Systems and methods for cross coupling risk analytics and one-time-passcodes
US-2020104474-A1 · Apr 2, 2020 · US
Multi-factor user authentication
US12093945B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12093945-B2 |
| Application number | US-202117554348-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 17, 2021 |
| Priority date | Dec 17, 2021 |
| Publication date | Sep 17, 2024 |
| Grant date | Sep 17, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A system for multi-factor user authentication for payment card-based transactions are described. The multifactor authentication may be based on a one-time passcode/password (OTP) as sent by an authentication server. A user device may, based on receiving the OTP, send an authentication code. The authentication code may be generated/determined based on the OTP. The authentication code may be augmented biometric identifier (ID) of a user associated with the user device. The authentication server may validate a transaction based on the authentication code.
First claim
Opening claim text (preview).
The invention claimed is: 1. An apparatus comprising: one or more processors; and memory storing instructions that, when executed by the one or more processors, cause the apparatus to: receive an authentication request for a user, wherein the authentication request comprises a user identifier associated with the user; determine, based on the user identifier, a user device associated with the user; send, to the user device, a one-time passcode (OTP); send, to the user device, a character mapping, associated with the user, for a dynamic digital keypad interface that maps user input characters to encoded characters, wherein: the dynamic digital keypad interface corresponds to a graphical user interface (GUI) comprising a plurality of buttons arranged in a grid, each button, of the plurality of buttons, represents a corresponding user input character, each button, of the plurality of buttons, is associated with a corresponding encoded character based on: the character mapping associated with the user, and a row and a column, in the grid, associated with the user input character, and the character mapping is periodically refreshed; after sending the OTP, receive an authentication code, wherein the authentication code is generated based on user input via the dynamic digital keypad interface; generate, based on the OTP and the character mapping associated with the user, a validation code; and based on comparing the validation code and the authentication code, send an authorization response indicating whether the authentication request is approved or declined. 2. The apparatus of claim 1 , wherein the authorization response indicates that the authentication request is approved based on the validation code matching the authentication code. 3. The apparatus of claim 1 , wherein the authorization response indicates that the authentication request is declined based on the validation code not matching the authentication code. 4. The apparatus of claim 1 , wherein the instructions, when executed by the one or more processors, cause the apparatus to send the OTP via at least one of: a short messaging service (SMS) message; or an electronic mail. 5. The apparatus of claim 1 , wherein the user device is a mobile communication device. 6. The apparatus of claim 1 , wherein the instructions, when executed by the one or more processors, cause the apparatus to: send the OTP via a first communication channel, and receive the authentication code via a second communication channel. 7. A method for multi-factor user authentication, the method comprising: receiving an authentication request for a user, wherein the authentication request comprises a user identifier associated with the user; determining, based on the user identifier, a user device associated with the user; sending, to the user device, a one-time passcode (OTP); sending, to the user device, a character mapping, associated with the user, for a dynamic digital keypad interface that maps user input characters to encoded characters, wherein: the dynamic digital keypad interface corresponds to a graphical user interface (GUI) comprising a plurality of buttons arranged in a grid, each button, of the plurality of buttons, represents a corresponding user input character, each button, of the plurality of buttons, is associated with a corresponding encoded character based on: the character mapping associated with the user, and a row and a column, in the grid, associated with the user input character, and the character mapping is periodically refreshed; after sending the OTP, receiving an authentication code, wherein the authentication code is generated based on user input via the dynamic digital keypad interface; generating, based on the OTP and the character mapping associated with the user, a validation code; and based on comparing the validation code and the authentication code, sending an authorization response indicating whether the authentication request is approved or declined. 8. The method of claim 7 , wherein the authorization response indicates that the authentication request is approved based on the validation code matching the authentication code. 9. The method of claim 7 , wherein the authorization response indicates that the authentication request is declined based on the validation code not matching the authentication code. 10. A non-transitory computer readable medium storing instructions that, when executed, cause an authentication platform to: receive an authentication request for a user, wherein the authentication request comprises a user identifier associated with the user; determine, based on the user identifier, a user device associated with the user; send, to the user device, a one-time passcode (OTP); send, to the user device, a character mapping, associated with the user, for a dynamic digital keypad interface that maps user input characters to encoded characters, wherein: the dynamic digital keypad interface corresponds to a graphical user interface (GUI) comprising a plurality of buttons arranged in a grid, each button, of the plurality of buttons, represents a corresponding user input character, each button, of the plurality of buttons, is associated with a corresponding encoded character based on: the character mapping associated with the user, and a row and a column, in the grid, associated with the user input character, and the character mapping is periodically refreshed; after sending the OTP, receive an authentication code, wherein the authentication code is generated based on user input via the dynamic digital keypad interface; generate, based on the OTP and the character mapping associated with the user, a validation code; and based on comparing the validation code and the authentication code, send an authorization response indicating whether the authentication request is approved or declined.
Assignees
Inventors
Classifications
- G06Q20/382Primary
insuring higher security of transaction · CPC title
Cancellation of a transaction · CPC title
involving fraud or risk level assessment in transaction processing · CPC title
using two different networks, one for transaction and one for security confirmation · CPC title
using cards, e.g. integrated circuit [IC] cards or magnetic cards · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12093945B2 cover?
- A system for multi-factor user authentication for payment card-based transactions are described. The multifactor authentication may be based on a one-time passcode/password (OTP) as sent by an authentication server. A user device may, based on receiving the OTP, send an authentication code. The authentication code may be generated/determined based on the OTP. The authentication code may be augm…
- Who is the assignee on this patent?
- Bank Of America
- What technology area does this patent fall under?
- Primary CPC classification G06Q20/382. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Sep 17 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).