an IDP authentication requiring another authentication with a configured IDP . For an example, the user 108 is allowed to access the digital document 110 only when the user 108 can authenticate himself / herself via a biometric system. In a seventh exemplary embodiment, a seventh rule of the one or more rules correspond to an expiry of the access link 308 based on a time-period of generating the access link 308. For an example, the user 108 is allowed to access the digital document 110 only when the user 108 clicks or taps on the access link 308 within a timeperiod of 5 minutes .Further, the web policy server 102 may generate a second passcode for the user 108 to access the digital document 110 in response to the second passcode request from the user device 106 executing the application associated with the digital document 110. Here, the web policy server 102 generates the second passcode for the user 108 only when the one or more rules associated the digital document is / are fulfilled. Then, the web policy server 102 may transmit the second passcode to the user device 106. Although, it is shown and described that the second passcode is sent to the same user device 106 which is executing the application associated with the digital document 110; however, it is understood for a person skilled in the art that the second passcode is sent to a different user device (via an electronic email, a message etc . ) which is not executing the application associated with the digital document 110 but still associated with the user 108 .

[0052] At step 212, the application associated with the digital document 110 may prompt the user 108 to enter the second passcode after rendering the instructions to the user 108. In response to prompting the user 108 to enter the second passcode, the application associated with the digital document 110 may receive a second input from the user 108 within the user interface of the digital document . In the first exemplary embodiment where the user 108 may choose to interact with the QR code 306 or the access link 308. Herein, the user 108 may enter the second input within the user interface of the digital document 110. For this, the user 108 may enter the secondinput as the second passcode received from the web policy server 102.

[0053] In a second exemplary embodiment, the user 108 may choose to interact with the challenge pattern 310. If the user 108 choose to interact with the challenge pattern 310, then, the user 108 may enter a second input within the user interface of the digital document 110. For this, the user 108 may enter the second input . Herein for in the second exemplary embodiment, the second passcode may be pre-defined as a pattern (associated with the digital document 110) for the challenge pattern 310 by the user 108 at a time of using the application associated with the digital document 110 for the first time, a time of creating the digital document 110 or anytime before protecting the digital document 110 with a passcode . The application associated with the digital document 110 may store the second passcode in a local memory or a cloud storage .

[0054] At step 214, the application associated with the digital document 110 may compare the second input received from the user 108 within the user interface of the digital document with the second passcode either received by the user 108 from the web policy server 102 or pre-defined by the user 108 as the pattern (associated with the digital document 110) . For such comparison, the application associated with the digital document 110 may utilize the unique identifier associated with the digital document 110, retrieved from the access request . The application associated with the digital document 110 may utilize the unique identifier associated with the digital document 110 to determine the second passcode pre-definedas the pattern by the user 108 for accessing the digital document 110. The application associated with the digital document 110 may store the second passcode in a local memory or a cloud storage .

[0055] Herein, the term "second passcode" may refer to at least of a pattern, biometric data of the user 108, a personal identifier number (PIN) , a string of alphabets, numbers, special symbols (such as @, !"&%) , and a combination thereof . Further, the length of the first passcode may vary depending upon a type of the digital document 110.

[0056] In an event, the second input from the user 108 matches with the second passcode associated with the digital document 110, the application associated with the digital document 110 may allow access of the digital document 110 to the user 108. Considering an example, if the second passcode is "S@87npR" and the second input is "S@87npR", then, in this example, the user 108 is allowed the access of the digital document 110 as the second passcode matches with the second input .

[0057] In an event, the second input from the user 108 does not match with the second passcode, the application associated with the digital document 110 may rej ect or deny access of the digital document 110 to the user 108. Considering an example, if the second passcode is "S@87npR" and the second input is "w@87npR", then, in this example, the user 108 is denied the access of the digital document 110 as the second passcode does not match with the second input .

[0058] And when the application associated with the digital document 110 allows access of the digitaldocument 110 to the user 108, the application associated with the digital document 110 display the sensitive or confidential content of the digital documents 110 within the user interface of the digital document 110 at the user device 106 of the user 108. Figure 3D shows the contents of the digital document 110 being displayed within the user interface of the digital document 110 at the user device 106. In the second example where the digital document 110 is an embedded PDF digital document (i . e . the second digital document) in another PDF digital document (i . e . the first digital document) , the application associated with the digital document 110 may display sensitive or confidential content to the user 108 within the user interface of the digital document 110.

[0059] At step 216, the method flow diagram 200 ends . In some exemplary embodiments, each digital document 110 may have a different passcode from other digital documents . In particular, the user 108, at the time of creating the digital document 110 or at the first time of using the application associated with the digital document 110, may sign-up or register for using and accessing the application associated with the digital document 110 using personal information such as a name, a contact number, an email address etc . Then, after the sign-up or the registration, the user 108 or a service generating the document may pre-define the first passcode and may also opt or choose a preferred instruction 306, 308, 310 for accessing the digital document 110.

