What technology area does this patent fall under?

Primary CPC classification G06Q20/1085. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Jun 01 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Authenticating a customer to a risk level using an authorization token

US11023871B1 · US · B1

Patent metadata
Field	Value
Publication number	US-11023871-B1
Application number	US-201916697116-A
Country	US
Kind code	B1
Filing date	Nov 26, 2019
Priority date	Nov 26, 2019
Publication date	Jun 1, 2021
Grant date	Jun 1, 2021

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Disclosed herein are system, method, and computer program product embodiments for authenticating a mobile user via an authentication method determined based on a token level associated with the action being completed. An authentication token is created corresponding to the token level and the authentication token is sent to the mobile device. This authentication token may be used to authenticate subsequent actions and engage various services to complete the actions using application programming interfaces. The authentication token stored on the mobile device obviates the need for a user to authenticate multiple times to complete actions requiring a similar token level. The system may authenticate the identity of the mobile user using various authentication methods.

First claim

Opening claim text (preview).

What is claimed is: 1. A computer implemented method, comprising: receiving, by one or more computing devices, a request from a mobile device user on a mobile application on a mobile device to perform an action; determining, by the one or more computing devices, a token level required by the action, wherein the token level is determined based on financial transactions performed in the past by the mobile device user; authenticating, by the one or more computing devices, the mobile device user using an authentication method based on the token level; creating, by the one or more computing devices, an authorization token that associates the mobile device with the token level, wherein the authorization token remains in effect for a certain amount of time that varies based on the token level; sending, by the one or more computing devices, the authorization token to the mobile device; receiving, by the one or more computing devices, a second request from the mobile device user on the mobile application on the mobile device to perform a second action, wherein the second action invokes a service, wherein the second request comprises the authorization token and an identifier associated with an automated teller machine (ATM), and wherein the identifier is encoded in a matrixed identifier displayed on the ATM that the mobile device scans using a view-finder screen activated in the mobile application; causing, by the one or more computing devices, the service to verify that the token level in the authorization token is sufficient to perform the second action and issue instructions to the ATM to cause the ATM to complete the second action; and causing, by the one or more computing devices, the mobile application to display a confirmation screen indicating that the ATM completed the second action. 2. The computer implemented method of claim 1 , wherein the second action is a cash withdrawal. 3. The computer implemented method of claim 1 , further comprising: determining, by the one or more computing devices, a second token level required by the second action; and authenticating, by the one or more computing devices, the mobile device user using a secondary authentication method when the second token level is greater than the token level. 4. The computer implemented method of claim 1 , the determining the token level further comprising: calculating, by the one more computing devices, a drainage indicator based on actions performed in the past by the mobile device user, wherein the drainage indicator comprises a total value of past withdrawals; calculating, by the one more computing devices, a velocity indicator based on the actions performed in the past by the mobile device user, wherein the velocity indicator comprises a count of past withdrawals; and determining, by the one or more computing devices, the token level based on the drainage indicator and the velocity indicator. 5. The computer implemented method of claim 1 , the authenticating the mobile device user further comprising: verifying, by the one or more computing devices, that the mobile device user owns the mobile device through a verification micro-service; sending, by the one or more computing devices, a message to the mobile device containing a one-time passcode; and receiving, by the one or more computing devices, a response from the mobile device containing the one-time passcode. 6. The computer implemented method of claim 1 , the authenticating the mobile device user further comprising: activating, by the one or more computing devices, a view-finder screen on the mobile device that allows the mobile device user to scan a barcode on a government identification; and sending, by the one or more computing devices, the barcode to a verification service that confirms the identity of the mobile device user. 7. The computer implemented method of claim 1 , the authenticating the mobile device user further comprising: determining, by the one or more computing devices, a location associated with the mobile device user; and comparing, by the one or more computing devices, the location to a list of past locations associated with the mobile device user to confirm the identity of the mobile device user. 8. The computer implemented method of claim 1 , the authenticating the mobile device user further comprising: receiving, by the one or more computing devices, biometric information in a response from the mobile device; and comparing, by the one or more computing devices, the biometric information to stored biometric information for the mobile device user to confirm the identity of the mobile device user. 9. The computer implemented method of claim 1 , the authenticating the mobile device user further comprising: sending, by the one or more computing devices, a security screen comprising a question for the mobile device user to answer; receiving, by the one or more computing devices, a response to the question; and comparing, by the one or more computing devices, the response to a stored response for the question to confirm the identity of the mobile device user. 10. The computer implemented method of claim 1 , the authenticating the mobile device user further comprising: receiving, by the one or more computing devices, a login and a password from the mobile device user; and verifying, by the one or more computing devices, the authenticity of the mobile device user with the login and the password. 11. A system, comprising: a memory configured to store operations; and at least one processor coupled to the memory and configured to: receive a request from a mobile device user on a mobile application on a mobile device to perform an action; determine a token level required by the action, wherein the token level is determined based on financial transactions performed in the past by the mobile device user; authenticate the mobile device user using an authentication method based on the token level; create an authorization token that associates the mobile device with the token level, wherein the authorization token remains in effect for a certain amount of time that varies based on the token level; send the authorization token to the mobile device; receive a second request from the mobile device user on the mobile application on the mobile device to perform a second action, wherein the second action invokes a service, wherein the second request comprises the authorization token and an identifier associated with an automated teller machine (ATM), and wherein the identifier is encoded in a matrixed identifier displayed on the ATM that the mobile device scans using a view-finder screen activated in the mobile application; cause the service to verify that the token level in the authorization token is sufficient to perform the second action and issue instructions to the ATM that cause the ATM to complete the second action; and cause the mobile application to display a confirmation screen indicating that the ATM completed the second action. 12. The system of claim 11 , wherein the second action is a cash withdrawal. 13. The system of claim 11 , the at least one processor further configured to: determine a second token level required by the second action; and authenticate the mobile device user using a secondary authentication method when the second token level is greater than the token level. 14. The system of claim 11 , wherein to authenticate the mobile device user the at least one processor is further configured to: verify that the mobile device user owns the mobile device through a verification micro-service; send a message to the mobile device contai

Assignees

Capital One Services Llc

Inventors

Classifications

G06Q20/1085Primary
involving automatic teller machines [ATMs] · CPC title
G06Q20/3276
using a pictured code, e.g. barcode or QR-code, being read by the M-device · CPC title
H04L63/0807
using tickets, e.g. Kerberos (cryptographic mechanisms or cryptographic arrangements for entity authentication using tickets or tokens H04L9/3213) · CPC title
H04W12/06Primary
Authentication · CPC title
G06Q20/3226
Use of secure elements separate from M-devices · CPC title

Patent family

Related publications grouped by family.

View patent family 75974451

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11023871B1 cover?: Disclosed herein are system, method, and computer program product embodiments for authenticating a mobile user via an authentication method determined based on a token level associated with the action being completed. An authentication token is created corresponding to the token level and the authentication token is sent to the mobile device. This authentication token may be used to authenticat…
Who is the assignee on this patent?: Capital One Services Llc
What technology area does this patent fall under?: Primary CPC classification G06Q20/1085. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Jun 01 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).

How to read this patent

Abstract

First claim

Assignees

Inventors

Classifications

Patent family

External sources

Related patents

Systems and methods for distributed currency management

Relative and dynamic multifactor authentication

System and method for cardless cash access

Automated banking machine with remote user assistance

Automated banking machine with remote user assistance

System and method for digital authentication

Service Channel Authentication Token

Frequently asked questions