[0060] When the user 108 opts or chooses a preferred instruction 310 (i . e . a challenge pattern) , the user 108 may also setup or pre-define the second passcodeassociated with the digital document 110. Such instruction 310 (i . e . a challenge pattern) for the second passcode offers a complete offline solution for accessing the digital document 110 without requiring the need for communicating with the web policy server 102.

[0061] Thereby, the proposed solution offers the technical advantage of enhances security by providing dual authentication to access the digital document 110 using two passcodes . The proposed solution offers the technical advantage of an easy and cost-effective way of accessing the digital document 110 on the user device 106. Also, the proposed solution offers the technical advantage of accessing the digital document 110 which eliminates the need of any additional plug-ins or software .

[0062] Figure 4 depicts a block diagram of the web policy server 102 and / or the user device 108, in accordance with an exemplary embodiment of the present disclosure . The web policy server 102 and / or the user device 108 may include processing unit 402, memory 404, a communication interface 406, and input / output devices 408. Each of these components may be operatively coupled to a communication bus 410, which may be configured, e . g. , for optical and / or electrical communication.

[0063] The processing unit 402 may include a central processing unit, application-specific integrated circuit (ASIC) , digital signal processor (DSP) , or another type of processing circuit . The processing unit 402 may be implemented using mainframe, distributed processor, multi-core, parallel, grid, or other architectures . The processing unit 402 may be configured to implement the functions, procedures, and / or methods proposed by thepresent invention as described in the above Figures . Further, layers of a wireless interface protocol may be implemented by the processing unit 402.

[0064] The memory 404 may be any suitable medium that participates in providing instructions to the processing unit 402 for execution. For example, the memory 404 may be non-transitory or non-volatile medium, such as a magnetic disk or solid-state non-volatile memory or volatile medium such as random-access memory (RAM) . The instructions or modules stored on memory 404 may include machine-readable instructions executed by the processing unit 402 that cause the processing unit 402 to perform the methods and functions as described herein.

[0065] Further, the memory 404 may be communicatively coupled to the processing unit 402 and store information related to operations of the processing unit 408. The memory 404 may be located inside or outside the processing unit 402 and may be connected to processing unit 408 through various well-known means .

[0066] The communication interface 406 may use any apparatus such as a transceiver or an RF module to communicate with another device or the network 104 such as the Ethernet, a radio access network (RAN) , or a wireless local area network (WLAN) . In other examples, the communication interface 406 may be a Local Area Network (LAN) interface, a wireless 802. llx interface, a 3G, 4G, 5G, or 6G mobile WAN or a WiMax WAN.

[0067] The input / output devices 408 may include one or more input and output devices . The input device may be a keyboard, mouse, joystick, (infrared) remote control, camera, card reader, fax machine, dongle, biometricreader, microphone, touch screen, touchpad, trackball, sensor (e . g. , accelerometer, light sensor, GPS, gyroscope, proximity sensor, or the like) , stylus, scanner, storage device, transceiver, video device / source, visors, etc . The output device may be a printer, fax machine, a display (may be, a video display, liquid crystal display (LCD) , light-emitting diode (LED) , Organic-LED (OLED) etc . ) , Quantum Dot Light Emitting Diode (QLED) , Micro LED, Mini-LED, Quantum Dot OLED (QD-OLED) , audio speaker, etc .

[0068] Herein, the display 408 is configured to receive an access request from a user to access the digital document at a user device associated with the user 108. The display 408 is configured to prompt the user 108 to enter a first passcode in response to the access request . The display 408 is configured to receive a first input from the user 108 within a user interface of the digital document 110 after prompting the user to enter the first passcode . The display 408 is configured to render instructions within the user interface of the digital document 110 in an event the first input entered by the user 108 matches with the first passcode . The display 408 is configured to receive a second input from the user within the user interface of the digital document 110 after rendering the instructions . The processing unit 402 is configured to allow access of the digital document 110 to the user in an event the second input from the user 108 matches with a second passcode .

[0069] The display 408 is further configured to render the instructions comprising at least one of an access link, a challenge pattern, and a quick response (QR) code . Thedisplay 408 is also configured to display contents of the digital document within the user interface of the digital document 110 at the user device of the user in an event the access to the digital document 110 is allowed. The transmitter 406A is configured to transmit a second passcode request to a web policy server in an event the user interacts with the instructions .

[0070] In some exemplary embodiments, a non-transitory computer-readable medium storing computer-executable instructions for authenticating a user 108 to access a digital document 110. The computer-executable instructions configured for receiving an access request from a user 108 to access the digital document 110 at a user device associated with the user 108. The computerexecutable instructions configured for prompting the user 108 to enter a first passcode in response to the access request . The computer-executable instructions configured for receiving a first input from the user 108 within a user interface of the digital document after prompting the user 108to enter the first passcode . The computerexecutable instructions configured for rendering instructions within the user interface of the digital document in an event the first input entered by the user 108 matches with the first passcode . The computerexecutable instructions configured for receiving a second input from the user 108 within the user interface of the digital document 110 after rendering the instructions . The computer-executable instructions configured for allowing access of the digital document 110 to the user108 in an event the second input from the user 108 matches with a second passcode .

[0071] Implementations and all of the functional operations described in this description may be realized in digital electronic circuitry, or in computer software, firmware, or hardware, including the structures disclosed in this description and their structural equivalents, or in combinations of one or more of them.

[0072] The foregoing discussion of the disclosure has been presented for purposes of illustration and description. The foregoing is not intended to limit the disclosure to the form or forms disclosed herein. In the foregoing detailed description for example, various features of the disclosure are grouped together in one or more examples, configurations, or aspects for the purpose of streamlining the disclosure . The features of the examples, configurations, or aspects of the disclosure may be combined in alternate examples, configurations, or aspects other than those described above . Hence, the present disclosure and drawings should not be considered in a limiting sense, as it is understood that an invention presented within a disclosure is in no way limited to those examples specifically illustrated.

[0073] Accordingly, the above description and any accompanying drawings, illustrations, and figures are intended to be illustrative but not restrictive . The scope of any invention presented within this disclosure should, therefore, be determined not with simple reference to the above description and those examples shown in the figures, but instead should be determinedwith reference to the pending claims along with their full scope or equivalents .

Claims

CLAIMS1. A method for authenticating a user to access a digital document, the method comprising the steps of : receiving an access request from a user to access the digital document at a user device associated with the user;prompting the user to enter a first passcode in response to the access request;receiving a first input from the user within a user interface of the digital document after prompting the user to enter the first passcode;rendering instructions within the user interface of the digital document in an event the first input entered by the user matches with the first passcode;receiving a second input from the user within the user interface of the digital document after rendering the instructions; andallowing access of the digital document to the user in an event the second input from the user matches with a second passcode .

2. The method according to claim 1, wherein the rendering of the instructions within the user interface comprises rendering at least one of an access link, a challenge pattern, and a quick response (QR) code .

3. The method according to any previous claims, further comprising, transmitting a second passcode request to aweb policy server in an event the user interacts with the instructions .

4. The method according to any previous claims, wherein the second passcode is received by the user device of the user from the web policy server .

5. The method according to any previous claims, wherein the second passcode is a pre-defined passcode associated with a challenge pattern.

6. The method according to any previous claims, further comprising, displaying contents of the digital documents within the user interface of the digital document at the user device of the user in an event the access to the digital document is allowed.

7. The method according to any previous claims, wherein the digital document comprises at least one of an online digital document and an offline digital document .

8. The method according to any previous claims, wherein the digital document corresponds to at least one of a portable document file (PDF) , an attachment document, an embedded document, a word document, an email document, a presentation document, a spreadsheet document, a folder, and a file .

9. The method according to any previous claims, wherein the web policy server determines one or more rulesassociated the digital document to access the digital document .

10. The method according to any previous claims, wherein the one or more rules comprise at least one of a first rule, a second rule, a third rule, a fourth rule, a fifth rule, a sixth rule and a seventh rule .

11. A user device for authenticating a user to access a digital document, the user device comprising:a display configured to :receive an access request from a user to access the digital document at a user device associated with the user;prompt the user to enter a first passcode in response to the access request;receive a first input from the user within a user interface of the digital document after prompting the user to enter the first passcode; andrender instructions within the user interface of the digital document in an event the first input entered by the user matches with the first passcode;receive a second input from the user within the user interface of the digital document after rendering the instructions; anda processing unit configured to :allow access of the digital document to the user in an event the second input from the user matches with a second passcode .

12. The user device according to any previous claims, wherein the display is further configured to render the instructions comprising at least one of an access link, a challenge pattern, and a quick response (QR) code .

13. The user device according to any previous claims, further comprising, a transmitter configured to transmit a second passcode request to a web policy server in an event the user interacts with the instructions .

14. The user device according to any previous claims, wherein the display is further configured to display contents of the digital documents within the user interface of the digital document at the user device of the user in an event the access to the digital document is allowed.

15. A non-transitory computer-readable medium storing computer-executable instructions for authenticating a user to access a digital document, the computerexecutable instructions configured for :receiving an access request from a user to access the digital document at a user device associated with the user;prompting the user to enter a first passcode in response to the access request;receiving a first input from the user within a user interface of the digital document after prompting the user to enter the first passcode;rendering instructions within the user interface of the digital document in an event the first input entered by the user matches with the first passcode;receiving a second input from the user within the user interface of the digital document after rendering the instructions; andallowing access of the digital document to the user in an event the second input from the user matches with a second passcode .